Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 31 Aug 2020 13:55:52 +0200
From:      Michael Gmelin <freebsd@grem.de>
To:        Julien Cigar <julien@perdition.city>
Cc:        freebsd-net@freebsd.org
Subject:   Re: CARP over VLAN over LAGG
Message-ID:  <8A98D287-4202-493B-8515-4377740B126A@grem.de>
In-Reply-To: <20200831083705.pvrjk4srdohlxklf@x1>
References:  <20200831083705.pvrjk4srdohlxklf@x1>
next in thread | previous in thread | raw e-mail | index | archive | help 


> On 31. Aug 2020, at 10:37, Julien Cigar <julien@perdition.city> wrote:
>=20
> =EF=BB=BFOn Fri, Aug 28, 2020 at 04:52:01PM +0200, Julien Cigar wrote:
>> Hello,
>>=20
>> I have a "highly available" router/firewall with the following
>> configuration (1). Those are plugged in two 2930F (with VSF) using LACP.
>> It works well, except that I have some weird issues with the CARP=20
>> demotion counter when I'm unplugging some interfaces involved in the=20
>> lagg/carp setup, for example if I unplug/replug igb0 and igb1 in this=20
>> case:
>>=20
>> (dmesg):
>> igb0: link state changed to DOWN
>> igb1: link state changed to DOWN
>> carp: demoted by 240 to 240 (send error 50 on vlan11)
>> carp: 11@vlan11: MASTER -> BACKUP (more frequent advertisement received)
>> vlan11: deletion failed: 3
>> igb1: link state changed to UP
>> igb0: link state changed to UP
>>=20
>> then the CARP status stays to BACKUP unless I demote the CARP demotion
>> counter manually with: sudo sysctl net.inet.carp.demotion=3D-240:
>>=20
>> (dmesg):
>> carp: demoted by -240 to 0 (sysctl)
>> carp: 11@vlan11: BACKUP -> MASTER (preempting a slower master)
>>=20
>> I guess this is because it takes some time for lagg/lacp to converge and
>> thus carp thinks that there is a problematic condition as it experiences
>> problems with sending announcements..
>>=20
>> What it the best way to handle this?
>=20
> I'm wondering if setting net.inet.carp.senderr_demotion_factor to "0"
> could be a solution? Are there any downsides of setting this to "0"
> instead of "240"?
>=20

Sharing your pf.conf from both hosts could be helpful analyzing the issue.

-m

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8A98D287-4202-493B-8515-4377740B126A>