IPv6 and CARP crashes boxes

Pete French petefrench at ingresso.co.uk
Tue Jun 12 12:48:45 UTC 2012


Meant to reply to this at the time, but have been away...

> Has anyone else run into problems when using IPv6 + CARP ?

I ran into some - aliases on a CARP integface did not seem
to work proprly - but if you workaround that then it appears
to work fine. We are using it in production with no problems.

> I plan to hold a presentation at work on IP6 and why we should start
> using it, however I cannot promote the use of IP6 without redundancy
> between firewalls like we currently do with CARP + pfsync.

The redundancy with pfsync works properly - an ssh session
is maintained through the firewalls when they failover. I
configure my machines to use a paiur of carp interfaces on each
physical port, so I am not mixing IPv4 and IPv6 on the same
interface. I onyl did that as an experiment when I was trying
to work around the aliases problem, but have kept it for "tidnyess"

Basically our experience of the setup has been very positive - our
main connectivity issues have come from the HE/Cogent peering squabble
rather than any FreeBSD/Carp/PF failing.

cheers,

-pete.


More information about the freebsd-stable mailing list