RELENG_5 and carp patches - Status

Bruno Afonso brunomiguel at dequim.ist.utl.pt
Wed Sep 15 19:31:05 PDT 2004 

I've forgotten to say one thing. I had to add the carp definition to
/etc/protocols. In reality, I renamed "vrrp" to "carp" after looking at
openbsd's /etc/protocols. So, it's missing in the patch too.


Max Laier wrote:
> On Wednesday 15 September 2004 19:33, Bruno Afonso wrote:
> 
>>=> WORKS:
>>
>>I've set carp0 and carp1 with the ips my NAT box uses and it's working
>>flawlessly up until now (some hours). I have yet to set the backup box
>>as it's really really old and I'm waiting for it to compile world and
>>kernel... :)
>>
>>I will try failover in the next days.
>>
>>
>>=> DOES NOT WORK:
>>
>>ifconfig pfsync syncif <interface> does not work
>>carp-testing-box# ifconfig pfsync0 up syncif fxp0
>>ifconfig: syncif: bad value
> 
> 
> Ugh ... this got completely forgotten. Check the patch at: 
> http://people.freebsd.org/~mlaier/ifconfig.pfsync.patch (hope it still 
> applies) it will certainly cause rejects with the carp-ifconfig ...

Seems to apply cleanly. You have to cd /usr/src/sbin/ifconfig before
"patch -p0 < " though.
I can now do "ifconfig pfsync0 up syncif <interface>" without any error.


>>accessing carp'ed IP address does not work
>>carp-testing-box# ping IP
>>PING IP (IP): 56 data bytes
>>ping: sendto: Operation not permitted
> 
> 
> EPERM is clearly a problem of your firewalling rules on the box that is trying 
> to ping.

Doh! Damn home made script to generate the pf conf file... :-)
I needed to open carp0 from (carp0) to (carp0). Another interesting
aspect is that traffic originating from the machine come from the
non-carp ips. :-)


>>I also get "arp_rtrequest: bad gateway IP (!AF_LINK)" in /var/log/messages.
> 
> 
> This described in: http://people.freebsd.org/~mlaier/CARP/README and it's not 
> a problem only a bit distrubing.

Ye, doesn't bother.


> hmmm ... looks like netstat has been built with different headers as the 
> kernel. Try make installincludes and rebuild+install netstat.

Did it. Same error(s). I'm gonna recompile world and kernel just for the
sake of it. :-) and rm -rf /usr/obj.

BA
-- 
Bruno Afonso
http://dequim.ist.utl.pt/~bruno/sciTocs/ - Bruno's SciTocs!
http://freebsd-pt.org/forum/ - Portuguese FreeBSD forum

More information about the freebsd-pf mailing list