From owner-freebsd-net@FreeBSD.ORG  Tue Jan 28 13:07:48 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id B359D243
 for <freebsd-net@freebsd.org>; Tue, 28 Jan 2014 13:07:48 +0000 (UTC)
Received: from mail2.dataoppdrag.no (mail2.dataoppdrag.no
 [IPv6:2a02:f58:7:2::2])
 by mx1.freebsd.org (Postfix) with ESMTP id 6E6F01ADA
 for <freebsd-net@freebsd.org>; Tue, 28 Jan 2014 13:07:48 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by mail2.dataoppdrag.no (Postfix) with ESMTP id A88004330A
 for <freebsd-net@freebsd.org>; Tue, 28 Jan 2014 14:07:39 +0100 (CET)
Received: from mail2.dataoppdrag.no ([127.0.0.1])
 by localhost (mail2.dataoppdrag.no [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id pS4AXgRqKAhE for <freebsd-net@freebsd.org>;
 Tue, 28 Jan 2014 14:07:39 +0100 (CET)
Received: from [172.20.10.252] (42-80-141-95.net.dataoppdrag.no [95.141.80.42])
 by mail2.dataoppdrag.no (Postfix) with ESMTP id 82B8F43307
 for <freebsd-net@freebsd.org>; Tue, 28 Jan 2014 14:07:39 +0100 (CET)
Message-ID: <52E7AB9B.5050707@dataoppdrag.no>
Date: Tue, 28 Jan 2014 14:07:39 +0100
From: Ole Myhre <ole@dataoppdrag.no>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Subject: carp and rtadvd
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 13:07:48 -0000

Hi,

I have a simple setup with two 10.0-RELEASE firewalls running carp, a
virtual IPv6 address and running rtadvd:

(applied to both firewalls)

# kldload carp
# ifconfig em2 inet6 2001:db8::1/64 vhid 1 up
# sysctl net.inet6.ip6.forwarding=1
# echo 'rtadvd_enable="YES"' >> /etc/rc.conf
# echo 'rtadvd_interfaces="em2"' >> /etc/rc.conf
# service rtadvd start

This works fine, one firewall is MASTER, the other BACKUP and the
clients behind em2 gets a prefix in the 2001:db8::/64 subnet. However
both firewalls are sending router advertisements (only one being MASTER)
with the LL-address of the physical em2 interface as the gateway. This
causes clients that supports multiple default gateways to select both
firewalls as their default gateway, and sending traffic to both the
MASTER and BACKUP firewall.

Is there a way to make only the MASTER send router advertisements or
(preferably only the MASTER) sending router advertisements with a
virtual LL-address?

Thanks,
Ole Myhre