On Sun, Jan 01, 2006 at 10:52:43PM +0000, Karl O. Pinc wrote:
> On 01/01/2006 03:09:03 PM, Marco Pfatschbacher wrote:
> >On Sun, Jan 01, 2006 at 12:28:42AM +0000, Karl O. Pinc wrote:
> >[...]
> >> Suppose I have 2 firewalls, one failing over to the
> >> other with carp. (net.inet.carp.preempt=1 on
> >> both firewalls.) Each has 3 interfaces, internet,
> >> lan, and dmz. The dmz has, say, a webserver.
> >> Now to connect the 2 firewalls to the webserver
> >> an additional switch/hub is required in the physical
> >> topology.
> >>
> >[...]
> >> If the dmz interfaces go down, then does this
> >> not shut off all the carp interfaces on both
> >> firewalls as a group, turning off the parts
> >> of both firewalls that are still functioning?
> >[...]
> [...]
> >In your scenario, both firewalls would chage their advskew to 240.
> >But a takeover only happens if one has a lower advskew, not if they
> >are equal. Therefore you should be just fine.
>
> So then what happens next when, say, the internet interface
> goes down on just the master firewall? Even though the backup has
> two working interfaces and the master only one, the advskew
> everywhere is already at 240 and the backup will not
> become the master. Right? (Seems like when
> net.inet.carp.preempt=1 the advskew should keep going
> up as more interfaces go down.)
Although it's rather hypothetical to have two broken switches
at the same time, your assumptions are correct.
The backup will not take over.
Actually I already have a diff that solves this issue.
If you're following -current and like to test it, drop me a line.
Marco
