Exciting stuff; totally missed the log sysctl.
The netstat(8) reveals some interesting info about a persistent failover
condition:
$ netstat -sp carp
carp:
7731906 packets received (IPv4)
0 packets received (IPv6)
0 packets discarded for bad interface
0 packets discarded for wrong TTL
0 packets shorter than header
0 discarded for bad checksums
0 discarded packets with a bad version
0 discarded because packet too short
0 discarded for bad authentication
0 discarded for bad vhid
0 discarded because of a bad address list
118961 packets sent (IPv4)
0 packets sent (IPv6)
** 152 send failed due to mbuf memory error
But yet:
$ netstat -m
[...snip...]
290/558/6144 mbuf clusters in use (current/peak/max)
1224 Kbytes allocated to network (53% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
Which is interesting because an identical backup unit does not exhibit
these errors at all, even when running as MASTER for weeks at end.
MBuf isn't getting exhausted; MRTG does show interfaces getting staturated
either. The machine has an absurd ammount of RAM for a Router, too.
Also interesting how it is printed out, as well, as if it is under the
IPv6 statistics; however these systems have a userland and kernel compiled
without IPv6 support.
But since this is 3.7-era code, it's hard to imagine troubleshooting this
further. Certainly a 4x upgrade is in order before I go chasing down an
mbuf exhaustion problem.
This is most likely related somehow to the absurdley high number of max
states (set limit states 200000, etc.)
~BAS
On Wed, 11 Oct 2006, Ryan McBride wrote:
On Tue, Oct 10, 2006 at 05:50:50PM -0400, Brian A. Seklecki wrote:
Certainly a way to log events (interfaces, etc.) and the resulting actions
taken by the code would be useful in mission critical environments.
Anything beats "tcpdump 'proto carp'" and making guesses from there.
Nothing new to 4.0, but a few of the things you can do besides using
tcpdump are:
route monitor
- see interface link state change
sysctl net.inet.carp.log=1
- generates primarily protocol error messages
netstat -sp carp
- display a number of relevant counters
If you want to do more complicated things, like run commands when carp
interfaces change state, you can have a look at ifstated.
-Ryan
l8*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
http://www.spiritual-machines.org/
"...from back in the heady days when "helpdesk" meant nothing, "diskquota"
meant everything, and lives could be bought and sold for a couple of pages
of laser printout - and frequently were."