From owner-freebsd-questions@FreeBSD.ORG Wed Dec 5 10:13:26 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2CCD123C for ; Wed, 5 Dec 2012 10:13:26 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 9D4C48FC0C for ; Wed, 5 Dec 2012 10:13:24 +0000 (UTC) Received: by mail-we0-f182.google.com with SMTP id u54so2473974wey.13 for ; Wed, 05 Dec 2012 02:13:23 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=KZpMPXF10+kU53dzV1yr5x6nY9grx/lmdPCrdjwwYxo=; b=NtXgBMozM77mj67l8fQqV6VUalzbc8pPa3n/CzbPuALDOudWmNkW66w3qfHCyugclQ Zwdv+UZwwC5Z1umrGIWXhh5h2cL509pcrmxdmtWdOQSGHMKBOdIBAnEaUHUHHnV/Ry4I 5I7Ei4KsitcE9ZeVPEqpb8hdIHSfMVuXL4m0edN9kGJ/iF1zEfF6VocaCdUvYzrxcSHy vNjVIbC5nEyPZRjXi64pNHYDD4l9MhAXJd13qq4uqumO4HHyAoD+ZZLtMGwThkDNebbY 89jDaFTqWKtSHmVHyq1nbyRh3GYB5Ah5X2ydECE7yvk9IIC5JG5r5LzVMqx5cHvxZHFs ta2A== Received: by 10.180.78.161 with SMTP id c1mr2198847wix.4.1354702403613; Wed, 05 Dec 2012 02:13:23 -0800 (PST) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id dw4sm5732149wib.1.2012.12.05.02.13.21 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 05 Dec 2012 02:13:22 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) Subject: SOLVED - Re: CARP within VirtualBox Does it work? From: Fleuriot Damien In-Reply-To: <316715d0c46c4e5f5eb92a3b6c084f55@dweimer.net> Date: Wed, 5 Dec 2012 11:13:22 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: <0FD323C7-DD76-4FE6-8FD0-1EE85E8C3848@my.gd> References: <737f4b1c8bff13850af119f917ed811c@dweimer.net> <9232DDFC-F40B-4914-A92D-3B5D9C1ECE5F@my.gd> <316715d0c46c4e5f5eb92a3b6c084f55@dweimer.net> To: X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQlKzk5rliJNoV675h9ufn3aM2b1/bUPxe9YfWwP/rsvWi3UkY359xQNIpcjQRi1Mroimvt9 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Dec 2012 10:13:26 -0000 On Dec 4, 2012, at 8:17 PM, dweimer wrote: > On 2012-12-01 03:14, Damien Fleuriot wrote: >> On 30 November 2012 20:44, dweimer wrote: >>> On 2012-11-29 14:07, dweimer wrote: >>>>=20 >>>> On 2012-11-29 12:53, Fleuriot Damien wrote: >>>>>=20 >>>>> On Nov 29, 2012, at 6:43 PM, dweimer wrote: >>>>>=20 >>>>>> I was trying to setup a test of CARP on two virtual machines = running in >>>>>> VirtualBox 4.2.4r81684 I am not sure if I have something wrong = with my CARP >>>>>> configuration or if VirtualBox just doesn't work right with it. = I can only >>>>>> ping the CARP interface IP address from the machine listed as = MASTER, if I >>>>>> do an ifconfig carp0 down on the MASTER the other machine = correctly switches >>>>>> form BACKUP to MASTER and then I can ping the interface from it = but not from >>>>>> the Original system. >>>>>>=20 >>>>>> The VirtualBox systems are both using bridged networking, and the = host >>>>>> cannot ping the carp0 IP address but can ping the interface IP = address. >>>>>>=20 >>>>>> Before I go through more trouble shooting, does anyone know if = CARP >>>>>> doesn't work with VirtualBox? >>>>>>=20 >>>>>> carp configuration >>>>>> Machine1: >>>>>> ifconfig_em0=3D"UP" >>>>>> ifconfig_em0_name=3D"LAN" >>>>>> ipv4_addrs_LAN=3D"10.20.190.201/16" >>>>>> defaultrouter=3D"10.20.111.2" >>>>>> cloned_interfaces=3D"carp0" >>>>>> ifconfig_carp0=3D"vhid 1 advskew 100 pass ReduntantCarpTest >>>>>> 10.20.190.203/16 >>>>>>=20 >>>>>> ifconfig carp0: >>>>>> carp0 flags=3D49 metric 0 mtu 1500 >>>>>> inet 10.20.190.203 netmask 0xffff0000 >>>>>> nd6 options=3D29 >>>>>> carp: MASTER vhid 1 advbase 1 advskew 100 >>>>>>=20 >>>>>>=20 >>>>>> Machine2: >>>>>> ifconfig_em0=3D"UP" >>>>>> ifconfig_em0_name=3D"LAN" >>>>>> ipv4_addrs_LAN=3D"10.20.190.202/16" >>>>>> defaultrouter=3D"10.20.111.2" >>>>>> cloned_interfaces=3D"carp0" >>>>>> ifconfig_carp0=3D"vhid 1 pass ReduntantCarpTest 10.20.190.203/16 >>>>>>=20 >>>>>> ifconfig carp0: >>>>>> carp0 flags=3D49 metric 0 mtu 1500 >>>>>> inet 10.20.190.203 netmask 0xffff0000 >>>>>> nd6 options=3D29 >>>>>> carp: BACKUP vhid 1 advbase 1 advskew 0 >>>>>>=20 >>>>>> FreeBSD version is 9.1RC3 on both test machines. >>>>>=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>> We're using FreeBSD and CARP in virtualized environments at work, >>>>> albeit not on VirtualBox but on Proxmox/KVM. >>>>>=20 >>>>> First, I would advise replacing 10.20.190.203/16 with = 10.20.190.203/32 >>>>>=20 >>>>>=20 >>>>> I notice your carp0 is MASTER on machine1 with an advskew of 100 = vs >>>>> machine 2 advskew 0, same advbase. >>>>> Confirm this is *after* you've set carp0 down on machine2. >>>>>=20 >>>>> If both carps are up and machine1 with advskew 100 beats machine2 >>>>> with advskew 0, you have an additional problem. >>>>>=20 >>>>>=20 >>>>> See if you have any more luck with the /32 address on carp0 = anyway. >>>>=20 >>>>=20 >>>> The documentation shows the mask matching that of the interface: >>>> hostname=3D"hostb.example.org" >>>> ifconfig_fxp0=3D"inet 192.168.1.4 netmask 255.255.255.0" >>>> cloned_interfaces=3D"carp0" >>>> ifconfig_carp0=3D"vhid 2 pass testpass 192.168.1.51/24" >>>>=20 >>>> This is consistent with the man page for CARP on the system as = well. >>>> Regardless I tried with the /32 and had the same result as I did = with >>>> the /16. I had done various UP/DOWN on interfaces so the current >>>> MASTER was just the last one to have not been DOWN. I think I = might >>>> just copy these VMs to my VMWARE Workstation 9 install on my home = PC >>>> after work tonight and see if the problem persists. >>>=20 >>>=20 >>> The behavior definitely changed going from VirtualBox to VMWare, the = only >>> change in my configuration was the IP addresses to match the home = network. >>> However now I can talk to the carp interface form other machines, = but they >>> receive two response one from each of the test systems. TCPDUMP = shows that >>> they are each seeing the others broadcasts, but for some reason they = are >>> both running as MASTER. If you run a DOWN/UP on the interface, it = briefly >>> shows as BACKUP before switching to MASTER. I tried with both /24 = subnet of >>> my home network, and setting the carp0 interface to /32, both = behaved the >>> same. Any one have any other ideas, as to whether this comes down = to a >>> Virtual Network Issue, or a setup issue on my part. >>>=20 >>=20 >>=20 >> Well, it definitely works here for us on Proxmox/KVM. >>=20 >> When you tcpdump on your either host, do you see the CARP >> advertisements from the other ? >>=20 >>=20 >> FInd below the advertisements as seen from our CARP backup firewall: >> $ sudo tcpdump -ni vlan14 vrrp >> tcpdump: verbose output suppressed, use -v or -vv for full protocol = decode >> listening on vlan14, link-type EN10MB (Ethernet), capture size 96 = bytes >> 10:11:09.084568 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2, >> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 >> 10:11:10.282826 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2, >> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 >> 10:11:11.481075 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2, >> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 >=20 > Proabbly should have been more clear early when I mentioned I could = see the others broadcasts, this is what I menat, yes they do see the = others advertisements. It most definitely was virtual network related, = found some information on the pfSense wiki that directed me to the = advanced settings on the ethernet adapters within the VirtualBox network = settings on the virtual machines. Promiscuous mode was set to Deny, = change this to Enable All, problem solved on VirtualBox, CARP is now = working as intended. Still haven't figured out a fix for the issue I = discovered in VMware, found a lot of things about changing adapters = permissions on Linux hosts to allow promiscuous mode, and suspect it is = a permissions issue with the Windows 7 host, but I haven't found out how = to fix it yet. However I now know my configuration works and its not a = FreeBSD issue. >=20 > --=20 > Thanks, > Dean E. Weimer > http://www.dweimer.net/ Glad that fixed it for you, marking as Solved for people googling around = ;) Fix: edit ethernet adapters advanced settings to Permit promiscuous mode