Date: Tue, 04 Dec 2012 13:17:19 -0600 From: dweimer <dweimer@dweimer.net> To: Damien Fleuriot <ml@my.gd> Cc: freebsd-questions@freebsd.org Subject: Re: CARP within VirtualBox Does it =?UTF-8?Q?work=3F?= Message-ID: <316715d0c46c4e5f5eb92a3b6c084f55@dweimer.net> In-Reply-To: <CAE63ME7xj8d4VSs4mDckXNkXvjGe4tXHYKrVh62QxeZu19=koA@mail.gmail.com> References: <737f4b1c8bff13850af119f917ed811c@dweimer.net> <9232DDFC-F40B-4914-A92D-3B5D9C1ECE5F@my.gd> <a36ea7e237eb291f7fabf7daa7c3f8ab@dweimer.net> <c16202554b7da41ef738dc7fadf56a69@dweimer.net> <CAE63ME7xj8d4VSs4mDckXNkXvjGe4tXHYKrVh62QxeZu19=koA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2012-12-01 03:14, Damien Fleuriot wrote:
> On 30 November 2012 20:44, dweimer <dweimer@dweimer.net> wrote:
>> On 2012-11-29 14:07, dweimer wrote:
>>>
>>> On 2012-11-29 12:53, Fleuriot Damien wrote:
>>>>
>>>> On Nov 29, 2012, at 6:43 PM, dweimer <dweimer@dweimer.net> wrote:
>>>>
>>>>> I was trying to setup a test of CARP on two virtual machines
>>>>> running in
>>>>> VirtualBox 4.2.4r81684 I am not sure if I have something wrong
>>>>> with my CARP
>>>>> configuration or if VirtualBox just doesn't work right with it.
>>>>> I can only
>>>>> ping the CARP interface IP address from the machine listed as
>>>>> MASTER, if I
>>>>> do an ifconfig carp0 down on the MASTER the other machine
>>>>> correctly switches
>>>>> form BACKUP to MASTER and then I can ping the interface from it
>>>>> but not from
>>>>> the Original system.
>>>>>
>>>>> The VirtualBox systems are both using bridged networking, and the
>>>>> host
>>>>> cannot ping the carp0 IP address but can ping the interface IP
>>>>> address.
>>>>>
>>>>> Before I go through more trouble shooting, does anyone know if
>>>>> CARP
>>>>> doesn't work with VirtualBox?
>>>>>
>>>>> carp configuration
>>>>> Machine1:
>>>>> ifconfig_em0="UP"
>>>>> ifconfig_em0_name="LAN"
>>>>> ipv4_addrs_LAN="10.20.190.201/16"
>>>>> defaultrouter="10.20.111.2"
>>>>> cloned_interfaces="carp0"
>>>>> ifconfig_carp0="vhid 1 advskew 100 pass ReduntantCarpTest
>>>>> 10.20.190.203/16
>>>>>
>>>>> ifconfig carp0:
>>>>> carp0 flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
>>>>> inet 10.20.190.203 netmask 0xffff0000
>>>>> nd6 options=29<PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>>>>> carp: MASTER vhid 1 advbase 1 advskew 100
>>>>>
>>>>>
>>>>> Machine2:
>>>>> ifconfig_em0="UP"
>>>>> ifconfig_em0_name="LAN"
>>>>> ipv4_addrs_LAN="10.20.190.202/16"
>>>>> defaultrouter="10.20.111.2"
>>>>> cloned_interfaces="carp0"
>>>>> ifconfig_carp0="vhid 1 pass ReduntantCarpTest 10.20.190.203/16
>>>>>
>>>>> ifconfig carp0:
>>>>> carp0 flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
>>>>> inet 10.20.190.203 netmask 0xffff0000
>>>>> nd6 options=29<PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>>>>> carp: BACKUP vhid 1 advbase 1 advskew 0
>>>>>
>>>>> FreeBSD version is 9.1RC3 on both test machines.
>>>>
>>>>
>>>>
>>>>
>>>> We're using FreeBSD and CARP in virtualized environments at work,
>>>> albeit not on VirtualBox but on Proxmox/KVM.
>>>>
>>>> First, I would advise replacing 10.20.190.203/16 with
>>>> 10.20.190.203/32
>>>>
>>>>
>>>> I notice your carp0 is MASTER on machine1 with an advskew of 100
>>>> vs
>>>> machine 2 advskew 0, same advbase.
>>>> Confirm this is *after* you've set carp0 down on machine2.
>>>>
>>>> If both carps are up and machine1 with advskew 100 beats machine2
>>>> with advskew 0, you have an additional problem.
>>>>
>>>>
>>>> See if you have any more luck with the /32 address on carp0
>>>> anyway.
>>>
>>>
>>> The documentation shows the mask matching that of the interface:
>>> hostname="hostb.example.org"
>>> ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0"
>>> cloned_interfaces="carp0"
>>> ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24"
>>>
>>> This is consistent with the man page for CARP on the system as
>>> well.
>>> Regardless I tried with the /32 and had the same result as I did
>>> with
>>> the /16. I had done various UP/DOWN on interfaces so the current
>>> MASTER was just the last one to have not been DOWN. I think I
>>> might
>>> just copy these VMs to my VMWARE Workstation 9 install on my home
>>> PC
>>> after work tonight and see if the problem persists.
>>
>>
>> The behavior definitely changed going from VirtualBox to VMWare, the
>> only
>> change in my configuration was the IP addresses to match the home
>> network.
>> However now I can talk to the carp interface form other machines,
>> but they
>> receive two response one from each of the test systems. TCPDUMP
>> shows that
>> they are each seeing the others broadcasts, but for some reason they
>> are
>> both running as MASTER. If you run a DOWN/UP on the interface, it
>> briefly
>> shows as BACKUP before switching to MASTER. I tried with both /24
>> subnet of
>> my home network, and setting the carp0 interface to /32, both
>> behaved the
>> same. Any one have any other ideas, as to whether this comes down
>> to a
>> Virtual Network Issue, or a setup issue on my part.
>>
>
>
> Well, it definitely works here for us on Proxmox/KVM.
>
> When you tcpdump on your either host, do you see the CARP
> advertisements from the other ?
>
>
> FInd below the advertisements as seen from our CARP backup firewall:
> $ sudo tcpdump -ni vlan14 vrrp
> tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode
> listening on vlan14, link-type EN10MB (Ethernet), capture size 96
> bytes
> 10:11:09.084568 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2,
> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36
> 10:11:10.282826 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2,
> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36
> 10:11:11.481075 IP 195.158.240.[snip] > 224.0.0.18: VRRPv2,
> Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36
Proabbly should have been more clear early when I mentioned I could see
the others broadcasts, this is what I menat, yes they do see the others
advertisements. It most definitely was virtual network related, found
some information on the pfSense wiki that directed me to the advanced
settings on the ethernet adapters within the VirtualBox network settings
on the virtual machines. Promiscuous mode was set to Deny, change this
to Enable All, problem solved on VirtualBox, CARP is now working as
intended. Still haven't figured out a fix for the issue I discovered
in VMware, found a lot of things about changing adapters permissions on
Linux hosts to allow promiscuous mode, and suspect it is a permissions
issue with the Windows 7 host, but I haven't found out how to fix it
yet. However I now know my configuration works and its not a FreeBSD
issue.
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?316715d0c46c4e5f5eb92a3b6c084f55>