kern/121574: CARP hash dependent on order of IP addresses on interface

Douglas K. Rand rand at meridian-enviro.com
Mon Mar 10 19:10:03 UTC 2008 

>Number:         121574
>Category:       kern
>Synopsis:       CARP hash dependent on order of IP addresses on interface
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 10 19:10:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Douglas K. Rand
>Release:        FreeBSD 6.2-RELEASE-p7 i386
>Organization:
Meridian Environmental Technology, Inc.
>Environment:
System: FreeBSD luna-0.meridian-enviro.com 6.2-RELEASE-p7 FreeBSD 6.2-RELEASE-p7 #0: Fri Aug 24 20:46:09 CDT 2007 root@:/usr/obj/usr/src/sys/LUNA i386


>Description:
Recently I had to reboot one of my redundant firewalls and
the /etc/rc.conf file had exchanged the primary and alias
addresses of the interface. (We were switching ISPs.)

If you have a carp interface with 2 IP addresses, the IP addresses
MUST be assigned in the same order on both interfaces. Luna-0 crashed
this morning, and when I brought it back up the carp1 interface on
BOTH Luna-0 and Luna-1 were in the MASTER state.

>From Luna-0:
carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 12.192.93.2 netmask 0xffffffc0 
        inet 207.109.234.254 netmask 0xfffffff0 
        carp: MASTER vhid 2 advbase 1 advskew 0

>From Luna-1:
carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 207.109.234.254 netmask 0xfffffff0 
        inet 12.192.93.2 netmask 0xffffffc0 
        carp: MASTER vhid 2 advbase 1 advskew 50

Both were trying to act as the master carp interface, which was
causing some strange TCP errors. (Bryan noticed his automated SSH
sessions to Mars were failing.)

Once I got it straightened out, everything worked better. And of
course, once I got the addresses added to the interfaces in the right
order I realized that since the Qwest stuff is disconnected, I didn't
need the 207.109.234.254 address anymore anyway, so I could have just
deleted that, which I've now done.

Thing thing to watch for is a LOT of "carp.: incorrect hash" messages
from the kernel. I ignored the few I saw because you ALWAYS get a few
of those at boot, but I didn't realize how many were being generated.

>How-To-Repeat:
	Change the order of the IP addresses on a CARP interface from
	its peer.
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list