Date: Wed, 29 Jan 2014 18:55:16 -0600 From: Mark Felder <feld@FreeBSD.org> To: Ole Myhre <ole@dataoppdrag.no> Cc: FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: carp and rtadvd Message-ID: <D9CBAFC5-CCA2-4F9F-9CDE-12FEBEC42875@FreeBSD.org> In-Reply-To: <52E7AB9B.5050707@dataoppdrag.no> References: <52E7AB9B.5050707@dataoppdrag.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 28, 2014, at 7:07, Ole Myhre <ole@dataoppdrag.no> wrote:
> Hi,
>=20
> I have a simple setup with two 10.0-RELEASE firewalls running carp, a
> virtual IPv6 address and running rtadvd:
>=20
> (applied to both firewalls)
>=20
> # kldload carp
> # ifconfig em2 inet6 2001:db8::1/64 vhid 1 up
> # sysctl net.inet6.ip6.forwarding=3D1
> # echo 'rtadvd_enable=3D"YES"' >> /etc/rc.conf
> # echo 'rtadvd_interfaces=3D"em2"' >> /etc/rc.conf
> # service rtadvd start
>=20
> This works fine, one firewall is MASTER, the other BACKUP and the
> clients behind em2 gets a prefix in the 2001:db8::/64 subnet. However
> both firewalls are sending router advertisements (only one being =
MASTER)
> with the LL-address of the physical em2 interface as the gateway. This
> causes clients that supports multiple default gateways to select both
> firewalls as their default gateway, and sending traffic to both the
> MASTER and BACKUP firewall.
>=20
> Is there a way to make only the MASTER send router advertisements or
> (preferably only the MASTER) sending router advertisements with a
> virtual LL-address?
>=20
What I would do is use devd to start/stop the rtadvd service based on =
whether or not you're master.
# notify 30 {
# match "system" "IFNET";
# match "subsystem" "carp0";
# match "type" "LINK_UP";
# action "/path/to/script/or/command";
# };
# =20
# notify 30 {
# match "system" "IFNET";
# match "subsystem" "carp0";
# match "type" "LINK_DOWN";
# action "/path/to/script/or/command";
# };
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D9CBAFC5-CCA2-4F9F-9CDE-12FEBEC42875>