On Thu, 20 Apr 2006, Lars Weste wrote:
> Hi,
>
> yes, i am running 3.8 -stable, and the backup has a higher advbase than
err, for preemption to work, the advskew should be higher on the backup.
At least, that is what carp(4) says.
-Otto
> the master. Nevertheless, my problem doesn't seem to be the vlan
> interface itself, it is just a general problem keep the interfaces in
> sync, as ryan describes here:
>
> http://www.countersiege.com/doc/ifstated/
>
> so I am wondering whether I have to use ifstated, and to check all
> interfaces, or whether there is some new feature, that will do the trick.
>
> lars
>
> > --- Urspr|ngliche Nachricht ---
> > Von: Marco Pfatschbacher <[EMAIL PROTECTED]>
> > An: Lars Weste <[EMAIL PROTECTED]>
> > Kopie: misc@openbsd.org
> > Betreff: Re: problems with carp and vlans
> > Datum: Thu, 20 Apr 2006 15:01:30 +0200
> >
> > Hi,
> >
> > did you remember to configure the backup machine
> > with a higher advskew / advbase?
> > Are you running -stable?
> >
> > I'm not aware of any other problems in 3.8 that might cause this.
> >
> > On Wed, Apr 19, 2006 at 08:59:01AM +0200, Lars Weste wrote:
> > > Hi,
> > >
> > > I have some problems with carp and vlans, at least I think so.
> > > I found this:
> > > http://archives.neohapsis.com/archives/openbsd/cvs/2005-04/0996.html
> > > so my assumption may be wrong, as I use openbsd 3.8.
> > >
> > > I have four physical
> > > interfaces in my two firewalls, one for pfsync, one to the Internet,
> DMZ
> > > and LAN. At the LAN interface seven VLAN interfaces are configured.
> The
> > > Internet and DMZ interfaces are on em(4) and the pfsync and LAN vlans
> on
> > > a bge(4) interface.
> > >
> > > When I remove one of the Internet or DMZ cables, all Interfaces on
> both
> > > firewalls behave as expected, the Interface where the cable is
> removed,
> > > goes to state INIT, the others become backup. When I do this with the
> > LAN
> > > interface, then all carp interfaces for the seven vlans go to master
> > > state, but the two remaining carp interfaces for the Internet and DMZ
> > > stay in backup mode.
> > >
> > > my configuration on both hosts:
> > > net.inet.carp.preempt=1
> > > net.inet.carp.allow=1
> > > net.inet.carp.arpbalance=0
> > >
> > >
> > > hostname.carp0
> > > !ifconfig em0 up
> > > vhid 1 carpdev em0 172.16.0.1 172.16.0.255 netmask 255.255.255.0 up
> > >
> > > hostname.carp1
> > > !ifconfig em1 up
> > > vhid 1 carpdev em1 172.16.1.1 172.16.1.255 netmask 255.255.255.0 up
> > >
> > >
> > > hostname.carp2
> > > !ifconfig bge0 up
> > > !ifconfig vlan0 create
> > > !ifconfig vlan0 vlan 3 vlandev bge0 up
> > > vhid 1 carpdev vlan0 192.168.0.1 192.168.1.255 netmask 255.255.254.0
> up
> > >
> > > hostname.carp3 up to hostname.carp9 (only the vlan interface numbers
> and
> > > ip addresses are different)
> > > !ifconfig vlan1 create
> > > !ifconfig vlan1 vlan 4 vlandev bge0 up
> > > vhid 1 carpdev vlan0 192.168.2.1 192.168.3.255 netmask 255.255.254.0
> up
> > >
> > >
> > > I also tried to use the em interfaces for the vlan devices, with the
> > same
> > > result, the interfaces do not stay in sync. assume the following: i
> > > remove a cable from the backup host from the carp interfaces, doesn't
> > > matter which one. The carp interface goes into init state, then i
> plug
> > it
> > > back in, and the interface goes into backup state. but with a chance
> of
> > > about 1 of 5 the interface changes its state from backup to master,
> but
> > > the other interfaces stay in backup mode. The second host has all
> > > interfaces as master but the one as backup where at the first host
> the
> > > corresponding interface is in master mode.
> > >
> > >
> > > I also tried with different vhid's on all interfaces, but with no
> > > different results. Anybody knows how to keep the carp interfaces on
> the
> > > vlan devices in same state with the carp interfaces bound to the
> > physical
> > > interfaces? Any hint would be greatly appreciated.
> > >
> > >
> > > lars
> > >
> > > --
> > > Echte DSL-Flatrate dauerhaft f|r 0,- Euro*!
> > > "Feel free" mit GMX DSL! http://www.gmx.net/de/go/dsl
> > >
> >
>
> --
> Analog-/ISDN-Nutzer sparen mit GMX SmartSurfer bis zu 70%!
> Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
