CARP over VLAN over LAGG

Julien Cigar julien at perdition.city
Mon Aug 31 08:37:16 UTC 2020 

On Fri, Aug 28, 2020 at 04:52:01PM +0200, Julien Cigar wrote:
> Hello,
> 
> I have a "highly available" router/firewall with the following
> configuration (1). Those are plugged in two 2930F (with VSF) using LACP.
> It works well, except that I have some weird issues with the CARP 
> demotion counter when I'm unplugging some interfaces involved in the 
> lagg/carp setup, for example if I unplug/replug igb0 and igb1 in this 
> case:
> 
> (dmesg):
> igb0: link state changed to DOWN
> igb1: link state changed to DOWN
> carp: demoted by 240 to 240 (send error 50 on vlan11)
> carp: 11 at vlan11: MASTER -> BACKUP (more frequent advertisement received)
> vlan11: deletion failed: 3
> igb1: link state changed to UP
> igb0: link state changed to UP
> 
> then the CARP status stays to BACKUP unless I demote the CARP demotion
> counter manually with: sudo sysctl net.inet.carp.demotion=-240:
> 
> (dmesg):
> carp: demoted by -240 to 0 (sysctl)
> carp: 11 at vlan11: BACKUP -> MASTER (preempting a slower master)
> 
> I guess this is because it takes some time for lagg/lacp to converge and
> thus carp thinks that there is a problematic condition as it experiences
> problems with sending announcements..
> 
> What it the best way to handle this?

I'm wondering if setting net.inet.carp.senderr_demotion_factor to "0"
could be a solution? Are there any downsides of setting this to "0"
instead of "240"?

> 
> Thanks,
> Julien
> 
> (1) https://gist.github.com/silenius/577606b596ff1d220bbfd9956d05baef
> 
> -- 
> Julien Cigar
> Belgian Biodiversity Platform (http://www.biodiversity.be)
> PGP fingerprint: EEF9 F697 4B68 D275 7B11  6A25 B2BB 3710 A204 23C0
> No trees were killed in the creation of this message.
> However, many electrons were terribly inconvenienced.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"

-- 
Julien Cigar
Belgian Biodiversity Platform (http://www.biodiversity.be)
PGP fingerprint: EEF9 F697 4B68 D275 7B11  6A25 B2BB 3710 A204 23C0
No trees were killed in the creation of this message.
However, many electrons were terribly inconvenienced.

More information about the freebsd-net mailing list