Allowing CARP to use arbitrary OUI prefix and allocating block from FreeBSD's OUI space assignment for that

Eygene Ryabinkin rea at
Thu May 8 09:51:03 UTC 2014

Bjoern, good day.

Thu, May 08, 2014 at 09:37:37AM +0000, Bjoern A. Zeeb wrote:
> On 08 May 2014, at 08:10 , Eygene Ryabinkin <rea at> wrote:
> > As current CARP implementation somewhat hijacks OUI MAC space for VRRP
> > (00:00:5e:00:01:$VRID) and this sometimes create problems, because
> > routing people tend to be different from the ones that run CARP
> > clusters, so their VRID/VHID can clash inside single L2 domain, and
> > this often leads to breakages (because of same MAC values for the
> > different clustered instances),
> It often leads to a bit of logging about “hey I don’t know this
> ‘version' of VRRP” (well yeah) on some $vendor devices who should
> know better by now.

Here you're talking about protocol (112) and version number that CARP
packets use (version number is one higher than VRRP's one).  This was
fixed by most vendors, most notably Cisco.

> Apart from that I thought the different version number was sufficient

The thing is that both VRRP and CARP packets use MAC address (on
Ethernet at least) that equals to 00:00:5e:00:01:$VRID.  So in case
that $VRID is the same and VRRP and CARP admins aren't aware of each
other, there will be MAC conflict, so L2 packets will be switched
in a "funny" manner.

So, it isn't about the "control plane" messages that carry CARP/VRRP
protocol type and numbers, but rather than the "data plane" messages
from CARP/VRRP nodes saying "hi, I am here" in replies for ARP
requests and switches caching MACs in their FDB on the ports into
which replies ingress.

> (as it is for other protocols, and so have others who actually
> started to write a draft for an independent submission early last
> year and stalled on it).   I am actually not in the loop on what we
> ended up with in 10 but I guess given the new CARP started to
> understand the old stuff glebius did not end up bumping it finally
> in FreeBSD?  So the problem might remain that we are on a
> conflicting “VRRP/CARP version”?

No, we're conflicting with VRRP on the MAC address space.

And, as I understand, CARP in 10 hadn't changed protocol in any way,
it just refurbished now CARP instances are configured and attached to
the interfaces.  Could be wrong here, though.
Eygene Ryabinkin                                        ,,,^..^,,,
[ Life's unfair - but root password helps!           | ]
[ 82FE 06BC D497 C0DE 49EC  4FF0 16AF 9EAE 8152 ECFB | ]

Please, CC me: I am not subscribed to this list.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 358 bytes
Desc: not available
URL: <>

More information about the freebsd-net mailing list