Date: Thu, 16 Sep 2004 03:30:59 +0100 From: Bruno Afonso <brunomiguel@dequim.ist.utl.pt> To: freebsd-pf@freebsd.org Subject: Re: RELENG_5 and carp patches - Status Message-ID: <4148FAE3.1090003@dequim.ist.utl.pt> In-Reply-To: <200409160156.18049.max@love2party.net> References: <41476126.7000503@dequim.ist.utl.pt> <41487CDA.7080709@dequim.ist.utl.pt> <200409160156.18049.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I've forgotten to say one thing. I had to add the carp definition to /etc/protocols. In reality, I renamed "vrrp" to "carp" after looking at openbsd's /etc/protocols. So, it's missing in the patch too. Max Laier wrote: > On Wednesday 15 September 2004 19:33, Bruno Afonso wrote: > >>=> WORKS: >> >>I've set carp0 and carp1 with the ips my NAT box uses and it's working >>flawlessly up until now (some hours). I have yet to set the backup box >>as it's really really old and I'm waiting for it to compile world and >>kernel... :) >> >>I will try failover in the next days. >> >> >>=> DOES NOT WORK: >> >>ifconfig pfsync syncif <interface> does not work >>carp-testing-box# ifconfig pfsync0 up syncif fxp0 >>ifconfig: syncif: bad value > > > Ugh ... this got completely forgotten. Check the patch at: > http://people.freebsd.org/~mlaier/ifconfig.pfsync.patch (hope it still > applies) it will certainly cause rejects with the carp-ifconfig ... Seems to apply cleanly. You have to cd /usr/src/sbin/ifconfig before "patch -p0 < " though. I can now do "ifconfig pfsync0 up syncif <interface>" without any error. >>accessing carp'ed IP address does not work >>carp-testing-box# ping IP >>PING IP (IP): 56 data bytes >>ping: sendto: Operation not permitted > > > EPERM is clearly a problem of your firewalling rules on the box that is trying > to ping. Doh! Damn home made script to generate the pf conf file... :-) I needed to open carp0 from (carp0) to (carp0). Another interesting aspect is that traffic originating from the machine come from the non-carp ips. :-) >>I also get "arp_rtrequest: bad gateway IP (!AF_LINK)" in /var/log/messages. > > > This described in: http://people.freebsd.org/~mlaier/CARP/README and it's not > a problem only a bit distrubing. Ye, doesn't bother. > hmmm ... looks like netstat has been built with different headers as the > kernel. Try make installincludes and rebuild+install netstat. Did it. Same error(s). I'm gonna recompile world and kernel just for the sake of it. :-) and rm -rf /usr/obj. BA -- Bruno Afonso http://dequim.ist.utl.pt/~bruno/sciTocs/ - Bruno's SciTocs! http://freebsd-pt.org/forum/ - Portuguese FreeBSD forum
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4148FAE3.1090003>