DOH! - I had left a line referring to vhid (i.e. carp) in there - worked ok when that was out.
From: stur...@hotmail.com To: misc@openbsd.org Subject: RE: troubleshooting carp Date: Fri, 15 Aug 2014 17:58:06 -0400 OK, this is wrecking my head. As previously mentioned I have TWO firewalls, both with a total of 8 em-ports (2 x quad-cards). -Some of the ports are forfuture use and thus not configured and don't have a corr corresponding carp. So far it has really been:em0 - carp0 - internal LANem1 - pfsync0 - pfsyncem6 - carp6 - wifiem7 - carp7 - egress -I've been able to set up basic rules for the above and traffic has been pushing through in any direction - CARP traffic has been troublesome however. At first I was convinced it had something to do with my rules, but that doesn'tseem to be the case. In order to isolate the problem(s) I've turned off pf (pf=NO in /etc/rc.conf.local + reboot)and now I am going through port by port using (setting up dummy carp on some ports). So far I've verified on the first firewall that carp multicasts have transmitted OKon em0 and em7. On em3 and em4 only arp "who-has"-requests have appeared.Now I am on port em5 and as that was not configured before I created a dummy address and a dummy carp. Then I ran /etc/netstart and got this error: $ sudo sh /etc/netstart em5 ifconfig: SIOCGVH: Inappropriate ioctl for device -Is the root of my problems maybe due to system resources not available for so many ports? Do I need to tune something because of the 8 em-ports +corresponding carp's?
