Skip to content

Commit

Permalink
revert carp to BSD standards
Browse files Browse the repository at this point in the history
  • Loading branch information
@AdSchellevis
AdSchellevis committed Sep 15, 2016
1 parent c782d9e commit 5497ae4
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 79 deletions.
64 changes: 6 additions & 58 deletions src/etc/inc/interfaces.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1770,77 +1770,25 @@ function interfaces_carp_setup()
echo gettext("Configuring CARP settings...");
mute_kernel_msgs();
}
set_single_sysctl("net.inet.carp.preempt" => "1");

/* suck in configuration items */
if (isset($config['hasync'])) {
if (isset($config['hasync']['pfsyncenabled'])) {
$pfsyncenabled = $config['hasync']['pfsyncenabled'];
}
if (isset($config['hasync']['pfsyncinterface'])) {
$pfsyncinterface = $config['hasync']['pfsyncinterface'];
}
if (isset($config['hasync']['pfsyncpeerip'])) {
$pfsyncpeerip = $config['hasync']['pfsyncpeerip'];
}
} else {
unset($pfsyncinterface);
unset($pfsyncenabled);
}

set_sysctl(array(
"net.inet.carp.preempt" => "1",
"net.inet.carp.log" => "1"
));

if (!empty($pfsyncinterface)) {
$carp_sync_int = get_real_interface($pfsyncinterface);
} else {
unset($carp_sync_int);
if (!empty($config['hasync']['pfsyncinterface'])) {
$carp_sync_int = get_real_interface($config['hasync']['pfsyncinterface']);
}

/* setup pfsync interface */
if (!empty($carp_sync_int) && isset($pfsyncenabled)) {
if (is_ipaddr($pfsyncpeerip)) {
$syncpeer = "syncpeer {$pfsyncpeerip}";
if (!empty($carp_sync_int) && isset($config['hasync']['pfsyncenabled'])) {
if (isset($config['hasync']['pfsyncpeerip']) && is_ipaddr($config['hasync']['pfsyncpeerip'])) {
$syncpeer = "syncpeer " . $config['hasync']['pfsyncpeerip'];
} else {
$syncpeer = "-syncpeer";
}

mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} {$syncpeer} up", false);

sleep(1);

/* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issues
* for existing sessions.
*/
log_error("waiting for pfsync...");
$i = 0;
while (intval(trim(`/sbin/ifconfig pfsync0 | /usr/bin/grep 'syncok: 0' | /usr/bin/grep -v grep | /usr/bin/wc -l`)) == 0 && $i < 30) {
$i++;
sleep(1);
}
log_error("pfsync done in $i seconds.");
log_error("Configuring CARP settings finalize...");
} else {
mwexec("/sbin/ifconfig pfsync0 -syncdev -syncpeer down", false);
}

$has_carp_vips = false;
if (isset($config['virtualip']['vip']) && count($config['virtualip']['vip']) > 0) {
foreach ($config['virtualip']['vip'] as $vip) {
if ($vip['mode'] == 'carp') {
$has_carp_vips = true;
break;
}
}
}

if ($has_carp_vips) {
set_single_sysctl("net.inet.carp.allow", "1");
} else {
set_single_sysctl("net.inet.carp.allow", "0");
}

if (file_exists("/var/run/booting")) {
unmute_kernel_msgs();
echo gettext("done.") . "\n";
Expand Down
4 changes: 1 addition & 3 deletions src/etc/inc/system.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,9 +118,7 @@ function activate_sysctls()
"net.enc.in.ipsec_bpf_mask" => "0x0002",
"net.enc.in.ipsec_filter_mask" => "0x0002",
"net.enc.out.ipsec_bpf_mask" => "0x0001",
"net.enc.out.ipsec_filter_mask" => "0x0001",
'net.inet.carp.senderr_demotion_factor' => '0',
'net.pfsync.carp_demotion_factor' => '0',

This comment has been minimized.

Sign in to view

Copy link
@fichtner

fichtner Sep 15, 2016

Member

We added these as per a previous ticket and it seemed to solve some issues. Are they unneeded now or was this a killing spree? Nice work nevertheless.

This comment has been minimized.

Sign in to view

Copy link
@AdSchellevis

AdSchellevis Sep 15, 2016

Author Member

They should remain default, if you rest them the carp cluster can't recover the way it should do, from the man page:
net.inet.carp.senderr_demotion_factor

This value is added to net.inet.carp.demotion when carp experiences errors sending its announcements.
The default value is 240 (the maximum advskew value).

net.pfsync.carp_demotion_factor

Value added to net.inet.carp.demotion while pfsync tries to perform its bulk update.
See carp(4) for more information. Default value is 240.

The user can always reset the values in custom sysctl settings, but the defaults really look sane..

This comment has been minimized.

Sign in to view

Copy link
@fichtner

fichtner Sep 15, 2016

Member

Ok, fine with me. I will try to ask the reporter for feedback on the new devel code that will be out with 16.7.4
"net.enc.out.ipsec_filter_mask" => "0x0001"
);

if (isset($config['sysctl']['item'])) {
Expand Down
18 changes: 0 additions & 18 deletions src/etc/rc.linkup
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,23 +38,6 @@ require_once("system.inc");
require_once("unbound.inc");
require_once("services.inc");

/**
* signal CARP to go down when there's a ip configured on the provided interface
* interfaces_carp_setup will enable carp when pfsync completes.
*/
function interface_signal_carp($intf)
{
global $config;
if (!empty($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $vip) {
if ($vip['interface'] == $intf && $vip['mode'] == 'carp') {
set_single_sysctl("net.inet.carp.allow", "0");
}
}
}
}


function handle_argument_group($iface, $argument2) {
global $config;

Expand Down Expand Up @@ -85,7 +68,6 @@ function handle_argument_group($iface, $argument2) {
case "stop":
log_error("DEVD Ethernet detached event for {$iface}");
interface_bring_down($iface);
interface_signal_carp($iface);
break;
case "start":
log_error("DEVD Ethernet attached event for {$iface}");
Expand Down

0 comments on commit 5497ae4

Please sign in to comment.