FreeBSD Port: freevrrpd-0.8.6
Pawel Worach
pawel.worach at telia.com
Sun Apr 20 09:50:30 PDT 2003
Hi!
Running freevrrpd 0.8.6 on 4.8-release floods the syslog
with (according to me) invalid messages.
The freebsd vrrp box pair is in a DMZ with Nokia IPSO Firewalls
that also use vrrp for reduncancy. My guess is that freevrrpd
doesn't like seeing the vrrp traffic from the firewalls and
floods syslog with this:
Apr 20 18:34:45 fwnatb freevrrpd[199]: checksum of vrrp packet is invalid.
Packet is discarded !
Apr 20 18:35:16 fwnatb last message repeated 62 times
Apr 20 18:37:17 fwnatb last message repeated 242 times
<and this goes on and on for ever>
Traffic on the subnet looks like this:
(freebsd box is fwnatb, the other two are the IPSO firewalls)
18:43:23.316151 fwnatb > 224.0.0.18: VRRPv2-advertisement 28: vrid=70
prio=254 authtype=none intvl=1
18:43:23.439140 fw1 > 224.0.0.18: VRRPv2-advertisement 20: vrid=65 prio=150
authtype=none intvl=1 [tos 0xc0]
18:43:24.315074 fw2 > 224.0.0.18: VRRPv2-advertisement 8: vrid=94 prio=100
authtype=none intvl=1 [tos 0xc0]
18:43:24.315852 fwnatb > 224.0.0.18: VRRPv2-advertisement 28: vrid=70
prio=254 authtype=none intvl=1
18:43:24.439129 fw1 > 224.0.0.18: VRRPv2-advertisement 20: vrid=65 prio=150
authtype=none intvl=1 [tos 0xc0]
18:43:25.315096 fw2 > 224.0.0.18: VRRPv2-advertisement 8: vrid=94 prio=100
authtype=none intvl=1 [tos 0xc0]
I have no idea why freevrrpd even cares about the packets that
are using a vrid that's not even in freevrrpd's configuration.
Any ideas how to make this madness stop?
Regards
Pawel
More information about the freebsd-ports
mailing list