From owner-freebsd-net@FreeBSD.ORG Wed Jan 11 12:58:50 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34EA016A420 for ; Wed, 11 Jan 2006 12:58:50 +0000 (GMT) (envelope-from sschwerdhoefer@multamedio.de) Received: from imap.multamedio.de (imap.multamedio.de [62.52.48.122]) by mx1.FreeBSD.org (Postfix) with ESMTP id A08E143D55 for ; Wed, 11 Jan 2006 12:58:49 +0000 (GMT) (envelope-from sschwerdhoefer@multamedio.de) Received: by imap.multamedio.de (Postfix, from userid 65534) id 4D71D28E307; Wed, 11 Jan 2006 13:58:47 +0100 (CET) Received: from amalthea (124.net2.multamedio.de [62.52.48.124]) by imap.multamedio.de (Postfix) with ESMTP id C5BEC28BEC0; Wed, 11 Jan 2006 13:58:45 +0100 (CET) Date: Wed, 11 Jan 2006 13:53:54 +0100 From: Sebastian Schwerdhoefer To: freebsd-net@freebsd.org Message-ID: <20060111125354.GE9151@localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: mutt X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on imap.multamedio.de X-Spam-Level: X-Spam-Status: No, hits=-4.7 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 Subject: Router with CARP: reproducible deadlock X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 12:58:50 -0000 Hello, My dream is to build a redundant router using carp. I build test environments, one with FreeBSD 6.0, another one using pfsense and I also tried OpenBSD 3.8. However in every environment I'm getting into a deadlock situation with the following steps: 1st: Set up "router1" with 2 NICs connection the networks "net1" and "net2". This machine is cloned to "router2", where we adjust the IP addresses on both physical Interfaces. Set up carp on both machines (carp0 is 192.168.0.240 and connected to net1, carp1 is 172.16.16.240 and connected to net2). Of course, execute 'sysctl -w net.inet.carp.allow=1; sysctl -w net.inet.carp.preempt=1' and connect "router2" in parallel to "router1". 2nd: Start up carp on both machines, which leads to router1 beeing MASTER with both carp interfaces and Router2 beeing BACKUP with both. Perfect for now. 3rd: Unplug router1's patch cable to net1. As router1 does not see any more advertisments from router2 at net1, router1's carp0 stays in MASTER mode. 4th: router2 doesn't see any more advertisments from router1 at net1 as well ('cause the cable is disconnected!). So router2's carp0 becomes MASTER. Even though net.inet.carp.preempt is set, router2's carp1 stays in BACKUP mode. 5th: Now we have the catastrophic situation: router1 carp0 (net1) is in MASTER mode (cable unplugged!) carp1 (net2) is in MASTER mode router2 carp0 (net1) is in MASTER mode carp1 (net2) is in BACKUP mode As you can see, packets that should be routed will be lost. I'm asking myself, if anybody uses carp based routers in production environment? If this is the normal behaviour, you should not! But I hope, that I misunderstood the carp documentation and someone will enlighten me :-) Any suggestions? Regards, Sebastian Schwerdhoefer