From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 16:37:02 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BCBD1065675 for ; Tue, 1 Jun 2010 16:37:02 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com [209.85.213.182]) by mx1.freebsd.org (Postfix) with ESMTP id D27FC8FC18 for ; Tue, 1 Jun 2010 16:37:01 +0000 (UTC) Received: by yxg6 with SMTP id 6so136257yxg.13 for ; Tue, 01 Jun 2010 09:37:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=LWU/UfkZbX6QkivCYRxarUBY8WOiwzd5P12LYtLFLM4=; b=I+5UUnhB4jr8ulAshphJmTQBZmu6+C/tU/wxlzQQchpNKAGWZFMmJCSwQGHR3RinsK mzqZTk938a0oGcVpRrxbIGTTK+/+yDCHcgqwkpz/8gaT/ETgw5g7XYEkJ6S5EnjZXkAr ztUVc/T1MvMBBYEdyQAF+Z720ls5QyVrfrBPg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=lLO08jJOoa4rZD29c9/5/YV61Gnz4WEDpu52hzwg8DkqE8z+zMs713CP3DOC1fxJsu /tEAV/NMhWF3bLG83EjCxmAwnvsj018cF4dxiUrpxt/abcX014k3FVaiD6RBUbg/tgL4 RFZWJOOmMKiv16afpWxTnORIVwqGIAlIOxlYQ= MIME-Version: 1.0 Received: by 10.231.185.6 with SMTP id cm6mr8051348ibb.72.1275410220401; Tue, 01 Jun 2010 09:37:00 -0700 (PDT) Received: by 10.231.36.194 with HTTP; Tue, 1 Jun 2010 09:37:00 -0700 (PDT) In-Reply-To: <4C052101.8080404@jku.at> References: <4C052101.8080404@jku.at> Date: Tue, 1 Jun 2010 09:37:00 -0700 Message-ID: From: Freddie Cash To: freebsd-net@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: carp + carpdev option? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2010 16:37:02 -0000 On Tue, Jun 1, 2010 at 8:02 AM, Ferdinand Goldmann < ferdinand.goldmann@jku.at> wrote: > It seems that this question has been asked several times before ... > It looks like there is no carpdev option in 7.x :-( > > Having this options should bring several advantages: > - One would only have to use a single public IP address (the carp > interface), > and would be able to configure the physical parent interface with a > private > IP address for management purposes only. > > - One would not have to fiddle around with application configuration, like > telling Squid to use the IP address of the carp interface as sender IP > (and not the IP of the parent interface ...) > > Is there any hope this option gets ported to FreeBSD? Maybe in 8.x? > Max L. (can't remember how to spell his last name) had some patches available for 7.x to enable carpdev support. I did some testing of them back then and they worked .... so long as the IPs/devices were all added in the exact same order on all interfaces. The CARP hashes wouldn't match if anything was different between interfaces. If you didn't use multiple IPs on the CARP devices, they worked perfectly. The patches were never imported to the source tree, though. I agree. It would be nice to have carpdev support in FreeBSD, as it makes things cleaner. And it lines up with vlan(4), lagg(4), and if_bridge(4) where you can specify devices and not have to rely on IPs/subnets. Here's hoping that it gets added in some future update of pf/carp from OpenBSD. :) It's the final missing link in our dreams of redundant firewalls/routers and storage servers. -- Freddie Cash fjwcash@gmail.com