Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 31 May 2020 21:07:37 +0500
From:      "Eugene M. Zheganin" <emz@norma.perm.ru>
To:        freebsd-stable@freebsd.org
Subject:   CARP under Hyper-V: weird things happen
Message-ID:  <ed9180b4-fe2c-d516-af9d-cade780885f7@norma.perm.ru>

next in thread | raw e-mail | index | archive | help
Hello,

I'm Running 12.0-REL in a VM under W2016S with CARP enabled and paired 
to a baremetal FreeBSD server.

All of a sudden I realized that thjis machine is unable to become a CARP 
MASTER - because it sees it's own ACRP announces, but instead of seeing 
them from a CARP synthetic MAC address only, it sees additional extra 
packets with several MACs derived from the original one (I'm well awared 
about the -MacAddressSpoof on SetVmNetworkAdapterVlan switch, and it's 
running with this thingg on, but still). These packets always almost 
(but not 100%) accompany each valid CARP advertisement.

Say, we have a CARP-enabled interface:

vlan2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 
0 mtu 1500
         description: AS WAN
         options=80000<LINKSTATE>
         ether 00:15:5d:0a:79:12
         inet 91.206.242.9/28 broadcast 91.206.242.15
         inet 91.206.242.12/28 broadcast 91.206.242.15 vhid 3
         groups: vlan
         carp: BACKUP vhid 3 advbase 1 advskew 250
         vlan: 2 vlanpcp: 0 parent interface: hn1
         media: Ethernet autoselect (10Gbase-T <full-duplex>)
         status: active
         nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

Notice the MAC and now look at this:

===Cut===

[root@gw1:~]# tcpdump -T carp -nepi vlan2 carp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan2, link-type EN10MB (Ethernet), capture size 262144 bytes
20:45:54.152619 00:00:5e:00:01:03 > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035

^^^ this is the ordinary and valid CARP advertisement, notice the 
synthetic MAC which is requiring setting mac address spoofing.

20:45:54.152880 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035

^^^ this is some insanity happening

20:45:54.153234 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035

^^^ and again

20:45:54.153401 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035

^^^ and again

20:45:57.562470 00:00:5e:00:01:03 > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036

^^^ valid CARP advertisement, next one-second advbase cycle

20:45:57.562874 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036

^^^ more insane stuff, notice the NEW (sic !) MAC-address

20:45:57.562955 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
20:45:57.562989 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4 
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36: 
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
^C
8 packets captured
3195 packets received by filter

===Cut===


Does anyone has, by any chance, some idea about what's happening ? As 
soon as I stop CARP stack on this VM these "mad" MACs aren't received 
anymore, so I'm pretty confident these are somehow procuced on the 
Hyper-V side.

Another weird this is that vlan1  is refusing to work (seems like 
packets are never received on the VM side) unless its configured on 
another adapter in the -Untagged (once again powershell term for 
SetVmNetworkAdapterVlan).


Thanks.

Eugene.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ed9180b4-fe2c-d516-af9d-cade780885f7>