From owner-freebsd-net@FreeBSD.ORG Tue Mar 4 23:25:51 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2ACC5106566C for ; Tue, 4 Mar 2008 23:25:51 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 0DB2D8FC17 for ; Tue, 4 Mar 2008 23:25:51 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 8BA5D1A000B17; Tue, 4 Mar 2008 15:25:50 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 049V5Hc8O0Tx; Tue, 4 Mar 2008 15:25:43 -0800 (PST) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id 21F111A000B06; Tue, 4 Mar 2008 15:25:43 -0800 (PST) From: Freddie Cash Organization: School District 73 To: "Max Laier" Date: Tue, 4 Mar 2008 15:25:41 -0800 User-Agent: KMail/1.9.7 References: <200803041351.46053.fjwcash@gmail.com> <36735.192.168.4.151.1204669226.squirrel@router> In-Reply-To: <36735.192.168.4.151.1204669226.squirrel@router> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803041525.42330.fjwcash@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Understanding the interplay of ipfw, vlan, and carp X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2008 23:25:51 -0000 On March 4, 2008 02:20 pm Max Laier wrote: > Am Di, 4.03.2008, 22:51, schrieb Freddie Cash: > ... > > > The lack of a "carpdev" option to directly link a carp device to an > > interface (similar to "vlandev" for vlan(4)) is what's really > > tripping me up. It appears the carp(4) driver looks at all the > > interfaces in the box to find one with an IP in the same subnet as > > the carp IP and then uses that as the physical device. > > You could try the attached patch. It adds carpdev support. You'll > have to recompile ifconfig to make use of it. > > This patch has some shortcomings that I wanted to address for a long > time now, but never found the time to do so. Mostly that IPv6 over > CARP is broken with this patch. Everything else is supposed to work > and I'd like to hear if you experience otherwise (success stories > welcome, too). This is from back in early January, but should apply to > RELENG_7 and HEAD w/o too much trouble. > > Any feedback appreciated! I'm in the process of upgrading a test box to RELENG_7_0. I'll see if I can get this patch to apply to that. The lack of IPv6 support won't affect us. Just to make sure I understand how it'll work: - bring up the physical device (ifconfig em1 up) - create the vlan device (ifconfig vlan100 create; ifconfig vlan100 ...) - create the carp device (ifconfig carp2 carpdev vlan100 ...) The physical device and the vlan device won't need IPs, just the carp device? Or will I still need to configure an IP/subnet on the vlan interface? Thanks for this, I'll let you know how it works out. -- Freddie Cash fjwcash@gmail.com