[pf4freebsd] Re: RELENG_5 and carp patches - Status

Max Laier max at love2party.net
Wed Sep 15 21:16:17 PDT 2004 

On Wednesday 15 September 2004 19:33, Bruno Afonso wrote:
> => WORKS:
>
> I've set carp0 and carp1 with the ips my NAT box uses and it's working
> flawlessly up until now (some hours). I have yet to set the backup box
> as it's really really old and I'm waiting for it to compile world and
> kernel... :)
>
> I will try failover in the next days.
>
>
> => DOES NOT WORK:
>
> ifconfig pfsync syncif <interface> does not work
> carp-testing-box# ifconfig pfsync0 up syncif fxp0
> ifconfig: syncif: bad value

Ugh ... this got completely forgotten. Check the patch at: 
http://people.freebsd.org/~mlaier/ifconfig.pfsync.patch (hope it still 
applies) it will certainly cause rejects with the carp-ifconfig ...

> accessing carp'ed IP address does not work
> carp-testing-box# ping IP
> PING IP (IP): 56 data bytes
> ping: sendto: Operation not permitted

EPERM is clearly a problem of your firewalling rules on the box that is trying 
to ping.

> I also get "arp_rtrequest: bad gateway IP (!AF_LINK)" in /var/log/messages.

This described in: http://people.freebsd.org/~mlaier/CARP/README and it's not 
a problem only a bit distrubing.

>
> netstat -sv carp does not work
> carp-testing-box# netstat -s -p carp
> netstat: kvm not available
>

hmmm ... looks like netstat has been built with different headers as the 
kernel. Try make installincludes and rebuild+install netstat.

> netstat -rn neither (which is very bad!)
>
> carp-testing-box# netstat -rn
> netstat: kvm not available
> Routing tables
> rt_tables: symbol not in namelist
>
>
> Again, I'm only trying to share my experiences hoping someone also has
> done some testing on this :)
>
> Best,
> BA
>
> Bruno Afonso wrote:
> > Hi,
> >
> > I've been trying to play with CARP, by applying the carp patch
> > (20040823-carp.RELENG_5.diff) to RELENG_5. The patch applies cleanly but
> > I can't get it to successfully compile the kernel. I can build world
> > with the patch applied.
> >
> > Any successful stories? :)
> >
> > BA

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20040916/83357cb0/attachment.bin

More information about the freebsd-pf mailing list