From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 14:35:08 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80DCE106567A for ; Thu, 19 Jun 2008 14:35:08 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [212.17.241.230]) by mx1.freebsd.org (Postfix) with ESMTP id CCD978FC0A for ; Thu, 19 Jun 2008 14:35:07 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.1/8.14.1) with ESMTP id m5JEZ5rk083456; Thu, 19 Jun 2008 16:35:05 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.1/8.14.1/Submit) id m5JEZ4xs083455; Thu, 19 Jun 2008 16:35:04 +0200 (CEST) (envelope-from olli) Date: Thu, 19 Jun 2008 16:35:04 +0200 (CEST) Message-Id: <200806191435.m5JEZ4xs083455@lurza.secnetix.de> From: Oliver Fromme To: freebsd-net@FreeBSD.ORG, peterjeremy@optushome.com.au In-Reply-To: <20080612191905.GK84454@server.vk2pj.dyndns.org> X-Newsgroups: list.freebsd-net User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.2-STABLE-20070808 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Thu, 19 Jun 2008 16:35:06 +0200 (CEST) Cc: Subject: Re: CARP + multiple addresses X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2008 14:35:08 -0000 Peter Jeremy wrote: > On 2008-Jun-12 17:26:25 +0200, Oliver Fromme wrote: > > So far it seems to work fine with CARP, but now it turned > > out that I need another address from a different subnet > > which also needs to access the database. What's the best > > way to do that? Add a second IP address to the existing > > carp interface, or create a new carp interface? Are there > > any pros and cons? > > I'm currently working towards something like this and intending to > have one CARP interface for each VLAN. What's the advantage of doing that, compared to putting all addresses on the same CARP interface? Meanwhile, in another thread on the -net list someone reported that there seems to be a bug when you put multiple VLANs on the same CARP inetrface. So that would be a good reason not to do it. > > And now I need to add an IP address from vlan202 which > > also needs to access the same database. I'm inclined to > > add 10.1.202.40/32 vhid 1 to the existing carp0 on both > > servers. I assume that the CARP interface goes to BACKUP > > when *any* of its IP addresses fail, right? Can anybody > > confirm this, please? > > My reading of the various documentation says that you are on the right > track but, by default, each CARP interface will fail over > independently. If you want them all to fail over together then you > should set net.inet.carp.preempt (see carp(4) and its first example) I've read it, but the problem is that I do not want the hosts to preempt each other. That's why I need to run with that sysctl off. However, if there are two CARP interfaces, and their VLANs are configured on the same physical interface (e.g. bge0), then they should always fail at the same time anyway, right? i.e. when bge0 goes down, both VLAN interfaces go down, so both CARP interfaces should switch to the other host. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "I have stopped reading Stephen King novels. Now I just read C code instead." -- Richard A. O'Keefe