Date: Wed, 14 Dec 2011 11:47:00 -0800 From: Matt Mullins <mokomull@gmail.com> To: Victor Sudakov <vas@mpeks.tomsk.su> Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: carp(4) on FreeBSD 8.2 Message-ID: <CAPyT1SGmEApW6debJdZ_FXq6eLkyj0T3vRUdaK8yzQR_G6jU9A@mail.gmail.com> In-Reply-To: <20111214092557.GB38586@admin.sibptus.tomsk.ru> References: <20111214050959.GA34547@admin.sibptus.tomsk.ru> <4EE857D3.2060504@gmail.com> <20111214092557.GB38586@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
I've used carp very successfully in the past, both in the standard mode and ARP load-balancing mode, to build fail-over sets of firewalls. It worked well enough that one of our firewalls was down for a week before we noticed (and none of our clients did). I just did a mock-up of your scenario on a system at home (using the GENERIC kernel), and it seemed to work for me. I see you have a managed switch; you might see if some features like port security are disabled for that port. > What is even more strange, tcpdump on le0 does not even see ICMP echo > requests addressed to 10.14.134.99. That is strange. You might try "tcpdump -nevvv -i <interface> host 10.14.134.99" on the sending system and see if it's even sending the packets at all. If there's a remote chance that something else is using carp or VRRP on that network, you might try using a different VHID. Hope I can help, Matt Mullins
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyT1SGmEApW6debJdZ_FXq6eLkyj0T3vRUdaK8yzQR_G6jU9A>