CARP & bridge
Sebastiaan van Erk
sebster at sebster.com
Wed Apr 29 21:53:31 UTC 2009
Hi,
Nikos Vassiliadis wrote:
> Sebastiaan van Erk wrote:
>> Julien Cigar wrote:
>>>
>>> Maybe you've to do ARP Proxy on one side ? Try to add an ARP entry in
>>> the ARP table with arp (arp -s 1.2.3.4 MAC foo) ..
>>
>> Thanks for the suggestion.
>>
>> Ok, static arp works: that is, if I take the carp1 mac address and add
>> it to the arp table using:
>>
>> arp -s 10.0.80.74 00:00:5e:00:01:02 pub
>>
>> The ping starts to work. I'm still a bit confused why I have to do
>> this though, because I can ping the non-shared IP 10.0.80.77 from the
>> VPN client (via tap0) without any static arp, and I can ping the
>> shared VIP (10.0.80.74) from clients on the physical network (em1) as
>> well without any static arp. It's only when the ping it has to cross
>> the bridge that it's an issue.
>
> Does it make any difference if you set the IP address on the bridge0
> iface and not on the physical one?
>
> I recall that the recommended setup is to use IP addresses on
> the bridge interface and leave the members of the bridge IPless.
>
> Nikos
Thanks for the suggestion. I tried it, but unfortunately the carp device
never leaves the INIT state when I put the ip on the bridge. :-( I did
find some similar problem here:
http://www.freebsd.org/cgi/query-pr.cgi?pr=125816
Regards,
Sebastiaan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3328 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090429/31291fcf/smime.bin
More information about the freebsd-questions
mailing list