Hello,
I have two servers running OpenBSD 4.3-stable amd64, both sharing one IP
using CARP with load balancing using ip-stealth. (using "balancing ip"
without stealth just doesn't work at all and overloads the network)
# cat /etc/hostname.carp0
inet 206.251.244.96 255.255.255.0 NONE pass strongpass carpdev rl0
carpnodes 194:100,196:0 balancing ip-stealth
# sysctl net.inet.carp
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
The firewall in front of my hosts is OpenBSD too, but I don't have
control over it.
If I do a tcptraceroute on port 443 to my CARP ip, I get at the end
something like that:
10 em0.bfw01.m5hosting.com (206.251.227.243) 174.808 ms 4295141.428
ms 175.341 ms
11 frodo.llorien.org (206.251.244.96) [open] 179.551 ms
servplex.us (206.251.255.77) 175.481 ms !p
frodo.llorien.org (206.251.244.96) 4294967295665.658 ms
with obviously impossible times and one packet going elsewhere on
another range.
But if I destroy the CARP interface and use a real one by issuing
ifconfig rl0 inet alias 206.251.244.96/24 everything works great.
It also works if I do not use balancing, using plain: inet
206.251.244.96 255.255.255.0 NONE pass strongpass carpdev rl0 vhid 194
So it seems CARP balancing is part of the issue as it works with real
MAC or no balancing, but I fail to understand what could cause such
behavior. No one is using the same VHIDs as me, and there is no
duplicate MAC.
Any explanation is welcome.
[demime 1.01d removed an attachment of type application/x-pkcs7-signature which
had a name of smime.p7s]
