My doubt persists,
from FAQ
"To failover a particular CARP group, shut down the carp(4) interface on
the master node ......
I think that if execute ifconfig carp0 down, all carps would be moved ,
because default carp group is carp
2012/10/31 R0me0 *** <knight....@gmail.com>
> I tried this: ifconfig -g carp carpdemote 50 , and all carps are moved to
> another node
> :) that is
>
> sorry
>
>
> 2012/10/31 R0me0 *** <knight....@gmail.com>
>
>> Hello misc,
>> I' ve a simple setup to test carp
>>
>> my setup is follow:
>>
>> -> Frw A
>>
>> # cat /etc/hostname.carp0
>> inet 192.168.28.128 255.255.255.0 192.168.28.255 vhid 1 carpdev vic0 pass
>> secret
>>
>> # cat /etc/hostname.vic0
>> up
>>
>> # cat /etc/hostname.carp1
>> inet 192.168.12.130 255.255.255.0 192.168.12.255 vhid 2 carpdev vic1 pass
>> othersecret
>>
>> # cat /etc/hostname.vic1
>> up
>>
>> # cat /etc/hostname.pfsync0
>>
>>
>> up syncdev vlan13
>>
>> # cat /etc/hostname.vlan13
>>
>>
>> inet 10.20.30.1 255.255.255.252 10.20.30.255 vlan 13 vlandev vic1
>>
>> -> Frw B
>>
>> # cat /etc/hostname.carp0
>>
>>
>> inet 192.168.28.128 255.255.255.0 192.168.28.255 vhid 1 carpdev vic0 pass
>> secret advskew 100
>>
>> # cat /etc/hostname.vic0
>> up
>>
>> # cat /etc/hostname.carp1
>> inet 192.168.12.130 255.255.255.0 192.168.12.255 vhid 2 carpdev vic1 pass
>> othersecret advskew 100
>>
>> # cat /etc/hostname.vic1
>> up
>>
>> # cat /etc/hostname.pfsync0
>>
>>
>> up syncdev vlan13
>>
>> # cat /etc/hostname.vlan13
>>
>>
>> inet 10.20.30.2 255.255.255.252 10.20.30.255 vlan 13 vlandev vic1
>>
>> net.inet.carp.preempt=1 on both nodes
>>
>>
>> pf.conf ( equal on both frw's )
>>
>> # cat /etc/pf.conf
>>
>>
>> ext_if = "vic0"
>>
>>
>> int_if = "vic1"
>>
>>
>> pfsync_if = "vlan13"
>>
>>
>>
>>
>>
>> set skip on lo
>>
>>
>>
>>
>>
>> match out on $ext_if from 192.168.12.0/24 nat-to (carp0)
>>
>>
>>
>>
>>
>> # Carp and Pfsync
>>
>>
>> pass log quick on $pfsync_if proto pfsync keep state (no-sync)
>>
>>
>> pass in log quick on {vic0 vic1} proto carp keep state (no-sync)
>>
>>
>>
>>
>>
>> block log all
>>
>> pass in log (to pflog1) quick on { vic0 vic1 } inet proto tcp to port 22
>> keep state (no-sync)
>> pass in quick on $int_if from 192.168.12.0/24
>> pass out
>>
>>
>> Tests:
>>
>> ifconfig carp0 down or ifconfig advskew100
>> on MASTER node
>>
>> Only carp0 is transfered to another node
>>
>> But if executed ifconfig vic0 down
>>
>> All carp nodes ( carp0 and carp1 ) are transferred to another node as
>> expected
>>
>> I tried this setup on real machines and the results are the same.
>>
>> My doubt,
>> To do maintenance on master node, i will need execute : ifconfig advskew
>> 128 on both carp interfaces ?
>> Which the better pratice to move all carp groups to another node ?
>>
>> I will appreciate the sugestions of misc
>>
>> Regards,
