CARP and source IP

R

ramirez

Hello, everyone!

I have strange problem when using CARP address as source ip.

FreeBSD 13.2-RELEASE configured with primary ip: 10.10.0.16 and CARP ip: 10.10.0.26
Everything works as expected, packets incoming to carp address and outgoing from primary address with no problem.

But when i try use CARP as source address - i see no return packets.

For example, ping host in same network from CARP ip:

Code: 
ping -S 10.10.0.26 10.10.0.25
PING 10.10.0.25 (10.10.0.25) from 10.10.0.26: 56 data bytes
...
--- 10.10.0.25 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

On host 10.10.0.25 i see incoming and outgoing packets:

Code: 
15:17:33.394168 IP 10.10.0.26 > 10.10.0.25: ICMP echo request, id 31491, seq 3, length 64
15:17:33.394225 IP 10.10.0.25 > 10.10.0.26: ICMP echo reply, id 31491, seq 3, length 64

what am I doing wrong?

my config:

Code: 
vmx0: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4e403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,NOMAP>
        ether 00:50:56:b7:58:b8
        inet 10.10.0.16 netmask 0xffffff00 broadcast 10.10.0.255
        inet 10.10.0.26 netmask 0xffffff00 broadcast 10.10.0.255 vhid 2 <====== tested with /32 and /24 netmask
        carp: MASTER vhid 2 advbase 1 advskew 0
        media: Ethernet autoselect
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        

Routing tables

Internet:
Destination     Gateway            Flags     Netif Expire
default         10.10.0.1       UGS        vmx0
10.10.0.0/24    link#1             U          vmx0
10.10.0.16      link#1             UHS         lo0
10.10.0.26      link#1             UHS         lo0
127.0.0.1       link#2             UH          lo0

net.inet.carp.ifdown_demotion_factor: 240
net.inet.carp.senderr_demotion_factor: 240
net.inet.carp.demotion: 0
net.inet.carp.log: 1
net.inet.carp.preempt: 1
net.inet.carp.dscp: 56
net.inet.carp.allow: 1
 
Firewall? Regression? Works just fine on 12.4:

Code: 
    inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255
    inet 192.168.1.90 netmask 0xffffffff broadcast 192.168.1.90 vhid 2
    carp: MASTER vhid 2 advbase 1 advskew 0
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>


# ping -S 192.168.1.90 192.168.1.111
PING 192.168.1.111 (192.168.1.111) from 192.168.1.90: 56 data bytes
64 bytes from 192.168.1.111: icmp_seq=0 ttl=64 time=0.631 ms
64 bytes from 192.168.1.111: icmp_seq=1 ttl=64 time=0.437 ms
^C
--- 192.168.1.111 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.437/0.534/0.631/0.097 ms
 
You must log in or register to reply here.
Back
Top