CARP & bridge
Sebastiaan van Erk
sebster at sebster.com
Fri May 1 08:13:20 UTC 2009
Hi,
Nikos Vassiliadis wrote:
> Sebastiaan van Erk wrote:
>>
>> Thanks for the suggestion. I tried it, but unfortunately the carp
>> device never leaves the INIT state when I put the ip on the bridge.
>> :-( I did find some similar problem here:
>>
>> http://www.freebsd.org/cgi/query-pr.cgi?pr=125816
>
> I just noticed that. On -CURRENT carp tells you that's
> not supported:
> bridge0: carp is not supported for this interface type
>
> OTOH why do you even have to use the VIP from the remote
> side of the bridge?
>
> The only reason I can think of, for doing such a thing,
> is to get *all* traffic from the remote location through
> a "single" redundant router, the one with the VIP. Is this
> the case?
It is indeed a "single" redundant router, though the traffic from the
other side of the bridge (the OpenVPN clients) generally don't need to
be routed redudantantly. The OpenVPN clients use OpenVPN's redundancy
(multiple "remote xxx.xxx.xxx.xxx" lines), and thus use the
non-redundant IP address of the OpenVPN client they're connected to as
gateway (which is fine, because if the server dies OpenVPN connects to a
different server anyway)...
So I don't really *NEED* the CARP ip address over the bridge (the static
arp works, so I have a working solution, albeit an ugly one; an ARP
request generates a reply from every member of the redundant cluster).
I guess it's just not a supported configuration yet and it's not my
stupidity (in this case anyway ;-)) that's the problem.
> Nikos
Regards,
Sebastiaan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3328 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090501/3eefb885/smime-0001.bin
More information about the freebsd-questions
mailing list