From owner-svn-src-all@FreeBSD.ORG Fri Dec 16 17:08:18 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1E2B106564A; Fri, 16 Dec 2011 17:08:18 +0000 (UTC) (envelope-from minimarmot@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id 266D78FC17; Fri, 16 Dec 2011 17:08:17 +0000 (UTC) Received: by ghrr19 with SMTP id r19so3508256ghr.13 for ; Fri, 16 Dec 2011 09:08:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NhsdEhdlgSSt3vJG6DcQCCrW2j2+1nl/q9OmQqugI4A=; b=Wvtp710jSAfnxsuHq/+6C09GbjL3ZqaYXgMyxZZrFFA7PyfAYtitXhhNf8J5k5H2IC jwmJp/eHQE333+z1KBJs08xq5xT11zfBbaqiXIDbV7eZKe3Amr7501cTW9faNmERh0g9 jUgj1rA7YLA8/hMyS67gJfsTMU9mojHpbVJ5Y= MIME-Version: 1.0 Received: by 10.101.92.12 with SMTP id u12mr4047035anl.7.1324055297264; Fri, 16 Dec 2011 09:08:17 -0800 (PST) Received: by 10.236.110.40 with HTTP; Fri, 16 Dec 2011 09:08:17 -0800 (PST) In-Reply-To: <201112161216.pBGCGu8B006328@svn.freebsd.org> References: <201112161216.pBGCGu8B006328@svn.freebsd.org> Date: Fri, 16 Dec 2011 12:08:17 -0500 Message-ID: From: Ben Kaduk To: Gleb Smirnoff Content-Type: text/plain; charset=ISO-8859-1 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r228571 - in head: . lib/libc/net sbin/ifconfig share/man/man4 sys/net sys/netinet sys/netinet6 sys/sys X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Dec 2011 17:08:18 -0000 On 12/16/11, Gleb Smirnoff wrote: > Author: glebius > Date: Fri Dec 16 12:16:56 2011 > New Revision: 228571 > URL: http://svn.freebsd.org/changeset/base/228571 > > Log: > A major overhaul of the CARP implementation. The ip_carp.c was started > from scratch, copying needed functionality from the old implemenation > on demand, with a thorough review of all code. The main change is that > interface layer has been removed from the CARP. Now redundant addresses > are configured exactly on the interfaces, they run on. > > The CARP configuration itself is, as before, configured and read via > SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or > SIOCAIFADDR_IN6 may now be configured to a particular virtual host id, > which makes the prefix redundant. > > ifconfig(8) semantics has been changed too: now one doesn't need > to clone carpXX interface, he/she should directly configure a vhid > on a Ethernet interface. > > To supply vhid data from the kernel to an application the getifaddrs(8) > function had been changed to pass ifam_data with each address. [1] > > The new implementation definitely closes all PRs related to carp(4) > being an interface, and may close several others. It also allows > to run a single redundant IP per interface. > > Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for > idea on using ifam_data and for several rounds of reviewing! > > PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448 > Reviewed by: bz > Submitted by: bz [1] > > Modified: > head/UPDATING > head/lib/libc/net/getifaddrs.c > head/sbin/ifconfig/af_inet.c > head/sbin/ifconfig/af_inet6.c > head/sbin/ifconfig/ifcarp.c > head/sbin/ifconfig/ifconfig.8 > head/sbin/ifconfig/ifconfig.c > head/sbin/ifconfig/ifconfig.h > head/share/man/man4/carp.4 > head/sys/net/if.c > head/sys/net/if.h > head/sys/net/if_ethersubr.c > head/sys/net/if_types.h > head/sys/net/if_var.h > head/sys/net/rtsock.c > head/sys/netinet/if_ether.c > head/sys/netinet/if_ether.h > head/sys/netinet/in.c > head/sys/netinet/in_var.h > head/sys/netinet/ip_carp.c > head/sys/netinet/ip_carp.h > head/sys/netinet6/in6.c > head/sys/netinet6/in6_ifattach.c > head/sys/netinet6/in6_var.h > head/sys/netinet6/nd6.c > head/sys/netinet6/nd6_nbr.c > head/sys/sys/param.h > > Modified: head/UPDATING > ============================================================================== ============================== > --- head/share/man/man4/carp.4 Fri Dec 16 11:52:33 2011 (r228570) > +++ head/share/man/man4/carp.4 Fri Dec 16 12:16:56 2011 (r228571) > @@ -1,6 +1,7 @@ > .\" $OpenBSD: carp.4,v 1.16 2004/12/07 23:41:35 jmc Exp $ > .\" > .\" Copyright (c) 2003, Ryan McBride. All rights reserved. > +.\" Copyright (c) 2011, Gleb Smirnoff > .\" > .\" Redistribution and use in source and binary forms, with or without > .\" modification, are permitted provided that the following conditions > @@ -138,36 +131,36 @@ Value of 0 means that preemption is not > problems are detected. > Every problem increments suppression counter. > .El > -.Sh ARP level load balancing > -The > -.Nm > -has limited abilities for load balancing the incoming connections > -between hosts in Ethernet network. > -For load balancing operation, one needs several CARP interfaces that > -are configured to the same IP address, but to a different VHIDs. > -Once an ARP request is received, the CARP protocol will use a hashing > -function against the source IP address in the ARP request to determine > -which VHID should this request belong to. > -If the corresponding CARP interface is in master state, the ARP request > -will be replied, otherwise it will be ignored. > -See the > -.Sx EXAMPLES > -section for a practical example of load balancing. > -.Pp > -The ARP load balancing has some limitations. > -First, ARP balancing only works on the local network segment. > -It cannot balance traffic that crosses a router, because the > -router itself will always be balanced to the same virtual host. > -Second, ARP load balancing can lead to asymmetric routing > -of incoming and outgoing traffic, and thus combining it with > -.Xr pfsync 4 > -is dangerous, because this creates a race condition between > -balanced routers and a host they are serving. > -Imagine an incoming packet creating state on the first router, being > -forwarded to its destination, and destination replying faster > -than the state information is packed and synced with the second router. > -If the reply would be load balanced to second router, it will be > -dropped due to no state. > +.\".Sh ARP level load balancing > +.\"The > +.\".Nm > +.\"has limited abilities for load balancing the incoming connections > +.\"between hosts in Ethernet network. > +.\"For load balancing operation, one needs several CARP interfaces that > +.\"are configured to the same IP address, but to a different vhids. > +.\"Once an ARP request is received, the CARP protocol will use a hashing > +.\"function against the source IP address in the ARP request to determine > +.\"which vhid should this request belong to. > +.\"If the corresponding CARP interface is in master state, the ARP request > +.\"will be replied, otherwise it will be ignored. > +.\"See the > +.\".Sx EXAMPLES > +.\"section for a practical example of load balancing. > +.\".Pp > +.\"The ARP load balancing has some limitations. > +.\"First, ARP balancing only works on the local network segment. > +.\"It cannot balance traffic that crosses a router, because the > +.\"router itself will always be balanced to the same virtual host. > +.\"Second, ARP load balancing can lead to asymmetric routing > +.\"of incoming and outgoing traffic, and thus combining it with > +.\".Xr pfsync 4 > +.\"is dangerous, because this creates a race condition between > +.\"balanced routers and a host they are serving. > +.\"Imagine an incoming packet creating state on the first router, being > +.\"forwarded to its destination, and destination replying faster > +.\"than the state information is packed and synced with the second router. > +.\"If the reply would be load balanced to second router, it will be > +.\"dropped due to no state. > .Sh STATE CHANGE NOTIFICATIONS > Sometimes it is useful to get notified about > .Nm Hi Gleb, Perhaps the man page portions that were commented out should just be removed entirely? -Ben Kaduk