From owner-freebsd-stable@FreeBSD.ORG Tue Jun 12 12:56:32 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CED731065670 for ; Tue, 12 Jun 2012 12:56:32 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-ee0-f54.google.com (mail-ee0-f54.google.com [74.125.83.54]) by mx1.freebsd.org (Postfix) with ESMTP id 58A9E8FC19 for ; Tue, 12 Jun 2012 12:56:32 +0000 (UTC) Received: by eeke49 with SMTP id e49so2531594eek.13 for ; Tue, 12 Jun 2012 05:56:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding :x-gm-message-state; bh=owE7ExE8CKytk9R8zSDroHFNEpL7eepGgXdUuGsYc70=; b=kWQUtoHFsP1+6sifJnvZddY8kHp4WF8d+SC0qucv+H1JQLmDIUGVzGq2O5MSZ1Xnl5 3wqNBQ4kMoCSsaZmgYBt/VfgTvsQHPJCp+DogX5byC9wKdh4OWKMCmM2gB2FnOm5pMwM iypbY8Gxdk/FqBk6CTYJLejwkPWLOfRy1zGeH9sQdcf9acc60zKcTtZRzUkeLULTi0Xs 36aahqg/F2DKCC5lmLI+d9xmqXQcCqdDYx/74vX9aNyH3+8Ro7EFj3+EMuQwOxbFwh36 TEOsjNrzVl7upnK8GCacbsejToaDdWlPri42Z5gkiY03mnwrVczvB3x0Yz283gS40G1M 8s6w== Received: by 10.14.40.20 with SMTP id e20mr2720970eeb.119.1339505791039; Tue, 12 Jun 2012 05:56:31 -0700 (PDT) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id c51sm64054543eei.12.2012.06.12.05.56.29 (version=SSLv3 cipher=OTHER); Tue, 12 Jun 2012 05:56:30 -0700 (PDT) Message-ID: <4FD73C7B.4090309@my.gd> Date: Tue, 12 Jun 2012 14:56:27 +0200 From: Damien Fleuriot User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: Pete French References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Gm-Message-State: ALoCoQkkwQ1yEJ1e9l0p59ZdpDfsyXdHU99mKi7wHza4awrYfEZfgzq/dRAiJVdvL2hdJRQNDtTf Cc: freebsd-stable@freebsd.org Subject: Re: IPv6 and CARP crashes boxes X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2012 12:56:32 -0000 On 6/12/12 2:48 PM, Pete French wrote: > Meant to reply to this at the time, but have been away... > >> Has anyone else run into problems when using IPv6 + CARP ? > > I ran into some - aliases on a CARP integface did not seem > to work proprly - but if you workaround that then it appears > to work fine. We are using it in production with no problems. > >> I plan to hold a presentation at work on IP6 and why we should start >> using it, however I cannot promote the use of IP6 without redundancy >> between firewalls like we currently do with CARP + pfsync. > > The redundancy with pfsync works properly - an ssh session > is maintained through the firewalls when they failover. I > configure my machines to use a paiur of carp interfaces on each > physical port, so I am not mixing IPv4 and IPv6 on the same > interface. I onyl did that as an experiment when I was trying > to work around the aliases problem, but have kept it for "tidnyess" > > Basically our experience of the setup has been very positive - our > main connectivity issues have come from the HE/Cogent peering squabble > rather than any FreeBSD/Carp/PF failing. > > cheers, > > -pete. Thanks for the feedback Pete, what are you running ? We're on 8-STABLE here. I've got some spare time on my hands actually, I'm gonna try some more today, both on an ipv6-only carp, then on a v4+v6.