Date: Sun, 20 Apr 2003 18:50:25 +0200 From: "Pawel Worach" <pawel.worach@telia.com> To: <spe@bsdfr.org> Cc: ports@FreeBSD.org Subject: FreeBSD Port: freevrrpd-0.8.6 Message-ID: <001f01c3075c$f176db70$1401a8c0@corona>
next in thread | raw e-mail | index | archive | help
Hi! Running freevrrpd 0.8.6 on 4.8-release floods the syslog with (according to me) invalid messages. The freebsd vrrp box pair is in a DMZ with Nokia IPSO Firewalls that also use vrrp for reduncancy. My guess is that freevrrpd doesn't like seeing the vrrp traffic from the firewalls and floods syslog with this: Apr 20 18:34:45 fwnatb freevrrpd[199]: checksum of vrrp packet is invalid. Packet is discarded ! Apr 20 18:35:16 fwnatb last message repeated 62 times Apr 20 18:37:17 fwnatb last message repeated 242 times <and this goes on and on for ever> Traffic on the subnet looks like this: (freebsd box is fwnatb, the other two are the IPSO firewalls) 18:43:23.316151 fwnatb > 224.0.0.18: VRRPv2-advertisement 28: vrid=70 prio=254 authtype=none intvl=1 18:43:23.439140 fw1 > 224.0.0.18: VRRPv2-advertisement 20: vrid=65 prio=150 authtype=none intvl=1 [tos 0xc0] 18:43:24.315074 fw2 > 224.0.0.18: VRRPv2-advertisement 8: vrid=94 prio=100 authtype=none intvl=1 [tos 0xc0] 18:43:24.315852 fwnatb > 224.0.0.18: VRRPv2-advertisement 28: vrid=70 prio=254 authtype=none intvl=1 18:43:24.439129 fw1 > 224.0.0.18: VRRPv2-advertisement 20: vrid=65 prio=150 authtype=none intvl=1 [tos 0xc0] 18:43:25.315096 fw2 > 224.0.0.18: VRRPv2-advertisement 8: vrid=94 prio=100 authtype=none intvl=1 [tos 0xc0] I have no idea why freevrrpd even cares about the packets that are using a vrid that's not even in freevrrpd's configuration. Any ideas how to make this madness stop? Regards Pawel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001f01c3075c$f176db70$1401a8c0>