Hi misc, I've been thinking about this for a while but can't seem to figure out a proper solution. Perhaps you have seen an scenario like this before and have ideas on how to tackle it.
I have two OpenBSD 4.4 boxes configured in active/backup CARP, connected to an ADSL router. I want to reconfigure the ADSL router an turn it into a bridge. This way, my public IP address will move from the ADSL router into the CARP interface and will be shared by both OpenBSD machines. The ADSL router has a built-in hub where both OpenBSD machines are plugged into. While the machine whose CARP interface is in ACTIVE won't have problems sending and processing traffic, the OpenBSD machine whose CARP interface is in BACKUP will. The machine whose CARP interface is in BACKUP will be able to send traffic to the Internet from its public IP address, but will not be able to process any response, for example to contact a NTP server: the UDP response from the NTP server will arrive at both OpenBSD machines (since both are sharing the public IP address), but the machine whose CARP interface is BACKUP will likely ignore the NTP response. For TCP is also very similar. I have no idea how to deploy an scenario like this, while allowing the machine whose CARP interface is in BACKUP to access the Internet. A workaround is having the machine whose CARP interface is in BACKUP have a default route installed pointing to the machine whose CARP interface is ACTIVE. The problem is the setup is more complex and requires a way of dynamically adjusting the default route. A possible solution is using ifstated(8). Is it possible to use OSPF instead? Thanks in advance! -- http://www.felipe-alfaro.org/blog/disclaimer/
