From owner-freebsd-current@FreeBSD.ORG Fri Apr 5 20:33:21 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id AAAFAB87 for ; Fri, 5 Apr 2013 20:33:21 +0000 (UTC) (envelope-from peter@wemm.org) Received: from mail-vb0-x231.google.com (mail-vb0-x231.google.com [IPv6:2607:f8b0:400c:c02::231]) by mx1.freebsd.org (Postfix) with ESMTP id 6A5B5C34 for ; Fri, 5 Apr 2013 20:33:21 +0000 (UTC) Received: by mail-vb0-f49.google.com with SMTP id 11so2437074vbf.22 for ; Fri, 05 Apr 2013 13:33:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemm.org; s=google; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=92lzhUmZeLrky5o41HzJymKbM5GLMJh7iXXUdWOI7c8=; b=HCm60qRoGuHYFCZWfj7P5uaZO71n+XROWi7yBq8Q7R9EVzAv+g1NcX/YoFWsdTx23O QQ6zOLH0xNj1Cb6aaIaY2MhiDDis/8OH+bbuDq59B6QdNrvBL6siBYY6mEhw3DkW9i1Q o9FKx4+15wZwGzaRV+OhPzkYFnKjFNcacRIfA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:x-gm-message-state; bh=92lzhUmZeLrky5o41HzJymKbM5GLMJh7iXXUdWOI7c8=; b=SD5oABIgeExS/Drn7jWBLC6ccUiTbXuS+c6QadR9LCwjkhQ1Xw/nosAoZFOY7qmLr7 AtSXFI1/LipyPdKBz5vK5Gx1ex5L4P7GVgk3oM2WQ65sORRChOsjD9LIb2ipXvOLa5l5 DbFxn9MiiKdSu8RC24nYdItrkIhiCFsxucWC0ZA4wS2iGexG7el9b6wZV3XISt5FHFle zOPRf2JEZoMJZFhGESYoqd4YZhIu191W6LytnAGDLvtjWojwxtAxv4qSxr+lQVy0TcNZ 3w0H4OT3TSMm6bI3lL4qNq2q3UjHrjNflgrQlwBD61S8C5lrKOFbF1EcHepHM6Dte4jZ lpDg== MIME-Version: 1.0 X-Received: by 10.52.16.105 with SMTP id f9mr7853333vdd.117.1365194000810; Fri, 05 Apr 2013 13:33:20 -0700 (PDT) Received: by 10.220.211.72 with HTTP; Fri, 5 Apr 2013 13:33:20 -0700 (PDT) In-Reply-To: References: <20130402085222.GH76816@FreeBSD.org> Date: Fri, 5 Apr 2013 13:33:20 -0700 Message-ID: Subject: Re: Anyone have scripts for managing interfaces under new CARP setup? From: Peter Wemm To: Freddie Cash Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQn//ZypJELsZG4BwJlYKrqHCDV0BS3eMW7EinPVQCAJXWycdtj+HU2ZZseUYeDB2hX9o7ox Cc: Gleb Smirnoff , FreeBSD-Current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Apr 2013 20:33:21 -0000 On Tue, Apr 2, 2013 at 3:37 PM, Freddie Cash wrote: > On 2013-04-02 1:52 AM, "Gleb Smirnoff" wrote: >> >> Freddie, >> >> On Wed, Mar 27, 2013 at 04:10:03PM -0700, Freddie Cash wrote: >> F> Just curious if anyone has any scripts for managing fail-over of > multiple >> F> interfaces using the new CARP setup in 10-CURRENT. >> F> >> F> Fail-over of all CARP vhids associated with a single interface is > working >> F> correctly. But, I have 2 separate, physical interfaces running with > CARP, >> F> and want to fail-over everything if one of the links (or boxes) goes > down. >> F> >> F> Figured I'd ask around to see if anyone has done something like this >> F> already. I've been playing with devd.conf settings and logging > events, but >> F> don't have anything written up to do the actual switch yet. >> >> Same as for old CARP, you can achieve behavior when a box with lower >> advskew yields master status to a second one, setting: >> >> sysctl net.inet.carp.preempt=1 >> >> If an interface on the master has proper link state notification to the >> kernel, then once the interface goes down, the advskew on the box will be >> demoted and backup box will preempt it. > > That's how I have things set and it wasn't switching the 2nd interface. > > However, I think that may be due to the IPFW rules on one interface > blocking CARP multicast packets on that interface, while they were going > through correctly on the 2nd interface. I'll see if I can schedule a manual > test later this week now that IPFW is configured correctly. > > Thanks for the confirmation of things are supposed to work. We use new-carp on 10.x on the freebsd.org cluster. There's machines with 10+ vlans with carp on each and pf. I find some of the replacement tools a little lacking but one thing I've done is use a dummy vlan to cause an entire machine to demote itself based on bgp default-route state. I wrote a script to do this before I became aware of ifstated(8). This is necessary for us more because of the unusual uplink arrangement we have at one of the cluster locations. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV bitcoin:188ZjyYLFJiEheQZw4UtU27e2FMLmuRBUE