From owner-freebsd-questions@FreeBSD.ORG  Thu May 28 00:44:42 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D1A541065670
	for <freebsd-questions@freebsd.org>;
	Thu, 28 May 2009 00:44:42 +0000 (UTC)
	(envelope-from mksmith@adhost.com)
Received: from mail-in07.adhost.com (mail-in07.adhost.com [216.211.128.137])
	by mx1.freebsd.org (Postfix) with ESMTP id B84F68FC13
	for <freebsd-questions@freebsd.org>;
	Thu, 28 May 2009 00:44:42 +0000 (UTC)
	(envelope-from mksmith@adhost.com)
Received: from ad-exh01.adhost.lan (exchange.adhost.com [216.211.143.69])
	by mail-in07.adhost.com (Postfix) with ESMTP id 59E1B8ADEEE
	for <freebsd-questions@freebsd.org>;
	Wed, 27 May 2009 17:44:42 -0700 (PDT)
	(envelope-from mksmith@adhost.com)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 27 May 2009 17:44:40 -0700
Message-ID: <17838240D9A5544AAA5FF95F8D5203160605DAE7@ad-exh01.adhost.lan>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Problems with IPv6 CARP Interface in PF
Thread-Index: AcnfLXwLf+1qKzR6TnOxIky96sMYKw==
From: "Michael K. Smith - Adhost" <mksmith@adhost.com>
To: <freebsd-questions@freebsd.org>
Subject: Problems with IPv6 CARP Interface in PF
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2009 00:44:43 -0000

Hello:

I'm having reachability problems with a CARP interface set up on two 7.1
boxes with an uplink to Cisco routers.  However, the inside CARP address
on the same set of PF boxes are reachable with no trouble.  Here's the
config.

Cisco 		Cisco
       HSRP Gateway
            |
       CARP Interface 1
PF Box               PF Box
       CARP Interface 2
            |
          Server

When I try to ping CARP Interface 1 above from the Internet, I get no
response.  When I ping the CARP Interface 2, which has a route set from
the Cisco's to CARP Interface 1, it works.  Here's what I see in my
logs.

00:38:45.763975 IP6 fe80::203:6cff:fef9:2c00 > ff02::1:ff00:7: ICMP6,
neighbor solicitation, who has 2001:4970:cccc::7, length 32

... with no response.

Here is the ifconfig from one box.

carp0: flags=3D49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
        inet6 2001:4970:cccc::6 prefixlen 64
        inet6 2001:4970:cccc::7 prefixlen 64
        carp: MASTER vhid 1 advbase 1 advskew 100
carp1: flags=3D49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
        inet6 2001:4970:cccc:aaaa::1 prefixlen 64
        carp: MASTER vhid 2 advbase 1 advskew 100

and the other shows appropriately as "BACKUP".  There is no change if I
run with just one PF box.

Any help would be greatly appreciated.

Regards,

Mike
--
Michael K. Smith - CISSP, GISP
Chief Technical Officer - Adhost Internet LLC mksmith@adhost.com
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP: B49A DDF5 8611 27F3  08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)