From owner-freebsd-questions@freebsd.org Wed Jun 8 15:30:40 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5031BB6F70F; Wed, 8 Jun 2016 15:30:40 +0000 (UTC) (envelope-from ddesimone@verio.net) Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0061.outbound.protection.outlook.com [157.56.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D33E211A6; Wed, 8 Jun 2016 15:30:38 +0000 (UTC) (envelope-from ddesimone@verio.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verioit.onmicrosoft.com; s=selector1-verio-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=IfL1Tl5s9LAQGuvgibdJJ0XfBmRZBJjNRFh06NLldBc=; b=aj+syewHq0S1jtCge15SgbEG9b1NRmBFFyTHNZ/dYBL1ZIOP+3P5tTm/cI3zuJ6Ypu4fi0F/mjD9DRVk+WatFSqGdAHjo1UeWWqeuBoMLurjkk2Gjqo2aYV+Tj/9Mwk6h05Z1GDwtl0wEq4suqpDYyBihkVbYW0ZsReUMFcaQCQ= Received: from SN1PR08MB1821.namprd08.prod.outlook.com (10.162.134.27) by SN1PR08MB1821.namprd08.prod.outlook.com (10.162.134.27) with Microsoft SMTP Server (TLS) id 15.1.517.2; Wed, 8 Jun 2016 15:15:22 +0000 Received: from SN1PR08MB1821.namprd08.prod.outlook.com ([10.162.134.27]) by SN1PR08MB1821.namprd08.prod.outlook.com ([10.162.134.27]) with mapi id 15.01.0517.005; Wed, 8 Jun 2016 15:15:22 +0000 From: David DeSimone To: Niklaas Baudet von Gersdorff CC: "freebsd-questions@freebsd.org" , "freebsd-net@freebsd.org" Subject: RE: Getting CARP to broadcast on a different interface Thread-Topic: Getting CARP to broadcast on a different interface Thread-Index: AQHRwYNZsXrmscfLGkKU4PDC2t//vp/frM0w Date: Wed, 8 Jun 2016 15:15:22 +0000 Message-ID: References: <20160608124310.GG2050@box-hlm-03.niklaas.eu> In-Reply-To: <20160608124310.GG2050@box-hlm-03.niklaas.eu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ddesimone@verio.net; x-originating-ip: [173.71.11.10] x-ms-office365-filtering-correlation-id: 6b32a0c4-d328-459f-7c01-08d38fafb615 x-microsoft-exchange-diagnostics: 1; SN1PR08MB1821; 6:44xdteabsbX9vJvz12UGWwnjYa9UL8ktL2a3Bh9nRKRrrfptRnFeSogCGRb+Oxph1v7pssMQOy6bw1jiSt8ocw9z2vHvtkjpU3pSD2/df2UqFB7LRG0QpugP20pcE3KOkL17/Us7Ue0Hz9zYCP07KF9qj000pUlH0nMyV1E/VGgDgeUciergDiFttldxlR/q5SkQ+6QviaUj4I9F3CUZgyvEgR2jZnkvdBzRm/UOQ24NdgaoFMUJfILxd1zV5J5qqstklgeiyKuAHDISr+tBPcwPC3PvCnHJJBgWtvfKPLI=; 5:p8kLow7cEtUTcVQCX0BPS4CSfVzcEsK2jgNnsjOjmrkIoCCG7QTzB/cIqGIcLjpAwE87HFN3s6wh6Q5UWr3WlbFyQMcXAJ9EW2FSYlKB4I5t1s0HW5L0B70Ff4Q5QaV6dnAeuF2T+3Y9/d3HWJo3dw==; 24:PRqV8BYs7epDC8HH2D2EtooxBywUBRnPbnKKP+B4427NY9yqapm00HhCHfnMzyrjrJZQPtem/w4f5sycAwzBCrTG18XjhNt50r+mqR7t5JE=; 7:Ici8UEhF9uBuTDBFK8ILMYMOQ430tdcMe+LPZcGdprF0lHwcls28vNjzKWx3f4EelKmukW9H7otmtxuIIy/i/M/LttIJhT7dpMPo4pUH0i8qeZeGyfbpZcTLTnSDyakwBUtZmS2Z/s6ZTvGfs625qjY/34dU8HAU5II/FUvEOY8bI7froZMOGY5IvmO3rNglsjhLCcrJACqkkXVufaWPh+R7LqpaGyNjKS5VDGal668= x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR08MB1821; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046); SRVR:SN1PR08MB1821; BCL:0; PCL:0; RULEID:; SRVR:SN1PR08MB1821; x-forefront-prvs: 0967749BC1 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(189002)(377454003)(199003)(13464003)(99286002)(3846002)(77096005)(4326007)(68736007)(33656002)(10400500002)(8936002)(3660700001)(3280700002)(6116002)(586003)(102836003)(105586002)(106116001)(106356001)(92566002)(2950100001)(2900100001)(5890100001)(74316001)(76176999)(50986999)(8676002)(9686002)(5008740100001)(101416001)(86362001)(19580395003)(19580405001)(87936001)(189998001)(5004730100002)(66066001)(5002640100001)(54356999)(5003600100002)(2906002)(81166006)(122556002)(97736004)(81156014)(110136002)(76576001)(11100500001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR08MB1821; H:SN1PR08MB1821.namprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; CAT:NONE; LANG:en; CAT:NONE; received-spf: None (protection.outlook.com: verio.net does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: verio.net X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jun 2016 15:15:22.3860 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 281c3918-264a-4db4-ab20-2dafa1dca324 X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR08MB1821 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2016 15:30:40 -0000 One of the purposes of the CARP announcements is to announce the location o= f the virtual mac address to the upstream switch fabric. Since CARP uses a= virtual mac that floats between multiple ports, you need to have the CARP = master continually assert that its particular port is the target that shoul= d be used for delivery of packets to the virtual MAC address. Without this= function, switches might still mistakenly deliver their frames to the stan= dby node. The CARP announcements are also helpful in detecting and routing around som= e odd failure scenarios, such as a failure within the upstream fabric, wher= e the master sees link on its port, but can't actually send frames that rea= ch the rest of the network. If the standby can't hear the master's announc= ements any more, it can promote itself to master and hopefully keep your cl= uster online. This would not happen without the announcement feature. I would hope you could explain this to your provider and get them to white-= list CARP announcements because they are defeating important safety feature= s you wish to use. -----Original Message----- From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] = On Behalf Of Niklaas Baudet von Gersdorff Sent: Wednesday, June 08, 2016 7:43 AM To: freebsd-questions@freebsd.org; freebsd-net@freebsd.org Subject: Getting CARP to broadcast on a different interface Hello, is it possible to configure CARP in such a way that it sends its broadcasts on an interface different from the one that gets the shared IP address assigned? Unfortunately, my provider blocks broadcast and multicast on public interfaces of virtual machines. However, they offer to set up an additional virtual NIC that directly connects multiple virtual machines on which broadcast and multicast are not blocked. So, while I assign a shared IP to the public interface vtnet0, I would like to configure CARP to broadcast on the private interface vtnet1. Is that possible? Or are there alternatives for CARP that support this function? Niklaas ________________________________ This email message is intended for the use of the person to whom it has bee= n sent, and may contain information that is confidential or legally protect= ed. If you are not the intended recipient or have received this message in = error, you are not authorized to copy, distribute, or otherwise use this me= ssage or its attachments. Please notify the sender immediately by return e-= mail and permanently delete this message and any attachments. makes no warr= anty that this email is error or virus free. Thank you. ________________________________ This email message is intended for the use of the person to whom it has bee= n sent, and may contain information that is confidential or legally protect= ed. If you are not the intended recipient or have received this message in = error, you are not authorized to copy, distribute, or otherwise use this me= ssage or its attachments. Please notify the sender immediately by return e-= mail and permanently delete this message and any attachments. NTT America m= akes no warranty that this email is error or virus free. Thank you. ________________________________