From owner-freebsd-stable@FreeBSD.ORG Tue Jun 12 12:48:45 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 98360106566B for ; Tue, 12 Jun 2012 12:48:45 +0000 (UTC) (envelope-from petefrench@ingresso.co.uk) Received: from constantine.ingresso.co.uk (constantine.ingresso.co.uk [IPv6:2a02:b90:3002:e550::3]) by mx1.freebsd.org (Postfix) with ESMTP id 392078FC15 for ; Tue, 12 Jun 2012 12:48:45 +0000 (UTC) Received: from dilbert.london-internal.ingresso.co.uk ([10.64.50.6] helo=dilbert.ingresso.co.uk) by constantine.ingresso.co.uk with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76 (FreeBSD)) (envelope-from ) id 1SeQWZ-000Lig-Vd; Tue, 12 Jun 2012 13:48:44 +0100 Received: from petefrench by dilbert.ingresso.co.uk with local (Exim 4.77 (FreeBSD)) (envelope-from ) id 1SeQWZ-0007x5-Uu; Tue, 12 Jun 2012 13:48:43 +0100 To: freebsd-stable@freebsd.org, ml@my.gd In-Reply-To: <4FC77555.1010202@my.gd> Message-Id: From: Pete French Date: Tue, 12 Jun 2012 13:48:43 +0100 Cc: Subject: Re: IPv6 and CARP crashes boxes X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2012 12:48:45 -0000 Meant to reply to this at the time, but have been away... > Has anyone else run into problems when using IPv6 + CARP ? I ran into some - aliases on a CARP integface did not seem to work proprly - but if you workaround that then it appears to work fine. We are using it in production with no problems. > I plan to hold a presentation at work on IP6 and why we should start > using it, however I cannot promote the use of IP6 without redundancy > between firewalls like we currently do with CARP + pfsync. The redundancy with pfsync works properly - an ssh session is maintained through the firewalls when they failover. I configure my machines to use a paiur of carp interfaces on each physical port, so I am not mixing IPv4 and IPv6 on the same interface. I onyl did that as an experiment when I was trying to work around the aliases problem, but have kept it for "tidnyess" Basically our experience of the setup has been very positive - our main connectivity issues have come from the HE/Cogent peering squabble rather than any FreeBSD/Carp/PF failing. cheers, -pete.