Darren Spruell wrote:
On Dec 29, 2007 2:59 PM, Aaron <[EMAIL PROTECTED]> wrote:
Otto Moerbeek wrote:
I think your problem will be solved if you assign an alias in the
192.168.3.0 net to fxp0 and an alias in the 192.168.247.0 net to fxp3.
Just like Henning already suggested.
Henning wrote:
that depends wether you "external" carp interface has numbered or
unnumbered parents.
if the parents ("carpdev") are unnumbered (no ipassigned),it is quite
normal. otherwise you have sth wrong.
I guess I'm missing something or I didn't understand what he means by (no
ipassigned).
All carp parents are numbered by the inverse of the definition he gave for
unnumbered,
because there are ip's assigned to all of the carpdev interfaces, just not with
the same
network as the carp interfaces. Is it required for the carp parents' ip
addresses
to be in the same network as the carp interfaces? I didn't see that anywhere
as a requirement.
The typical configuration is that the CARP interfaces will be assigned
addresses on the same IP subnet as the parent interfaces. I don't
believe that this is a requirement, per se, but it is hinted at in
ifconfig(8):
carpdev iface
If the driver is a carp(4) pseudo-device, attach it to iface. If
not specified, the kernel will attempt to select an interface
with a subnet matching that of the carp interface.
This configuration is the only way that makes sense to me; you don't
have to overlap subnets on the same Ethernet segment, you don't have
to fiddle with interface aliases, and if you need to reach the
"natural" IP addresses for the real (parent) interfaces, they're
routed and reachable the same as the CARP addresses.
Again, not knowing if this impacts your problem, but may be worth testing.
DS
I got rid of the aliases on the parent interfaces and made their
addresses part of the
carp network and things now seem to be working. This is great, and not
so great as
for my public address space, i'm losing another two addresses that i
have to give to
the firewall. :-(
Is this the way it was intended or have i bumped into some unfortunate
untested 'issue'?
I also added in my aliases on the external interface (two less aliases
now), with the
prescribed 255.255.255.255 netmask. All of my aliases now have only
their address as the
broadcast address. I realize this is right using a /32 netmask, but
will this affect
the workings of the network?
Thanks to all,
Aaron Martinez
