From owner-freebsd-net@freebsd.org Fri Aug 28 14:52:18 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E35A03B3D80 for ; Fri, 28 Aug 2020 14:52:18 +0000 (UTC) (envelope-from SRS0=32wW=CG=perdition.city=julien@bebif.be) Received: from orval.bbpf.belspo.be (orval.bbpf.belspo.be [193.191.208.90]) by mx1.freebsd.org (Postfix) with ESMTP id 4BdMyB1R0nz4gFB for ; Fri, 28 Aug 2020 14:52:17 +0000 (UTC) (envelope-from SRS0=32wW=CG=perdition.city=julien@bebif.be) Received: from x1 (77.109.123.220.adsl.dyn.edpnet.net [77.109.123.220]) by orval.bbpf.belspo.be (Postfix) with ESMTPSA id 597EB1D4FC26 for ; Fri, 28 Aug 2020 16:52:11 +0200 (CEST) Date: Fri, 28 Aug 2020 16:52:01 +0200 From: Julien Cigar To: freebsd-net@freebsd.org Subject: CARP over VLAN over LAGG Message-ID: <20200828145201.ezo6zbatmdmcgvzp@x1> Mail-Followup-To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Rspamd-Queue-Id: 4BdMyB1R0nz4gFB X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of SRS0=32wW=CG=perdition.city=julien@bebif.be designates 193.191.208.90 as permitted sender) smtp.mailfrom=SRS0=32wW=CG=perdition.city=julien@bebif.be X-Spamd-Result: default: False [0.01 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.11)[-0.112]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_HAM_SHORT(-0.54)[-0.544]; NEURAL_SPAM_LONG(0.06)[0.061]; DMARC_NA(0.00)[perdition.city]; FORGED_SENDER(0.30)[julien@perdition.city,SRS0=32wW=CG=perdition.city=julien@bebif.be]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[77.109.123.220:received]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:2611, ipnet:193.191.192.0/19, country:BE]; FROM_NEQ_ENVFROM(0.00)[julien@perdition.city,SRS0=32wW=CG=perdition.city=julien@bebif.be]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Aug 2020 14:52:18 -0000 Hello, I have a "highly available" router/firewall with the following configuration (1). Those are plugged in two 2930F (with VSF) using LACP. It works well, except that I have some weird issues with the CARP demotion counter when I'm unplugging some interfaces involved in the lagg/carp setup, for example if I unplug/replug igb0 and igb1 in this case: (dmesg): igb0: link state changed to DOWN igb1: link state changed to DOWN carp: demoted by 240 to 240 (send error 50 on vlan11) carp: 11@vlan11: MASTER -> BACKUP (more frequent advertisement received) vlan11: deletion failed: 3 igb1: link state changed to UP igb0: link state changed to UP then the CARP status stays to BACKUP unless I demote the CARP demotion counter manually with: sudo sysctl net.inet.carp.demotion=-240: (dmesg): carp: demoted by -240 to 0 (sysctl) carp: 11@vlan11: BACKUP -> MASTER (preempting a slower master) I guess this is because it takes some time for lagg/lacp to converge and thus carp thinks that there is a problematic condition as it experiences problems with sending announcements.. What it the best way to handle this? Thanks, Julien (1) https://gist.github.com/silenius/577606b596ff1d220bbfd9956d05baef -- Julien Cigar Belgian Biodiversity Platform (http://www.biodiversity.be) PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0 No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced.