From owner-freebsd-pf@FreeBSD.ORG  Tue Jul 12 15:06:24 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D8F3F16A41F
	for <freebsd-pf@freebsd.org>; Tue, 12 Jul 2005 15:06:24 +0000 (GMT)
	(envelope-from kl@vsen.dk)
Received: from www.EnableIT.dk (r2d2.enableit.dk [195.35.83.82])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E453043D48
	for <freebsd-pf@freebsd.org>; Tue, 12 Jul 2005 15:06:23 +0000 (GMT)
	(envelope-from kl@vsen.dk)
Received: from localhost (localhost [127.0.0.1])
	by www.EnableIT.dk (Postfix) with ESMTP id E8F6F5FC89
	for <freebsd-pf@freebsd.org>; Fri,  8 Jul 2005 13:54:40 +0200 (CEST)
Received: from [192.168.10.51] (gw02.telmore.dk [62.242.232.132])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by www.EnableIT.dk (Postfix) with ESMTP id CEBEB49F1
	for <freebsd-pf@freebsd.org>; Fri,  8 Jul 2005 13:54:39 +0200 (CEST)
Message-ID: <42CE6866.2030805@vsen.dk>
Date: Fri, 08 Jul 2005 13:49:58 +0200
From: Klavs Klavsen <kl@vsen.dk>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050329)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
X-Enigmail-Version: 0.90.2.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: amavisd-new at EnableIT.dk
Subject: CARP bug?
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2005 15:06:25 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi guys,

I'm testing CARP in a vmware setup, and I have found a small problem.

I need CARP to "protect" 3 addresses on the same interface (3 diff.
https sites) which are rdr'ed to backend local IPs.

I tried putting an alias on my carp0 interface, but then it just stopped
answering at all.

I then figured, I needed a carp interface for each address, but when I
do that, it doesn't automatically up the second interface.. when I
reboot, it looks like this:

carp0: flags=41<UP,RUNNING> mtu 1500
        inet 192.168.11.208 netmask 0xffff0000
        carp: MASTER vhid 1 advbase 1 advskew 100
carp1: flags=41<UP,RUNNING> mtu 1500
        inet 10.0.0.1 netmask 0xffffff00
        carp: MASTER vhid 2 advbase 1 advskew 100
carp2: flags=41<UP,RUNNING> mtu 1500
        inet 172.16.1.8 netmask 0xffffff00
        carp: MASTER vhid 3 advbase 1 advskew 100
carp3: flags=0<> mtu 1500
        inet 192.168.11.210 netmask 0xffff0000
        carp: INIT vhid 4 advbase 1 advskew 100

I also tried setting carp0 and carp3 (which are on the same real
interface) to a netmask of 255.255.255.255 - but it made no difference).

It works, if I then manually up carp3, but I'm ofcourse not happy that I
need to do that.

Also - why is aliases allowed, if it just makes the interface not
respond at all?

Thank you for an otherwise great piece of software :)

- --
Regards,
Klavs Klavsen, GSEC - kl@vsen.dk - http://www.vsen.dk
PGP: 7E063C62/2873 188C 968E 600D D8F8  B8DA 3D3A 0B79 7E06 3C62

"Those who do not understand Unix are condemned to reinvent it, poorly."
  --Henry Spencer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCzmhmPToLeX4GPGIRAv58AJ9J1r9A86Dm0oeLdiGoc8zhRRkUjwCdG0e/
K2YPKtF3hsxhWqR58p+sNdc=
=nMA0
-----END PGP SIGNATURE-----