Router with CARP: reproducible deadlock
sschwerdhoefer at multamedio.de
Wed Jan 11 04:58:50 PST 2006
My dream is to build a redundant router using carp. I build
test environments, one with FreeBSD 6.0, another one using
pfsense and I also tried OpenBSD 3.8. However in every
environment I'm getting into a deadlock situation with the
1st: Set up "router1" with 2 NICs connection the networks
"net1" and "net2". This machine is cloned to "router2",
where we adjust the IP addresses on both physical
Interfaces. Set up carp on both machines (carp0 is
192.168.0.240 and connected to net1, carp1 is 172.16.16.240
and connected to net2). Of course, execute 'sysctl -w
net.inet.carp.allow=1; sysctl -w net.inet.carp.preempt=1'
and connect "router2" in parallel to "router1".
2nd: Start up carp on both machines, which leads to router1
beeing MASTER with both carp interfaces and Router2 beeing
BACKUP with both. Perfect for now.
3rd: Unplug router1's patch cable to net1. As router1 does
not see any more advertisments from router2 at net1,
router1's carp0 stays in MASTER mode.
4th: router2 doesn't see any more advertisments from router1
at net1 as well ('cause the cable is disconnected!). So
router2's carp0 becomes MASTER. Even though
net.inet.carp.preempt is set, router2's carp1 stays in
5th: Now we have the catastrophic situation:
carp0 (net1) is in MASTER mode (cable unplugged!)
carp1 (net2) is in MASTER mode
carp0 (net1) is in MASTER mode
carp1 (net2) is in BACKUP mode
As you can see, packets that should be routed will be lost.
I'm asking myself, if anybody uses carp based routers in
production environment? If this is the normal behaviour, you
should not! But I hope, that I misunderstood the carp
documentation and someone will enlighten me :-)
More information about the freebsd-net