[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problems with carp and vlans



Hello list:
I've got a problem with carp and vlans. The two firewalls are clustered
(no loadbalancing, but ha). They are connected to a cisco switch in one
trunk. State table changes are pronounced over interface em0
(crosslink). Problem seems to be: both firewalls have serveral vlans
defined on the out Interface (fxp0). Of course both vlans are identical,
only difference is the mac address.
Now the firewalls allways complain about duplicate ip-addresses
(duplicate IP address 192.168.90.69 sent from ethernet address
00:10:dc:f1:22:70).
How to get rid of this (if possible at all)?
Thank you for any tips
Olaf Z.
Hints:
uname -a:
OpenBSD bsd_node1.smc-d.de 3.5 GENERIC#9 i386
sysctl net.inet.carp:
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
net.inet.carp.arpbalance=0
ifconfig -a:
rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        address: 00:0a:cd:05:18:e8
        media: Ethernet 100baseTX full-duplex
        status: active
        inet 192.168.90.248 netmask 0xffffffe0 broadcast 192.168.90.255
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:10:dc:f5:b2:0b
        media: Ethernet 1000baseT full-duplex
        status: active
        inet 10.10.10.1 netmask 0xfffffffc broadcast 10.10.10.3
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu
1500
        address: 00:10:dc:f5:b2:0c
        media: Ethernet 100baseTX full-duplex
        status: active
        inet 5.5.5.5 netmask 0xfffffff8 broadcast 5.5.5.7
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224
pfsync0: flags=41<UP,RUNNING> mtu 1348
        pfsync: syncif: em0 maxupd: 128
vlan9: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:10:dc:f5:b2:0c
        vlan: 9 parent interface: fxp0
        inet 82.210.20.190 netmask 0xfffffff8 broadcast 82.210.20.191
---snip---
(here several more vlans)
---snip---
carp0: flags=41<UP,RUNNING> mtu 1500
        carp: MASTER vhid 1 advbase 1 advskew 0
        inet 192.168.90.249 netmask 0xffffffe0
carp1: flags=41<UP,RUNNING> mtu 1500
        carp: MASTER vhid 2 advbase 1 advskew 0
        inet 5.5.5.6 netmask 0xfffffff8
	
netstat -sp carp:
carp:
        18 packets received (IPv4)
        0 packets received (IPv6)
                0 packets discarded for bad interface
                0 packets shorter than header
                0 discarded for bad checksums
                0 discarded packets with a bad version
                0 discarded because packet too short
                0 discarded for bad authentication
                0 discarded for bad vhid
                0 discarded because of a bad address list
        159542 packets sent (IPv4)
        0 packets sent (IPv6)