On Tue, Jul 26, 2011 at 10:00:48AM +0200, Marcus M|lb|sch wrote:
> Hello all,
>
> Since I added another physical and carp interface to our firewalls, I
> get strange error messages, and strange behaviour for carp failover.
>
>> Jul 25 15:00:03 fw2 /bsd: carp32: ip_output failed: 64
>> Jul 25 15:00:03 fw2 /bsd: carp34: ip_output failed: 64
>> Jul 25 15:00:03 fw2 /bsd: carp40: ip_output failed: 64
>> Jul 25 15:00:03 fw2 /bsd: carp5: ip_output failed: 64
>> Jul 25 15:00:03 fw2 /bsd: carp11: ip_output failed: 64
>> Jul 25 15:00:03 fw2 /bsd: carp31: ip_output failed: 64
>> Jul 25 15:00:04 fw2 /bsd: carp: carp31 demoted group carp by 1 to 2\
>> (> snderrors)
>
> I'm pretty sure that I had no of that "64" errors before I added
> "carp 40" - the old logfiles show none (though I have only those from a
> few days).
>
> I googled for the error but didn't find anything helpful.
man errno:
64 EHOSTDOWN Host is down. A socket operation failed because the desti-
nation host was down.
> Any quick pointers what may be going wrong?
My first guess would've been that pf(4) is blocking the outgoing carp
advertisements. But a quick glance at the code indicates that only
returns 65 (EHOSTUNREACH).
It could be a reject route blocking your advertisements.
Can you show us the output of netstat -rn ?
