From owner-freebsd-net@FreeBSD.ORG Wed Mar 23 12:17:07 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3709106564A for ; Wed, 23 Mar 2011 12:17:07 +0000 (UTC) (envelope-from petersson@gmail.com) Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com [209.85.161.54]) by mx1.freebsd.org (Postfix) with ESMTP id 648A68FC15 for ; Wed, 23 Mar 2011 12:17:07 +0000 (UTC) Received: by fxm11 with SMTP id 11so8780419fxm.13 for ; Wed, 23 Mar 2011 05:17:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to:x-mailer; bh=2iLrnOF5WlU6PvzMrZaWC1eNTLwcY4TJK299KoQVLNo=; b=yB7xvH6VqRl38URrD25jdupZCbg9zw66nJA0wj5ArojCr402Tj8dl5zs8cWCtL2CMn dmi9ljcpuZnUn8ib+umvyi6Ksv0uhArQufB5ntjA5kB7leE/Tf6ZCpAvsbjtWmj5m371 Pnrf+6RCBY6M94W1XIgsfz7IQaoKeAe1jbrKY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=QuT01QOEWEh6gD0izrkPGb/SartMNBcOPjRXgwpeZWpr7Qd28bcNIC01QjWby1mww7 lmiI7Qmg0ghi2JlKS5o1j/T5hDe5m6vTOxGclTsunpQ6aE5WGbPyFlE7o5yW9DX3POde 4niSDXLzvTiRJoENfAHAL2Npvz/owxc11DBO0= Received: by 10.223.6.11 with SMTP id 11mr7918030fax.100.1300882625543; Wed, 23 Mar 2011 05:17:05 -0700 (PDT) Received: from [10.0.0.20] ([62.182.216.5]) by mx.google.com with ESMTPS id j11sm3411536faa.44.2011.03.23.05.17.04 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 23 Mar 2011 05:17:04 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii From: Viktor Petersson In-Reply-To: <20110320185856.GA7703@insomnia.benzedrine.cx> Date: Wed, 23 Mar 2011 13:17:02 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: References: <00612801-A0F4-4EDC-9BED-3364A86E4F9C@gmail.com> <20110320185856.GA7703@insomnia.benzedrine.cx> To: Daniel Hartmeier X-Mailer: Apple Mail (2.1082) Cc: freebsd-net@freebsd.org Subject: Re: Possible CARP bug? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2011 12:17:08 -0000 On Mar 20, 2011, at 7:58 PM, Daniel Hartmeier wrote: > On Fri, Mar 18, 2011 at 04:43:59PM +0100, Viktor Petersson wrote: >=20 >> Mar 7 14:42:57 nas0 kernel: carp0: MASTER -> BACKUP (more = frequent advertisement received) >=20 > This could mean that the master is receiving its own CARP = advertisements > back, and, thinking they come from another host, backs off. >=20 > CARP advertisements are sent through the physical interface to a > broadcast MAC address (01:00:5e:00:x:y) and the broadcast IP address > 224.0.0.18. >=20 > A real physical switch will forward that frame to all ports except the > one it was received on, i.e. the frame will not be sent back to the > sender. >=20 > You mention a virtual enviroment, so maybe the switch is virtual, too, > and behaves differently. You can check by tcpdump'ing on the physical > interface of the master. You should see each advertisement once (going > out, but tcpdump doesn't indicate the direction). Look at the IP IDs, = if > you see each ID twice, you're getting the broadcasts back. >=20 > I think newer versions of CARP (in OpenBSD) contain an explicit check = to > detect this case (it can be thought of as a form of replay attack), > which could be ported. >=20 > But there might also be a setting in Qemu's virtual switch, that deals > with such broadcasts. >=20 > HTH, > Daniel Thank you for the analysis Daniel. You're dead on. The node did indeed = receive its own broadcast package back.=20 Unfortunately that didn't really resolve the problem.=20 Matthew Grooms did however reach out to me with a patch that did resolve = the problem that he wrote for VMware ESX, which apparently is having the same issue.=20 The patch, along with instructions can be found here: http://www.mail-archive.com/freebsd-net@freebsd.org/msg30562.html It would be great if someone could merge that fix into the main branch.=20= Thanks for all the help guys!. Regards, Viktor=