CARP & bridge
Sebastiaan van Erk
sebster at sebster.com
Wed Apr 29 09:37:57 UTC 2009
Hi,
I have a bridged OpenVPN setup where the OpenVPN tap0 driver is bridged
(via bridge0) to the physical em1 interface, which has a VIP via a carp1
interface:
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
mtu 1500
options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:0c:29:61:2a:55
inet 10.0.80.77 netmask 0xffffff00 broadcast 10.0.80.255
media: Ethernet autoselect (1000baseTX <full-duplex>)
status: active
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
ether 9a:6a:9f:b2:65:da
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 11 priority 128 path cost 2000000
member: em1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 20000
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric
0 mtu 1500
ether 00:bd:48:03:00:00
Opened by PID 24616
carp1: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 10.0.80.74 netmask 0xffffff00
carp: MASTER vhid 2 advbase 1 advskew 0
The problem I have is that when I ping the VIP from a VPN client (on
tap0), the server receives arp requests for the VIP on tap0, but it does
not respond to them:
# tcpdump -i tap0 -ln
11:29:13.637048 arp who-has 10.0.80.74 tell 10.0.80.6
Is there any way to get the server to respond to arp requests on tap0
for the VIP?
This is all on FreeBSD 7.1 with OpenVPN 2.0.6 (both client and server).
Regards,
Sebastiaan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3328 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090429/5f98e674/smime-0001.bin
More information about the freebsd-questions
mailing list