Re: carp + 5.1/5.2 woes [PARTIALLY SOLVED]
Hi, I have just discovered that I made a configuration error that had resulted in the undesired, but correct, carp behaviour for IPv4. Ie, OpenBSD operates as desired for this case. That leaves these questions open: On Wed, Jan 02, 2013 at 01:39:25PM +0100, Toni Mueller wrote: > I also have trouble taking carp2 down and up again, like in "ifconfig > carp2 down; ifconfig carp2 up". The result is that carp2 does no longer > respond to any packets sent to 3ffe:3ffe::1. Sending to the IPv6 address > bound to em0 continues to work like a charm, though. Saying "ifconfig > carp2 destroy; sh /etc/netstart carp2" - which I thought would re-create > the carp2 pseudy-device from scratch, does also not work, but elicits > the following error message from the kernel: > > /bsd: in6_ifloop_request: ADD operation failed for 3ffe:3ffe::0001 (errno=17) > > > There are error messages related to duplicate IPv6 addresses, mentioning > the link-local auto-generated IPv6 address, which is the same for all > carp interfaces, eg: > > /bsd: nd6_na_input: duplicate IP6 address fe80:0008::0200:5eff:fe00:0102 > > Touring the logs, I also find related error messages that I could not > yet make sense of: > > /bsd: arpresolve: 10.0.0.1: route without link local address I would still be glad to find that I simply configured junk, instead of running into real bugs... Kind regards, --Toni++
Re: carp + 5.1/5.2 woes [PARTIALLY SOLVED]
On 2013-01-02, Toni Mueller wrote: > Hi, > > > I have just discovered that I made a configuration error that had > resulted in the undesired, but correct, carp behaviour for IPv4. Ie, > OpenBSD operates as desired for this case. Ah good :) > That leaves these questions open: > > On Wed, Jan 02, 2013 at 01:39:25PM +0100, Toni Mueller wrote: >> I also have trouble taking carp2 down and up again, like in "ifconfig >> carp2 down; ifconfig carp2 up". The result is that carp2 does no longer >> respond to any packets sent to 3ffe:3ffe::1. Sending to the IPv6 address >> bound to em0 continues to work like a charm, though. Saying "ifconfig >> carp2 destroy; sh /etc/netstart carp2" - which I thought would re-create >> the carp2 pseudy-device from scratch, does also not work, but elicits >> the following error message from the kernel: >> >> /bsd: in6_ifloop_request: ADD operation failed for 3ffe:3ffe::0001 (errno=17) 17 is EEXIST - see errno(2) for a list of these - there's probably a loopback route hanging around after destroying the interface, check in netstat -rnfinet6, you could try deleting it.. >> There are error messages related to duplicate IPv6 addresses, mentioning >> the link-local auto-generated IPv6 address, which is the same for all >> carp interfaces, eg: >> >> /bsd: nd6_na_input: duplicate IP6 address fe80:0008::0200:5eff:fe00:0102 Yes, that happens ;) >> Touring the logs, I also find related error messages that I could not >> yet make sense of: >> >> /bsd: arpresolve: 10.0.0.1: route without link local address I've seen this before, I think it was on a router with a (non-/32) address on both the parent interface and the carp interface, though I have a few routers doing exactly that which don't see it.. (Normally it's recommended to use /32 on the carp interface, but that's not going to work if you are announcing it into ospf). Someone tracked down another situation where this can happen, http://marc.info/?l=openbsd-misc&m=121455393316796&w=2
Re: carp + 5.1/5.2 woes [PARTIALLY SOLVED]
Hi, thanks for the insight. On Thu, Jan 03, 2013 at 01:37:38AM +, Stuart Henderson wrote: > On 2013-01-02, Toni Mueller wrote: > >> /bsd: in6_ifloop_request: ADD operation failed for 3ffe:3ffe::0001 > >> (errno=17) > > 17 is EEXIST - see errno(2) for a list of these - there's probably > a loopback route hanging around after destroying the interface, > check in netstat -rnfinet6, you could try deleting it.. this happens exactly the moment when the carp interface that has an IPv4 address assigned to it, goes into BACKUP state. > >> /bsd: nd6_na_input: duplicate IP6 address fe80:0008::0200:5eff:fe00:0102 > Yes, that happens ;) I can I ignore these, and/or can I safely remove the link-local addresses that seem to be lifted from the physical CARP device? > >> /bsd: arpresolve: 10.0.0.1: route without link local address > > I've seen this before, I think it was on a router with a (non-/32) > address on both the parent interface and the carp interface, though > I have a few routers doing exactly that which don't see it.. > (Normally it's recommended to use /32 on the carp interface, but > that's not going to work if you are announcing it into ospf). Ok. I do not use OSPF (only BGP), so I set all interfaces to IP address/ netmask of the connected network (eg. "32" for the IPv6 network). > Someone tracked down another situation where this can happen, > http://marc.info/?l=openbsd-misc&m=121455393316796&w=2 I therefore would expect the problem to show up for the IPv6-only CARP interface (ie, carp2) after that went down and refused to come up again, until the next reboot. But the error message specified the IPv4 address for a carp interface that is actually there, up, and *should* be working. Is this a known problem, or is it just me, that CARP interfaces come up only once? Kind regards, --Toni++
