On 10/15/2014 04:18 AM, Stuart Henderson wrote:
The most common cause I've seen for split carp states is a mismatch of
IP addresses between master/secondary, though I would think that a
combination of using "defer" and not using "no-sync" on the carp/pfsync
states could very well cause problems like this.
Hello Stuart,
I've removed "defer" from /etc/hostname.pfsync0, and I also added some
bpf device (one for every carp I have) with MAKEDEV, as you suggested.
Then, I've added "no-sync" to pf, so the running pf.conf is:
set skip on lo0
pass quick on em0 proto pfsync keep state (no-sync)
pass quick on em0
pass quick on { vlan2 vlan3 vlan4 vlan5 vlan6 vlan7 vlan1002 vlan1003 }
proto { carp pfsync } keep state (no-sync)
pass in quick
pass out quick
but my problem persists.
I've checked again my hostname.carpXX files using diff, and the only
difference is the advskew.
When I reboot the BACKUP machine (system-2), it comes back with some
random interfaces in MASTER state. For these interfaces, if I run "ksh
/etc/netstart carpXX" on system-1 server, everything start working fine
again.
On system-1, after the reboot of system-2 I see these messages:
nd6_na_input: duplicate IP6 address fe80:1e::200:5eff:fe00:17d
nd6_na_input: duplicate IP6 address fe80:1f::200:5eff:fe00:17e
nd6_na_input: duplicate IP6 address fe80:20::200:5eff:fe00:17f
I can't find anything strange in log files.
Any idea?
