From owner-freebsd-net@FreeBSD.ORG Tue Jan 28 13:18:59 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C751453F for ; Tue, 28 Jan 2014 13:18:59 +0000 (UTC) Received: from mail-pd0-x232.google.com (mail-pd0-x232.google.com [IPv6:2607:f8b0:400e:c02::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9D3221CA8 for ; Tue, 28 Jan 2014 13:18:59 +0000 (UTC) Received: by mail-pd0-f178.google.com with SMTP id y13so345466pdi.9 for ; Tue, 28 Jan 2014 05:18:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NppNPFbtAZaMNcuSlf8zVCmYHc78jXk09R1HsX3FnEM=; b=n0tQ+VlKn94saS80o1hM9IHXKOzg1jTEDbV9FhiBpJzhGTu8n7n4nBsiedCjRXZZqN ks2qW6aSZkTlxgkg0J53U+uh/YLOcBt2bt3rq08BhFa/dYn9w4dWbUOX6ZRmHVijct6k 2KDM4OZ5pBlAqA7HiHKClSHy6/bh38143yxiHumA2DAHwf0yNAkDAumFJrwWNUv+KK5D NHpIdP7Muk6jtQX8K9+fM804NGwYBA2cUP4ojr3U2PqK2znIrFR2wBsQgW+p8zEPcmpp UjdtoWdzYH4Ue0n6vGpFiqzmJOOJWDYpSTSj0tRp5duof2yBgdRLbUkUZYoF3GWRElvl 3gSQ== MIME-Version: 1.0 X-Received: by 10.66.221.199 with SMTP id qg7mr1530641pac.88.1390915139241; Tue, 28 Jan 2014 05:18:59 -0800 (PST) Sender: ermal.luci@gmail.com Received: by 10.70.46.42 with HTTP; Tue, 28 Jan 2014 05:18:59 -0800 (PST) In-Reply-To: <52E7AB9B.5050707@dataoppdrag.no> References: <52E7AB9B.5050707@dataoppdrag.no> Date: Tue, 28 Jan 2014 14:18:59 +0100 X-Google-Sender-Auth: ZJ4gFAQdDsvV9AUAKF9BCJTvfqE Message-ID: Subject: Re: carp and rtadvd From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Ole Myhre Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: freebsd-net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jan 2014 13:18:59 -0000 On Tue, Jan 28, 2014 at 2:07 PM, Ole Myhre wrote: > Hi, > > I have a simple setup with two 10.0-RELEASE firewalls running carp, a > virtual IPv6 address and running rtadvd: > > (applied to both firewalls) > > # kldload carp > # ifconfig em2 inet6 2001:db8::1/64 vhid 1 up > # sysctl net.inet6.ip6.forwarding=1 > # echo 'rtadvd_enable="YES"' >> /etc/rc.conf > # echo 'rtadvd_interfaces="em2"' >> /etc/rc.conf > # service rtadvd start > > This works fine, one firewall is MASTER, the other BACKUP and the > clients behind em2 gets a prefix in the 2001:db8::/64 subnet. However > both firewalls are sending router advertisements (only one being MASTER) > with the LL-address of the physical em2 interface as the gateway. This > causes clients that supports multiple default gateways to select both > firewalls as their default gateway, and sending traffic to both the > MASTER and BACKUP firewall. > > Is there a way to make only the MASTER send router advertisements or > (preferably only the MASTER) sending router advertisements with a > virtual LL-address? > > You have to use the rtadvd patched from pfSense. Look at our tools repo to get the code. > Thanks, > Ole Myhre > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Ermal