Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 Jul 2009 21:04:19 +0200
From:      Ian FREISLICH <ianf@clue.co.za>
To:        d@delphij.net
Cc:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: CARP broken on -CURRENT? 
Message-ID:  <E1MRWFf-0005Xt-P8@clue.co.za>
In-Reply-To: <4A5F7540.7070201@delphij.net> 
References:  <4A5F7540.7070201@delphij.net> <4A5EF889.6040604@delphij.net> <E1MRNt8-0004so-2J@clue.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help 
Xin LI wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Ian FREISLICH wrote:
> [...]
> > I have noticed that if there are multiple IP addresses on the carp
> > interface and these are configured in a different order on each
> > host, the you can expect messages like the following:
> >
> > Jun  9 23:56:29 firewall2 kernel: carp15: incorrect hash
> > Jun  9 23:56:30 firewall2 kernel: carp15: incorrect hash
> > Jun  9 23:56:31 firewall2 kernel: carp15: incorrect hash
> > Jun  9 23:56:32 firewall2 kernel: carp15: incorrect hash
> > 
> > And both hosts will claim MASTER status.
> 
> This reminded me...  I've set net.inet.carp.log=2 now but except some
> bad CARP packets on the outside (12.xxx.xxx.112/28) network due to VRRP
> router, I didn't saw any complain about incorrect hash.  Are you using
> "pass" parameter when setting up CARP?

Yes, I use pass.   There are many untrusted hosts on my network.

Taking another look at the manual page, I think that the behaviour
you're seeing is expected.  Try setting advbase to the same on all
vhids on both hosts.  Use advskew to set a preference for one of
your servers.  Use advbase to determine how quickly a failure will
be detected.

     To use carp, the administrator needs to configure at minimum
     a common virtual host ID (VHID) and virtual host IP address
     on each machine which is to take part in the virtual group.
     Additional parameters can also be set on a per-interface basis:
     advbase and advskew, which are used to control how frequently
     the host sends advertisements when it is the master for a
     virtual host, and pass which is used to authenticate carp
     advertisements.

Ian

--
Ian Freislich

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1MRWFf-0005Xt-P8>