Re: VLAN + CARP ?

On Mon, Feb 27, 2017 at 03:37:14PM -0800, Freddie Cash wrote: > On Mon, Feb 27, 2017 at 3:16 PM, Julien Cigar wrote: > > > > I wondered if it is possible to use CARP with VLAN interfaces? > > > > ​Yes, CARP-over-vLAN works well. Used just such a setup at work for a >

Re: VLAN + CARP ?

On Mon, Feb 27, 2017 at 3:16 PM, Julien Cigar wrote: > I wondered if it is possible to use CARP with VLAN interfaces? > ​Yes, CARP-over-vLAN works well. Used just such a setup at work for a couple years. Would something like this work (on 10.3)..?: > > = /etc/rc.conf

VLAN + CARP ?

Hello, I wondered if it is possible to use CARP with VLAN interfaces? Would something like this work (on 10.3)..?: = /etc/rc.conf vlans_em0="neta netb" create_args_neta="vlan 101" create_args_netb="vlan 102" ifconfig_em0_neta="inet 192.168.1.253/24" ifconfig_em0_netb="inet

Re: kern/187451: [vlan] [carp] Some vlans in bridge + carp result in hung server

Old Synopsis: Some vlans in bride + carp result hung server New Synopsis: [vlan] [carp] Some vlans in bridge + carp result in hung server Responsible-Changed-From-To: freebsd-bugs-freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Wed Apr 16 01:15:19 UTC 2014 Responsible

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

On 2008-Jun-26 22:06:11 +0200, Giulio Ferro [EMAIL PROTECTED] wrote: I guess what I could do was to poison their arp cache for each address with a is-at message. Is there a way to force the sending of these messages for all the addresses of an interface? The kernel should send out gratuitous ARP

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

Peter Jeremy wrote: On 2008-Jun-26 22:06:11 +0200, Giulio Ferro [EMAIL PROTECTED] wrote: I guess what I could do was to poison their arp cache for each address with a is-at message. Is there a way to force the sending of these messages for all the addresses of an interface? The kernel should

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

Peter Jeremy wrote: On 2008-Jun-26 22:06:11 +0200, Giulio Ferro [EMAIL PROTECTED] wrote: I guess what I could do was to poison their arp cache for each address with a is-at message. Is there a way to force the sending of these messages for all the addresses of an interface? The kernel

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

On 2008-Jun-27 22:59:56 +0200, Giulio Ferro [EMAIL PROTECTED] wrote: Peter Jeremy wrote: The kernel should send out gratuitous ARP requests whenever you assign an address to an interface. You could confirm that this is happening by tcpdumping the interface whilst you add aliases. I have

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

Steve Bertrand wrote: Thank you Giulio (is it Gio?) No, it's Giulio (english Julius) :-) For some reason when I plugged in the new firewall, only the base non-aliased address was updated in the ISP switch arp cache (if someone can throw a guess at why, I'm eager to listen). Well, you

SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

of the ISP and I requested them to reset the arp cache of the port. Done that, everything worked without a glitch. The new firewall is now up and running in production with vlan + carp. Everything seems fine. Thanks to everybody who answered my plea... :-) Giulio Ferro wrote: After some more

Re: SOLVED (was Re: Problem clarification (was: Problems with vlan + carp + alias))

Giulio Ferro wrote: I finally got the problem, and it had nothing to do either with vlans or with carp. The firewall I was setting up was meant to replace an existing freebsd firewall which didn't use vlans (it had a lot of nics). The problem was that the network port where our ISP brings

Re: Problems with vlan + carp + alias

Primeroz lists wrote: What is tcpdump showing for ping on 192.168.10.11 http://192.168.10.11 ? can you see echo reply exiting vlan10 interface ? what if you try from your server to ping -S 192.168.10.11 http://192.168.10.11 192.168.10.254 http://192.168.10.254 ? First of all I'm sorry

Re: Problems with vlan + carp + alias

Han Hwei Woo wrote: Hi Giulio, Since the IP's are on the same subnet, you should try using a netmask of 255.255.255.255 on the aliases. Hi Han, Sorry no, changing the mask to 255.255.255.255 of the aliases doesn't change the situation. Anyway exactly the same configuration works with

Re: Problems with vlan + carp + alias

Hi , I think you should setup ALL the carp address as alias/32 , like this: ifconfig_carp10=vhid 10 pass qweq 192.168.10.10 netmask 255.255.255.255http://255.255.255.0/ ifconfig_carp10_alias0=192.168.10.11 netmask 255.255.255.255http://255.255.255.0/ ... ifconfig_carp10_aliasN=192.168.10.N

Re: Problems with vlan + carp + alias

Primeroz lists wrote: Hi , I think you should setup ALL the carp address as alias/32 , like this: ifconfig_carp10=vhid 10 pass qweq 192.168.10.10 http://192.168.10.10/ netmask 255.255.255.255 http://255.255.255.0/ ifconfig_carp10_alias0=192.168.10.11 http://192.168.10.11/ netmask

Re: Problems with vlan + carp + alias

What is tcpdump showing for ping on 192.168.10.11 ? can you see echo reply exiting vlan10 interface ? what if you try from your server to ping -S 192.168.10.11 192.168.10.254 ? Hi Primeroz, thanks for your answer. I set all the carp interfaces, both base and alias, to the

Problems with vlan + carp + alias

Scenario : freebsd 7.0 stable amd64 (compiled today), bce network interface Simply put, I'm trying to create multiple aliases on the same carp interface. I did this without vlans (on physical interfaces) and it always worked. Here's what I do: ---rc.conf ... ifconfig_bce0=inet 192.168.1.1

Re: Problems with vlan + carp + alias

Hi Giulio, Since the IP's are on the same subnet, you should try using a netmask of 255.255.255.255 on the aliases. Cheers, Han Hwei Woo Giulio Ferro wrote: Scenario : freebsd 7.0 stable amd64 (compiled today), bce network interface Simply put, I'm trying to create multiple aliases on