From owner-freebsd-net@freebsd.org Tue Feb 28 08:55:01 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 334EECF145F for ; Tue, 28 Feb 2017 08:55:01 +0000 (UTC) (envelope-from julien@perdition.city) Received: from relay-b03.edpnet.be (relay-b03.edpnet.be [212.71.1.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "edpnet.email", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BAD1E37E for ; Tue, 28 Feb 2017 08:55:00 +0000 (UTC) (envelope-from julien@perdition.city) X-ASG-Debug-ID: 1488272088-0a88181bfd1a59d0001-QdxwpM Received: from mordor.lan ([213.219.148.14]) by relay-b03.edpnet.be with ESMTP id yDYMuzDRmGn2EUKg (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 28 Feb 2017 09:54:49 +0100 (CET) X-Barracuda-Envelope-From: julien@perdition.city X-Barracuda-Effective-Source-IP: UNKNOWN[213.219.148.14] X-Barracuda-Apparent-Source-IP: 213.219.148.14 Date: Tue, 28 Feb 2017 09:54:48 +0100 From: Julien Cigar To: Freddie Cash Cc: freebsd-net Subject: Re: VLAN + CARP ? Message-ID: <20170228085447.GK6194@mordor.lan> X-ASG-Orig-Subj: Re: VLAN + CARP ? References: <20170227231626.GJ6194@mordor.lan> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="EUwkhXZbCcD53YNR" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.7.1 (2016-10-04) X-Barracuda-Connect: UNKNOWN[213.219.148.14] X-Barracuda-Start-Time: 1488272088 X-Barracuda-Encrypted: ECDHE-RSA-AES256-GCM-SHA384 X-Barracuda-URL: https://212.71.1.220:443/cgi-mod/mark.cgi X-Barracuda-Scan-Msg-Size: 2179 X-Virus-Scanned: by bsmtpd at edpnet.be X-Barracuda-BRTS-Status: 1 X-Barracuda-Bayes: INNOCENT GLOBAL 0.5000 1.0000 0.0100 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=6.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.36855 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 08:55:01 -0000 --EUwkhXZbCcD53YNR Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 27, 2017 at 03:37:14PM -0800, Freddie Cash wrote: > On Mon, Feb 27, 2017 at 3:16 PM, Julien Cigar wro= te: >=20 >=20 > > I wondered if it is possible to use CARP with VLAN interfaces? > > >=20 > =E2=80=8BYes, CARP-over-vLAN works well. Used just such a setup at work = for a > couple years. >=20 > Would something like this work (on 10.3)..?: > > > > =3D /etc/rc.conf =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > > > vlans_em0=3D"neta netb" > > create_args_neta=3D"vlan 101" > > create_args_netb=3D"vlan 102" > > > > ifconfig_em0_neta=3D"inet 192.168.1.253/24" > > ifconfig_em0_netb=3D"inet 10.209.1.253/24" > > > > ifconfig_em0_neta_alias0=3D"inet vhid 3 advskew 10 pass xx alias > > 192.168.2.254/32" > > ifconfig_em0_netb_alias0=3D"inet vhid 4 advskew 10 pass xx alias > > 10.209.1.254/32" > > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > > >=20 > =E2=80=8BThis is the setup we used (snipped for brevity): >=20 > # em2 is the 3rd NIC port from the top of the quad-port NIC > ifconfig_em2=3D"up" > vlans_em2=3D"vlan110 vlan2000 vlan1000 vlan1010 vlan1110" >=20 > create_args_vlan1000=3D"vlan 1000" > ifconfig_vlan1000=3D"vhid 9 pass nxsp4ss > =E2=80=8B1=E2=80=8B > advskew 128 10.1.0.1/16" >=20 > create_args_vlan2000=3D"vlan 2000" > ifconfig_vlan2000=3D"vhid 20 pass nxsp4ss2 advskew 128 12.24.13.97/27" >=20 > create_args_vlan1010=3D"vlan 1010" > ifconfig_vlan1010=3D"vhid 21 pass nxsp4ss > =E2=80=8B3 > advskew 128 12.24.12.129/26" >=20 > create_args_vlan1110=3D"vlan 1110" > ifconfig_vlan1110=3D"vhid 11 pass nxsp4ss > =E2=80=8B4 > advskew 128 12.24.10.1/26" >=20 > =E2=80=8Bem2 had no IPs associated with it, it was just the physical inte= rface that > the vlans and carp traffic went over. We also only had a single subnet p= er > vlan, so only a single IP per carp instance on each vlan. But you can do > multiples using the alias syntax like you have.=E2=80=8B excellent, this is exactly what I need, thanks! >=20 > --=20 > Freddie Cash > fjwcash@gmail.com --=20 Julien Cigar Belgian Biodiversity Platform (http://www.biodiversity.be) PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0 No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced. --EUwkhXZbCcD53YNR Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7vn2l0to0nV7EWolsrs3EKIEI8AFAli1OtQACgkQsrs3EKIE I8DoTxAAsPt/6DEPaXy+JevrWCZImudJbhRYyt3hV8pEuGoNpmrKdmgCoD9o71na k91uBmUQflognd468V/PkqKWmwM7RSr9vC/jiTi2FzRYLZ2EHMRMT+LKDhHRGhYB aAoSJ+EHjxDPyh3pYfb+w6zlW164tKngyCYL975t+oZu6PvFr00P3bgvZ/c/5g36 1CTALaowUdUIiOLbMd35W9UfEUXBf0NsN9I94J4Yvl5zcD3WAP4DSDUIeCwHkFv6 sMAHwDtMKwLYpj7Nqjk/w6i9i3UMVGmq1/CQwssCveOGDk7/auItRUAoK2jVbHCZ +lmvH5cx30HrobjL7S0pvg09t/T/OZIC9HOmLZWpO4E2i2CnBxyiGQTaMvKXm3eF CXDtLuKNZi+iZkvGANrbCXQMXdhF1RlDIu3Y0gUiUs5qN3Ou5F/YOKK/dDIcPtYm S6KP2Uobjg1DeBzcjrP8tdvwGLHRiqDkEicZvhhtEwkUFLLrmdMvlqNUl0yJTEDY ykCSMWYHKhf67MIivOA3BvsO/3s1ndq0drbKq3S+qkqTEFae1iO1cX+hNUP0dMuO 9FHQD0D8wGyFQpcFtWc2qm4P9xVPTRr8hTAchlKn44gVdICyMqiZBOfY4l78WouV eofVHdvOLcHah1iykVBxkBnYG2y2tZwU+TBGy+hFnBLHftZPSLo= =tBfI -----END PGP SIGNATURE----- --EUwkhXZbCcD53YNR--