Date: Sat, 12 Feb 2022 12:53:43 +0100 From: Andrea Venturoli <ml@netfence.it> To: freebsd-net@freebsd.org Subject: Some strangeness with CARP Message-ID: <594e3d18-9645-3b3f-7a41-87c586fb93ad@netfence.it>
next in thread | raw e-mail | index | archive | help
Hello. I've set up a network with CARP and I think I'm seeing something strange. What follows is a simplified setup (the real one involves lagg and vlan, but this should not matter). I have a Zyxel managed switch, two "servers": - A 192.168.0.1 - B 192.168.0.2 and two "clients" - C 192.168.0.10 - D 192.168.0.11 Now let's add the "shared" CARP IP 192.168.0.3 (vhid 1) to server A and server B and start sniffing on C and D. If C or D talks with A or B using their own IP (192.168.0.1/192.168.0.2) the other client does not see that traffic (as is to be expected on a switched network). However if any client talks with the CARP IP (192.168.0.3) every node on the LAN can sniff that traffic! I tracked this down to the switch not learning the MAC address 00:00:5e:00:01:01 (which is what CARP vhid 1 uses), so every outgoing packet is broadcast to the whole network. Is this normal??? Changing to any other VHID (I tried 2, 4 and 10) does not show the same problem, as 00:00:5e:00:01:xx will show up in the switch MAC database. I'm scrapping my head trying to find an explanation, but so far I could only think the switch is misbehaving. Or am I missing some info and there's a reason for this? bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?594e3d18-9645-3b3f-7a41-87c586fb93ad>