From owner-freebsd-bugs@freebsd.org Thu Feb 28 12:27:56 2019 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B71B1505B63 for ; Thu, 28 Feb 2019 12:27:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 305918F84B for ; Thu, 28 Feb 2019 12:27:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id DE6DA1505B62; Thu, 28 Feb 2019 12:27:55 +0000 (UTC) Delivered-To: bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B993F1505B61 for ; Thu, 28 Feb 2019 12:27:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 536258F848 for ; Thu, 28 Feb 2019 12:27:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 980FF176DD for ; Thu, 28 Feb 2019 12:27:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x1SCRsmh017307 for ; Thu, 28 Feb 2019 12:27:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x1SCRs7m017306 for bugs@FreeBSD.org; Thu, 28 Feb 2019 12:27:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 236105] carp MASTER/MASTER status when adding or removing carp IP addresses Date: Thu, 28 Feb 2019 12:27:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2019 12:27:56 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D236105 Bug ID: 236105 Summary: carp MASTER/MASTER status when adding or removing carp IP addresses Product: Base System Version: 11.2-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: vegeta@tuxpowered.net I'm not sure how much of a bug this is, rather a feature request for special cases.=20 carp HMAC is calculated using a hash of carp IP addresses for a given VHID. This means that if two routes are configured with different carp IP address= es, verifying signatures will fail and routers will ignore carp annoucements fr= om eachother resulting in MASTER/MASTER operation. However I understand this is a feature for enforcing configuration check, t= here are cases when this is a bad idea: on some routers I have carp addresses reconfigured tens of times a day. As it is impossible to configure both rou= ters exactly at the same time, there is often a difference big enough to triger MASTER/MASTER operation which is then soon resolved. I value network stabil= ity more than configuration check enforced on me and if configuration was wrong, things s would break anyway and I would be notified by other means. Please see https://github.com/innogames/freebsd/commit/a1b1ff410c0f532b67660c86593ef7b= da2398be8 for my first attempt. It still lacks sysctl value set hook, so works fine o= nly after carp addresses are configured. If you like the idea and believe it co= uld be merged into kernel, I will add a set hook recalculating HMAC and post the patch here. --=20 You are receiving this mail because: You are the assignee for the bug.=