Summary: devd unnecessarily reconfigures carp interfaces, and "/etc/rc.d/netif start carp0" loses the advskew setting when an IP assigned to carp0 is configured on gif0. This is probably two separate bugs.
I've got a pair of 7.1/amd64 boxen acting as load-balancers in a CARP failover pair. One has advskew 0, the other advskew 100, so that the first one is preferred. I also have configured a gif(4) interface on each to tunnel between two private networks at different sites. Both the public and private IP on gif0 are assigned to carp0, and connections through this tunnel fail over as expected. Life is good, except for the following annoyances: The problem is that if I configure gif0 in rc.conf, the "slave" (configured advskew 100) comes up with advskew 0 instead, and becomes the carp0 master on boot about 50% of the time. If, however, I comment out the configuration for gif0 in rc.conf and then run the ifconfig and route commands for plumbing gif0 after the box is up, carp0 has advskew 100 as expected. Also, if I use IPs that are unique to that box for gif0 (and not configured on a carp interface), carp0 is configured properly with advskew 100. Of course, in this case the tunnel doesn't fail over. However, I discovered the problem goes deeper than this. After enabling rc_debug and watching the console scrollback, I discovered that carp0 was initially configured correctly by rc.d/netif, and then after devd started, it called the (misnamed) pccard_ether script on interfaces it thinks aren't "up", which includes carp0. pccard_ether in turn calls "rc.d/netif start carp0". Besides needless reconfiguring carp0 (and doing so incorrectly when the gif issue is in play), this also calls "rc.d/routing static" again which then complains about the routes already existing. I solved the devd issue by telling it to ignore carp attach events, by installing the following as /usr/local/etc/devd/carp.conf: ==== # don't have devd call network_start on carp0; for some reason this # loses the advskew setting (besides being entirely superfluous). notify 100 { match "system" "IFNET"; match "subsystem" "carp[0-9]+"; match "type" "ATTACH"; action "echo devd called on $subsystem, type $type"; }; ==== The second bug is that "rc.d/netif start carp0" always brings it up with advskew 0 when a carp IP is assigned to gif0, regardless of the ifconfig_carp0 setting in rc.conf. If, however, I do "rc.d/netif stop" and then "rc.d/netif start" (with no interface specified, and of course from the console), carp0 is brought up with the correct advskew setting. So then... should I file one or two bugs for this? Assuming I'm not missing something, both of these issues seem to be incorrect behavior. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"