Date: Tue, 01 Mar 2005 12:12:08 -0600 From: Matthew Grooms <mgrooms@seton.org> To: Max Laier <max@love2party.net> Cc: freebsd-pf@freebsd.org Subject: Re: Fwd: pf + pfsync + carp testing ... Message-ID: <4224B078.9020301@seton.org> In-Reply-To: <200502282326.41760.max@love2party.net> References: <200502282232.17646.max@love2party.net> <4223931C.9000607@seton.org> <200502282326.41760.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Max and Gleb. You have been a great help. The patch applied cleanly and compiled fine. After configuring a few carp interfaces, they seem to fail over well. I am curious though, is CARP designed to have interfaces fail over individually or as a group? For example ... box1 & box2 em0 -> carp0 -> External em1 -> carp1 -> Internal em2 -> carp2 -> DMZ If box1 is master for all interfaces when then its em2 goes down, only carp2 on box2 becomes master and assumes the service address? Box1 is still master for carp0 and carp1. Doesn't this cause problems when traffic passes in carp0 ( still master on box1 ) and needs to be forwarded out carp2? Also, when I configure a carp interface on the command line I do something like ... ifconfig carp0 create 192.168.253.1 \ netmask 255.255.255.0 vhid 1 advskew 1 but when I place the equivalent line in rc.conf as ... ifconfig_carp0="create 192.168.253.1 \ netmask 255.255.255.0 vhid 1 advskew 1" and reboot the box, it does not seem to take. Any suggestions? Matthew Grooms Network Engineer Seton Healthcare Network mgrooms@seton.org (512) 324 9913 Max Laier wrote: > On Monday 28 February 2005 22:54, Matthew Grooms wrote: > <...> > >>Is the ifconfig change part of the patch located at ... >> >>http://people.freebsd.org/~glebius/totest/carp-RELENG_5-patch >> >>... as I have not applied it yet. I assumed the pfsync ifconfig changes >>were already in the RELENG_5 branch. Did I make a poor assumption? > > > Okay, looks like this is confusing. You are not to blame for this, Matthew! > > Here is a walkthrough for testing this: > 0) Patch is located in your home directory. You should know what to fill in > for <cvs_repo> (anoncvs@... or /some/path). > 1) Checkout a *clean* RELENG_5 > $ cd /usr && rm -rf src && cvs -d <cvs_repo> co -rRELENG_5 src > 2) Apply the patch: > $ cd /usr/src && patch -p0 < ~/carp-RELENG_5-patch > Note the -p0 to get new files. > 3) Look for rejects: > $ find . -name \*.rej > 4) Normal {build, install}{world, kernel} dance. > > Hope this helps. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4224B078.9020301>