From owner-freebsd-net@FreeBSD.ORG Mon Mar 19 19:34:12 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E84AC106564A for ; Mon, 19 Mar 2012 19:34:12 +0000 (UTC) (envelope-from sol289@gmail.com) Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id BB4A78FC12 for ; Mon, 19 Mar 2012 19:34:12 +0000 (UTC) Received: by pbcwz17 with SMTP id wz17so1440592pbc.13 for ; Mon, 19 Mar 2012 12:34:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=s/ajVh6HPvDYLMinZ0SphJLoXukbnhlai+rMbfFQCW0=; b=esnJj9mF6z3qUa1huq7YScrHChYBflg01cAy1BtizquH9OVRKV4ncMisSni8+HReXT bwCuHYcJgZvWpPJ+Q0Ix6/cp/3z8viq2Rlm1ukQ5i2W7ePvUvDPb6P0vk2FSlKviX86f Zqz46BfLN/MGtHQlmnMlQ4qmr0lnfWMEbik5k2qdUtAbZ1nha1wJ7gEgfYkNe2aG0Akk Lv82woX5L2QoVi5ZtvIvmUQxkpDps/hmwQUz0xvirwFcj9yrHv/gPTaVtNrtcee1wIKb s4eFfOcOfizDpBpldvpGCwShAR8ExYITYju4H8E1vYQuaRGx0UIjXeRPZUcV/XMTdegU UOPQ== Received: by 10.68.134.168 with SMTP id pl8mr28438382pbb.16.1332185645930; Mon, 19 Mar 2012 12:34:05 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.74.137 with HTTP; Mon, 19 Mar 2012 12:33:45 -0700 (PDT) In-Reply-To: References: <4F630D23.2070509@netfence.it> From: Alexander Lunev Date: Mon, 19 Mar 2012 23:33:45 +0400 Message-ID: To: Freddie Cash Content-Type: text/plain; charset=UTF-8 Cc: freebsd-net@freebsd.org Subject: Re: LAGG and CARP troubles X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 19:34:13 -0000 On Fri, Mar 16, 2012 at 7:42 PM, Freddie Cash wrote: > If you're adventurous, could you upgrade a test box to 10-CURRENT and > try the new CARP code? Ok, i've set up a distributed network: 10-C1 === internet === 8.2-R === internet === 10-C2 10-C1 and 10-C2 is 10-CURRENT on vmware running on different machines and located in different networks, they are openvpn clients, which connects to real server 8.2-R through internet, and none of them can see other on data link level. 10-C1 differs from 10-C2 only in MAC addresses and in em0 configuration, which is interface for connecting to internet. There are no firewalls on 10-C, just the network interface, openvpn, bridge and carp. ifconfig for 10-C (skipping em0 lo0 plip0): # ifconfig em1: flags=8943 metric 0 mtu 1500 options=98 ether 00:0c:29:91:9d:ea inet 10.100.100.100 netmask 0xffffff00 broadcast 10.100.100.255 vhid 1 nd6 options=29 media: Ethernet autoselect (1000baseT ) status: active carp: MASTER vhid 1 advbase 1 advskew 0 tap0: flags=8943 metric 0 mtu 1500 options=80000 ether 00:bd:4e:4d:00:00 nd6 options=29 Opened by PID 1166 bridge0: flags=8843 metric 0 mtu 1500 ether 02:d7:b7:da:d6:00 inet 10.80.90.6 netmask 0xffffff00 broadcast 10.80.90.255 nd6 options=21 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: em1 flags=143 ifmaxaddr 0 port 3 priority 128 path cost 20000 member: tap0 flags=143 ifmaxaddr 0 port 7 priority 128 path cost 2000000 CARP configured by same command on both 10-C1 and 10-C2 with advskew 100 parameter on one of them: 10-C1# ifconfig em1 vhid 1 pass pppp 10.100.100.100/24 10-C2# ifconfig em1 vhid 1 advskew 100 pass pppp 10.100.100.100/24 After configuring CARP i see advertisings on bridge0 interface of 8.2-R from both 10-C, i see advertisings from 10-C1 on bridge0 interface of 10-C2 and vice versa, and i see advertisings on em1 interfaces of 10-C1 and 10-C2 from both 10-C: # tcpdump -ne -i em1 net 10.100.100 22:06:14.660011 00:0c:29:cc:fa:84 > 01:00:5e:00:00:12, ethertype IPv4 (0x0800), length 70: 10.100.100.100 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0, authtype none, intvl 1s, length 36 22:06:14.769632 00:0c:29:91:9d:ea > 01:00:5e:00:00:12, ethertype IPv4 (0x0800), length 70: 10.100.100.100 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0, authtype none, intvl 1s, length 36 ^C I see same strings in /var/log/messages of 10-C1 and 10-C2 Mar 19 21:08:50 home kernel: carp: VHID 1@em1: INIT -> BACKUP Mar 19 21:08:53 home kernel: carp: VHID 1@em1: BACKUP -> MASTER (master down) So, result is basically the same as in my old post here: i see CARP messages on both ends on interfaces but CARPs doesn't see them. BUT HERE'S THE NEWS: # netstat -s -p carp carp: 3164 packets received (IPv4) 0 packets received (IPv6) 0 packets discarded for wrong TTL 0 packets shorter than header 0 discarded for bad checksums 0 discarded packets with a bad version 0 discarded because packet too short 0 discarded for bad authentication > 3164 discarded for bad vhid 0 discarded because of a bad address list 1962 packets sent (IPv4) 0 packets sent (IPv6) 0 send failed due to mbuf memory error Though net.inet.carp.log = 2, i see no messages about bad packets. Why CARP thinks that vhid are bad? Can i debug CARP on 10-C? -- your sweet isn't ready yet