carp mixed states

Sun, 13 May 2012 13:51:32 -0700 

hi all
have configured two firewalls with carp
i have connectivity to the internet and the firewalls failover properly.
when i check the carp states of each firewall the slave reports that its wan connection is in the master state the same as the master firewall while the slave carp lan connection is in the backup state. 
is this normal or should both carps be in backup for the slave ?
shadrock


master firewall
/etc/hostname.carp1
inet 10.5.5.1 255.255.255.0 10.5.5.255 vhid 1 carpdev em1 pass pass1

/etc/hostname.carp2
inet 192.168.5.1 255.255.255.0 192.168.5.255 vhid 2 carpdev em0 pass pass2

/etc/hostname.em0
inet 192.168.5.2 255.255.255.0

/etc/hostname.em1
inet 10.5.5.2 255.255.255.0 NONE

/etc/hostname.bge0
inet 172.16.0.2 255.255.255.0 NONE

/etc/hostname.pfsync0
up syncdev bge0


ifconfig -a

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33196
        priority: 0
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        inet 127.0.0.1 netmask 0xff000000
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:18:8b:60:7b:06
        priority: 0
media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) 
        status: active
        inet 172.16.0.2 netmask 0xffffff00 broadcast 172.16.0.255
        inet6 fe80::218:8bff:fe60:7b06%bge0 prefixlen 64 scopeid 0x1
em0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500 
        lladdr 00:04:23:df:6b:a4
        priority: 0
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause)
        status: active
        inet 192.168.5.2 netmask 0xffffff00 broadcast 192.168.5.255
        inet6 fe80::204:23ff:fedf:6ba4%em0 prefixlen 64 scopeid 0x2
em1: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500 
        lladdr 00:04:23:df:6b:a5
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
        status: active
        inet 10.5.5.2 netmask 0xffffff00 broadcast 10.5.5.255
        inet6 fe80::204:23ff:fedf:6ba5%em1 prefixlen 64 scopeid 0x3
enc0: flags=41<UP,RUNNING>
        priority: 0
        groups: enc
        status: active
pfsync0: flags=41<UP,RUNNING> mtu 1500
        priority: 0
        pfsync: syncdev: bge0 maxupd: 128 defer: off
        groups: carp pfsync
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33196
        priority: 0
        groups: pflog
carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:01
        priority: 0
        carp: MASTER carpdev em1 vhid 1 advbase 1 advskew 0
        groups: carp
        status: master
        inet6 fe80::200:5eff:fe00:101%carp1 prefixlen 64 scopeid 0x6
        inet 10.5.5.1 netmask 0xffffff00 broadcast 10.5.5.255
carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:02
        priority: 0
        carp: MASTER carpdev em0 vhid 2 advbase 1 advskew 0
        groups: carp
        status: master
        inet6 fe80::200:5eff:fe00:102%carp2 prefixlen 64 scopeid 0x7
        inet 192.168.5.1 netmask 0xffffff00 broadcast 192.168.5.255


slave firewall

/etc/hostname.carp1
inet 10.5.5.1 255.255.255.0 10.5.5.255 vhid 1 carpdev em1 advskew 100 pass pass1 

/etc/hostname.carp2
inet 192.168.5.1 255.255.255.0 192.168.5.255 vhid 2 carpdev em0 advskew 100 pass pass2 

/etc/hostname.em0
inet 192.168.5.3 255.255.255.0

/etc/hostname.em1
inet 10.5.5.3 255.255.255.0 NONE

/etc/hostname.bge0
inet 172.16.0.3 255.255.255.0 NONE

/etc/hostname.pfsync0
up syncdev bge0


ifconfig -a

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33196
        priority: 0
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        inet 127.0.0.1 netmask 0xff000000
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:18:8b:6c:4e:85
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
        status: active
        inet 172.16.0.3 netmask 0xffffff00 broadcast 172.16.0.255
        inet6 fe80::218:8bff:fe6c:4e85%bge0 prefixlen 64 scopeid 0x1
em0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500 
        lladdr 00:04:23:e3:c7:92
        priority: 0
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause)
        status: active
        inet 192.168.5.3 netmask 0xffffff00 broadcast 192.168.5.255
        inet6 fe80::204:23ff:fee3:c792%em0 prefixlen 64 scopeid 0x2
em1: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500 
        lladdr 00:04:23:e3:c7:93
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
        status: active
        inet 10.5.5.3 netmask 0xffffff00 broadcast 10.5.5.255
        inet6 fe80::204:23ff:fee3:c793%em1 prefixlen 64 scopeid 0x3
enc0: flags=41<UP,RUNNING>
        priority: 0
        groups: enc
        status: active
pfsync0: flags=41<UP,RUNNING> mtu 1500
        priority: 0
        pfsync: syncdev: bge0 maxupd: 128 defer: off
        groups: carp pfsync
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33196
        priority: 0
        groups: pflog
carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:01
        priority: 0
        carp: BACKUP carpdev em1 vhid 1 advbase 1 advskew 100
        groups: carp
        status: backup
        inet6 fe80::200:5eff:fe00:101%carp1 prefixlen 64 scopeid 0x6
        inet 10.5.5.1 netmask 0xffffff00 broadcast 10.5.5.255
carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:02
        priority: 0
        carp: MASTER carpdev em0 vhid 2 advbase 1 advskew 100
        groups: carp
        status: master
        inet6 fe80::200:5eff:fe00:102%carp2 prefixlen 64 scopeid 0x7
        inet 192.168.5.1 netmask 0xffffff00 broadcast 192.168.5.255

Reply via email to