Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-27 Thread Peter Jeremy
On 2008-Jun-27 22:59:56 +0200, Giulio Ferro <[EMAIL PROTECTED]> wrote: >Peter Jeremy wrote: >> The kernel should send out gratuitous ARP requests whenever you assign >> an address to an interface. You could confirm that this is happening >> by tcpdumping the interface whilst you add aliases. >>

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-27 Thread Giulio Ferro
Peter Jeremy wrote: On 2008-Jun-26 22:06:11 +0200, Giulio Ferro <[EMAIL PROTECTED]> wrote: I guess what I could do was to "poison" their arp cache for each address with a "is-at" message. Is there a way to force the sending of these messages for all the addresses of an interface? The k

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-27 Thread Steve Bertrand
Peter Jeremy wrote: On 2008-Jun-26 22:06:11 +0200, Giulio Ferro <[EMAIL PROTECTED]> wrote: I guess what I could do was to "poison" their arp cache for each address with a "is-at" message. Is there a way to force the sending of these messages for all the addresses of an interface? The kernel sh

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-27 Thread Peter Jeremy
On 2008-Jun-26 22:06:11 +0200, Giulio Ferro <[EMAIL PROTECTED]> wrote: > I guess what I could do was to "poison" their arp cache for each >address with a "is-at" message. Is there a way to force the sending >of these messages for all the addresses of an interface? The kernel should send out gratui

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-26 Thread Giulio Ferro
Steve Bertrand wrote: Thank you Giulio (is it Gio?) No, it's Giulio (english Julius) :-) For some reason when I plugged in the new firewall, only the base non-aliased address was updated in the ISP switch arp cache (if someone can throw a guess at why, I'm eager to listen). Well, you nee

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-25 Thread Steve Bertrand
Giulio Ferro wrote: I finally got the problem, and it had nothing to do either with vlans or with carp. The firewall I was setting up was meant to replace an existing freebsd firewall which didn't use vlans (it had a lot of nics). The problem was that the network port where our ISP brings the

SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

2008-06-25 Thread Giulio Ferro
I finally got the problem, and it had nothing to do either with vlans or with carp. The firewall I was setting up was meant to replace an existing freebsd firewall which didn't use vlans (it had a lot of nics). The problem was that the network port where our ISP brings the internet connection

Problem clarification (was: Problems with vlan + carp + alias)

2008-06-23 Thread Giulio Ferro
After some more tests I've finally realized that the problem is with vlan and alias. I've taken carp out of the picture. (Please read my previous message on the topic to understand the scenario, I've reported it below) Here is what matters in /etc/rc.conf: -