Hi I'm not sure about carp supporting addresses in other subnets than the physical one. But to debug this further: - what does tcpdump -e -n -i xennet1 show on the routers when you ping the virtual interface from outside the lan? - is the route for the egress path the same as for the ingress path (i.e. does the route back to the accessing device point out over the same interface (xennet1) that the packets come in on)? - maybe your next hop router does not receive the virtual mac address. check the arp table on the next hop router. - what is the error message when pinging from the outside and who generates it?
krgds /markus david l goodrich wrote: > I'm sorry to bring this up again, since it didn't get any responses the > first time. > > But I haven't had any luck on my own, and was hoping someone might have an > idea. > > > On 4/9/07, david l goodrich <[EMAIL PROTECTED]> wrote: >> I have two hosts in a CARP group. >> >> on router-meus-cd1, i have the following network configuration: >> >> router-meus-cd1# ifconfig xennet1 >> xennet1: >> flags=8963<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu >> 1500 >> capabilities=2800<TCP4CSUM_Tx,UDP4CSUM_Tx> >> enabled=0 >> address: 00:16:3e:71:ef:6f >> inet 10.10.10.2 netmask 0xffffff00 broadcast 10.10.10.255 >> inet6 fe80::216:3eff:fe71:ef6f%xennet1 prefixlen 64 scopeid 0x4 >> router-meus-cd1# ifconfig carp216 >> carp216: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 >> carp: MASTER carpdev xennet1 vhid 216 advbase 1 advskew 0 >> address: 00:00:5e:00:01:d8 >> inet 216.51.247.30 netmask 0xfffffff8 broadcast 216.51.247.31 >> router-meus-cd1# >> >> on router-meus-cn1, i have a similar configuration: >> >> router-meus-cn1# ifconfig xennet1 >> xennet1: >> flags=8963<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu >> 1500 >> capabilities=2800<TCP4CSUM_Tx,UDP4CSUM_Tx> >> enabled=0 >> address: 00:16:3e:04:d3:e0 >> inet 10.10.10.1 netmask 0xffffff00 broadcast 10.10.10.255 >> inet6 fe80::216:3eff:fe04:d3e0%xennet1 prefixlen 64 scopeid 0x4 >> router-meus-cn1# ifconfig carp216 >> carp216: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 >> carp: BACKUP carpdev xennet1 vhid 216 advbase 1 advskew >> 0216.51.247.30 >> >> address: 00:00:5e:00:01:d8 >> inet 216.51.247.30 netmask 0xfffffff8 broadcast 216.51.247.31 >> router-meus-cn1# >> >> >> The default route, nameservers, etc are all set correctly. >> >> CARP works great on the 216.51.247.24/29 subnet, from any machine on that >> subnet I can ping 216.51.247.30. >> >> When I get outside the subnet, I can't ping the address or ssh to it. >> >> Does anyone have some insight into why this is happening? >> >> Thanks >> --david
