On Monday, April 25, 2016 11:12 CEST, Martin Pieuchot <m...@openbsd.org>
wrote:
> On 25/04/16(Mon) 10:47, Kim Zeitler wrote:
> > Hello Martin, hello Sebastian
> >
> > On 04/25/16 10:15, Martin Pieuchot wrote:
> > >On 25/04/16(Mon) 09:48, Sebastian Reitenbach wrote:
> > >>I'm trying to upgrade a HA carped firewall cluster to 5.9 but run into
> > >>issues.
> > >
> > >Which issues? After reading your whole email I still don't understand
> > >your problem(s). What does not work?
> > He is running a carp interface on top of a vlan interface. In this
scenario
> > the carp interface can not be pinged but the vlan interfaces can.
>
> Do you mean the CARP node does not answer to ping with a destination
> address on the carp(4) interfaces? Is it for MASTER, BACKUP or both?
I have the old node shutdown so that the cluster is only one node. with
advskew 100, but all carp interfaces in master.
I have
ix0 ---
\
trunk0 -- vlanXX (i.e. vlan90) -- carpXX (i.e. carp90)
/
ix1 ---
from there, I tried to ping the default
The routing table, now with the machine in BACKUP mode:
netstat -rn -f inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 172.16.99.2 GS 0 2 - 23
carp90
10.1.0/24 10.1.0.1 C 0 1666 - 4 carp8
10.1.0.1 00:00:5e:00:01:01 UHLl 0 1480 - 1 carp8
10.1.0.255 10.1.0.1 Hb 0 1704 - 1 carp8
10.10.0/24 10.10.0.1 C 0 120 - 4 carp7
10.10.0.1 00:00:5e:00:01:01 UHLl 0 68 - 1 carp7
10.10.0.255 10.10.0.1 Hb 0 1804 - 1 carp7
10.10.1/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.2/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.3/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.4/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.5/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.8/24 10.100.2.1 GS 0 0 - 23
carp901
10.10.9/24 10.100.2.1 GS 0 0 - 23
carp901
10.12.1/24 10.100.2.1 GS 0 0 - 23
carp901
10.12.3/24 10.100.2.1 GS 0 0 - 23
carp901
10.12.6/24 10.100.2.1 GS 0 0 - 23
carp901
10.13.1/24 10.100.2.1 GS 0 0 - 23
carp901
10.15.1/24 10.100.2.1 GS 0 0 - 23
carp901
10.20.30/24 10.100.2.1 GS 0 0 - 23
carp901
10.20.40/24 10.100.2.1 GS 0 0 - 23
carp901
10.20.50/24 10.100.2.1 GS 0 0 - 23
carp901
10.20.60/24 10.20.60.1 C 0 56 - 4 carp2
10.20.60.1 00:00:5e:00:01:01 UHLl 0 1 - 1 carp2
10.20.60.255 10.20.60.1 Hb 0 0 - 1 carp2
10.20.70/24 10.20.70.1 C 0 348 - 4 carp3
10.20.70.1 00:00:5e:00:01:01 UHLl 0 50 - 1 carp3
10.20.70.255 10.20.70.1 Hb 0 0 - 1 carp3
10.20.80/24 10.20.80.1 C 0 0 - 4 carp4
10.20.80.1 00:00:5e:00:01:01 UHLl 0 0 - 1 carp4
10.20.80.255 10.20.80.1 Hb 0 0 - 1 carp4
10.90/16 10.20.70.33 GS 0 0 - 23 carp3
10.91/16 10.20.70.33 GS 0 0 - 23 carp3
10.100.2/24 10.100.2.2 C 0 4016 - 4
carp901
10.100.2.2 00:00:5e:00:01:01 UHLl 0 24 - 1
carp901
10.100.2.255 10.100.2.2 Hb 0 0 - 1
carp901
10.100.3/24 10.100.2.1 GS 0 0 - 23
carp901
10.100.100/24 10.100.100.2 UC 0 0 - 4 axe0
10.100.100.2 00:60:6e:d5:a1:eb UHLl 0 0 - 1 axe0
10.100.100.255 10.100.100.2 UHb 0 0 - 1 axe0
10.103.204/24 192.168.253.1 GS 0 0 - 23
carp31
10.148.192/22 10.148.192.1 C 0 1630 - 4
carp11
10.148.192.1 00:00:5e:00:01:01 UHLl 0 329 - 1
carp11
10.148.195.255 10.148.192.1 Hb 0 0 - 1
carp11
10.148.224/23 10.148.224.1 C 0 112 - 4
carp10
10.148.224.1 00:00:5e:00:01:01 UHLl 0 4 - 1
carp10
10.148.225.255 10.148.224.1 Hb 0 0 - 1
carp10
10.148.242/23 10.148.242.3 UCP 0 628 - 4 vlan7
10.148.242/23 10.148.242.1 CP 0 0 - 4 carp7
10.148.242.1 00:00:5e:00:01:01 UHLl 0 54 - 1 carp7
10.148.242.3 90:e2:ba:2c:b5:08 UHLl 0 0 - 1 vlan7
10.148.243.255 10.148.242.3 UHPb 0 471 - 1 vlan7
10.148.243.255 10.148.242.1 HPb 0 0 - 1 carp7
10.148.244/22 10.148.244.1 C 0 15130 - 4
carp23
10.148.244.1 00:00:5e:00:01:01 UHLl 0 10708 - 1
carp23
10.148.247.255 10.148.244.1 Hb 0 0 - 1
carp23
10.148.252/22 10.148.252.3 UCP 0 1 - 4
vlan30
10.148.252/22 10.148.252.1 CP 0 0 - 4
carp30
10.148.252.1 00:00:5e:00:01:01 UHLl 0 0 - 1
carp30
10.148.252.3 90:e2:ba:2c:b5:08 UHLl 0 0 - 1
vlan30
10.148.255.255 10.148.252.3 UHPb 0 0 - 1
vlan30
10.148.255.255 10.148.252.1 HPb 0 0 - 1
carp30
127/8 127.0.0.1 UGRS 0 3 32768 8 lo0
127.0.0.1 127.0.0.1 UHl 1 1 32768 1 lo0
172.16.42.1 10.20.80.31 GHS 0 0 - 23 carp4
172.16.99/24 172.16.99.1 C 1 54 - 4
carp90
172.16.99.1 00:00:5e:00:01:01 UHLl 0 32 - 1
carp90
172.16.99.2 link#27 HLc 0 57 - 4
carp90
172.16.99.255 172.16.99.1 Hb 0 0 - 1
carp90
192.168.8/24 192.168.8.254 UCP 0 31901 - 4
vlan10
192.168.8/24 192.168.8.1 CP 0 0 - 4
carp10
192.168.8.1 00:00:5e:00:01:01 UHLl 0 278 - 1
carp10
192.168.8.254 90:e2:ba:2c:b5:08 UHLl 0 1 - 1
vlan10
192.168.8.255 192.168.8.254 UHPb 0 4668 - 1
vlan10
192.168.8.255 192.168.8.1 HPb 0 0 - 1
carp10
192.168.9/24 192.168.9.252 UCP 2 54767 - 4
trunk0
192.168.9/24 192.168.9.1 CP 0 0 - 4
carp11
192.168.9.1 00:00:5e:00:01:01 UHLl 1 667 - 1
carp11
192.168.9.14 00:16:3e:4d:5d:f7 UHLc 1 54617 - 4
trunk0
192.168.9.16 00:16:df:44:3b:34 UHLc 0 9245 - 4
trunk0
192.168.9.252 90:e2:ba:2c:b5:08 UHLl 0 2859 - 1
trunk0
192.168.9.255 192.168.9.252 UHPb 0 2175 - 1
trunk0
192.168.9.255 192.168.9.1 HPb 0 0 - 1
carp11
192.168.12/24 192.168.12.1 C 0 6 - 4
carp23
192.168.12.1 00:00:5e:00:01:01 UHLl 0 4 - 1
carp23
192.168.12.255 192.168.12.1 Hb 0 0 - 1
carp23
192.168.13/24 192.168.13.1 C 0 3458 - 4
carp17
192.168.13.1 00:00:5e:00:01:01 UHLl 0 425 - 1
carp17
192.168.13.255 192.168.13.1 Hb 0 458 - 1
carp17
192.168.14/24 192.168.14.1 C 0 210 - 4
carp24
192.168.14.1 00:00:5e:00:01:01 UHLl 0 192 - 1
carp24
192.168.14.255 192.168.14.1 Hb 0 0 - 1
carp24
192.168.15/24 192.168.15.1 C 0 42860 - 4
carp25
192.168.15.1 00:00:5e:00:01:01 UHLl 0 1756 - 1
carp25
192.168.15.6 192.168.253.1 GHS 0 0 - 23
carp31
192.168.15.255 192.168.15.1 Hb 0 3934 - 1
carp25
192.168.20/22 192.168.20.1 C 0 23298 - 4
carp30
192.168.20.1 00:00:5e:00:01:01 UHLl 0 7311 - 1
carp30
192.168.23.255 192.168.20.1 Hb 0 73460 - 1
carp30
192.168.50/24 192.168.50.1 C 0 4272 - 4
carp44
192.168.50.1 00:00:5e:00:01:01 UHLl 0 14 - 1
carp44
192.168.50.255 192.168.50.1 Hb 0 0 - 1
carp44
192.168.51/24 192.168.51.1 C 0 3104 - 4
carp45
192.168.51.1 00:00:5e:00:01:01 UHLl 0 1393 - 1
carp45
192.168.51.255 192.168.51.1 Hb 0 0 - 1
carp45
192.168.100/22 192.168.100.1 C 0 159212 - 4
carp18
192.168.100.1 00:00:5e:00:01:01 UHLl 0 945 - 1
carp18
192.168.103.255 192.168.100.1 Hb 0 5744 - 1
carp18
192.168.110/24 192.168.110.1 C 0 0 - 4
carp19
192.168.110.1 00:00:5e:00:01:01 UHLl 0 0 - 1
carp19
192.168.110.255 192.168.110.1 Hb 0 0 - 1
carp19
192.168.253/24 192.168.253.2 C 0 18 - 4
carp31
192.168.253.2 00:00:5e:00:01:01 UHLl 0 9 - 1
carp31
192.168.253.255 192.168.253.2 Hb 0 0 - 1
carp31
224/4 127.0.0.1 URS 0 489428 32768 8 lo0
>
> > I described a similar issue here
> > https://www.mail-archive.com/misc@openbsd.org/msg146230.html but sadly
had
> > no replies yet
>
> How do your routing table looks like?
I may get a chance tomorrow morning again to run tcpdump on that interface
to see what ping is doing.
Sebastian
>
> > Currently I am upgrading my cluster to the latest snapshot to see if
there
> > is any change.
>
> There won't be no change.
