From owner-freebsd-ipfw@FreeBSD.ORG  Wed Aug  2 05:33:31 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1803A16A4DE
	for <freebsd-ipfw@freebsd.org>; Wed,  2 Aug 2006 05:33:31 +0000 (UTC)
	(envelope-from if@hetzner.co.za)
Received: from hetzner.co.za (office.dc2.cpt.your-server.co.za [196.7.147.230])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 967BB43D49
	for <freebsd-ipfw@freebsd.org>; Wed,  2 Aug 2006 05:33:29 +0000 (GMT)
	(envelope-from if@hetzner.co.za)
Received: from localhost ([127.0.0.1] helo=ian.hetzner.africa)
	by hetzner.co.za with esmtp (Exim 4.62 (FreeBSD))
	(envelope-from <if@hetzner.co.za>)
	id 1G89ME-000H0o-8A; Wed, 02 Aug 2006 07:33:26 +0200
To: Tyrone.VanDerHaar@TelecityRedbus.se
From: Ian FREISLICH <if@hetzner.co.za>
In-Reply-To: Message from <Tyrone.VanDerHaar@TelecityRedbus.se> of "Tue,
	30 May 2006 16:31:35 +0200."
	<D3BBF0C6F2FC0448BFCA2F965F2192631DEBB5@sto1.tcy.prv> 
X-Attribution: BOFH
Date: Wed, 02 Aug 2006 07:33:26 +0200
Message-Id: <E1G89ME-000H0o-8A@hetzner.co.za>
Cc: freebsd-ipfw@freebsd.org
Subject: Re: CARP spanning-tree Vlan 
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2006 05:33:31 -0000

Tyrone wrote:
> Can anyone explain to me why I can't get my CARP interfaces up again
> after changing the spanning-tree version on our customer switch?

Did you ever get this working?  Since your message, I started playing
around with CARP and I've noticed a few things.

1. Renaming a CARP interface makes it either loose it's vhid/pass
   or stops it working for some other reason.
2. Downing and upping the physical interface makes the carp interface
   stop working.

> We have 2x switches connected to our freebsd routers and a fibre link 
> between the switches.
> 
> Customer have a port on each switch going to a third switch and between 
> the 3 switches we have spanning tree running for redundant paths.
> 
> I changed the spanning-tree on the customer switch (switch 3) and now my 
> carp interface look like this
> 
> carp135: flags=3D49<UP,LOOPBACK,RUNNING> mtu 1500
> 
>         inet xxx.xxx.xxx.2 netmask 0xffffff00
> 
>         carp: MASTER vhid 7 advbase 1 advskew 100
> 
> carp135: flags=3D49<UP,LOOPBACK,RUNNING> mtu 1500
> 
>         inet xxx.xxx.xxx.2 netmask 0xffffff00
> 
>         carp: MASTER vhid 7 advbase 1 advskew 0

I've noticed that my carp intefaces do this when:
1. The switch stops forwarding
2. The firewall blocks the carp broadcast
3. The carp inteface is "in" a vlan interface and vlanhwtag is
   enabled on the card and the interface is placed in promiscuous
   mode - the carp driver does this.  (the card just stops tagging
   frames).
4. The inteface the carp inteface is "in" was downed and upped.

3 and 4 can be fixed by re-ifconfig of all the interfaces involved.

It sounds more like this is a switch issue and that the carp
broadcasts aren't making it through from your one router to the
other.

What is the interface state of the STP on all your switches?

Ian

--
Ian Freislich