Date: Fri, 4 Mar 2005 00:43:08 +0100 From: Daniel Hartmeier <daniel@benzedrine.cx> To: Matthew Grooms <mgrooms@seton.org> Cc: freebsd-pf@freebsd.org Subject: Re: pf + pfsync + carp ... more fun Message-ID: <20050303234308.GJ25140@insomnia.benzedrine.cx> In-Reply-To: <4227741E.5030805@seton.org> References: <200502282326.41760.max@love2party.net> <4224B078.9020301@seton.org> <20050301185431.GA81982@cell.sick.ru> <4225174C.801@seton.org> <20050302081051.GB87159@cell.sick.ru> <422600A2.2080907@seton.org> <20050302191656.GA93112@cell.sick.ru> <42264A0A.1090301@seton.org> <20050303013807.GH25140@insomnia.benzedrine.cx> <4227741E.5030805@seton.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 03, 2005 at 02:31:26PM -0600, Matthew Grooms wrote: > While running tests in my lab, there have been a few times where I > could no longer talk out my external interface. This usually happens > after I ifconfig em0 up / down a few times to force the carp0 failover. > Previously, I have just rebooted the box since I was concentrating on > testing the pf + pfsync stuff but this time I stopped to take a look > and noticed that I am loosing a route for the locally attached network. > Is this the intended behavior? It might explain the problem. On OpenBSD, you can ifconfig down an interface without losing the route table entries through that interface. I noticed that FreeBSD seems to automatically remove route entries in this case. AFAIK, carp itself does set and clear interfaces' IFF_RUNNING flag to activate/deactivate them. I think the intention is not to lose any routes doing that, but simply make the stack ignore frames on that interface (so no ARP replies are sent on it). When you manually ifconfig down to initiate the test, you also clear IFF_UP, which might cause routes to get removed. Maybe try to initiate the failover by removing the cable instead. Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050303234308.GJ25140>