Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: CARP not working on second WAN interface #1779

Closed
wytcld opened this issue Aug 17, 2017 · 5 comments
Closed

Bug: CARP not working on second WAN interface #1779

wytcld opened this issue Aug 17, 2017 · 5 comments
Assignees
Labels

Comments

@wytcld
Copy link

@wytcld wytcld commented Aug 17, 2017

From https://forum.opnsense.org/index.php?topic=5765.0:

Experimenting, I'm getting a contradictory result. On the first WAN interface, I've added two CARP IPs, both using the same VHID number. On the second WAN interface, I've added one CARP IP, using a second VHID number. But when I try to add a second CARP IP, OPNsense complains:

 The following input errors were detected:
 *    VHID 12 is already in use on interface WAN2. Pick a unique number on this interface.

In the CARP widget in the lobby, it clearly shows the first two IPs as "WAN1@11 > MASTER ", and the second as "WAN2@12 ", where 11 and 12 are the CARP VHIDs. Note the second interface's IP isn't showing it as master either. What difference is allowing multiple CARP IPs with the same VHID on one WAN interface, and blocking it from being set up that way on the other?

Also, WAN2 is not sending out any CARP packets. It's receiving some with another VHID from another system on that interface. But it's not sending out any of its own on WAN2, not with VHID12 or anything else. Also, it has not added the one CARP IP to its interface.

Looking with ifconfig, I see that interface igb1 (WAN1) has promiscuous mode enabled, igb2 (WAN2) does not. Why would this be? Could it be related to the problems?

@AdSchellevis

This comment has been minimized.

Copy link
Member

@AdSchellevis AdSchellevis commented Aug 23, 2017

I think we can drop the constraint which only allows the same vhid to be assigned on one interface, I just need to do some final check there.

I removed the validation and saved on my end, which seems to result it the correct aliases:

	inet 10.100.0.10 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 
	inet 10.100.0.11 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 
	inet 10.100.0.12 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 

Which looks the same as adding one manually using
ifconfig em2 alias 10.100.0.11 netmask 255.255.255.0 vhid 1

@mimugmail

This comment has been minimized.

Copy link
Member

@mimugmail mimugmail commented Aug 23, 2017

Multiple IPs per VHID would be very great. Drops down the noisy Multicast

@AdSchellevis

This comment has been minimized.

Copy link
Member

@AdSchellevis AdSchellevis commented Aug 23, 2017

I think we better unlock the possibility to add an optional vip to an ipalias as well and check if there actually is a carp vip configured on the interface when set, that way you can easily add more and we keep complexity low.

If we remove the validation we would trigger the init (https://github.com/opnsense/core/blob/17.7/src/etc/inc/interfaces.inc#L1871) multiple times, which isn't a very bright idea.

@AdSchellevis

This comment has been minimized.

Copy link
Member

@AdSchellevis AdSchellevis commented Aug 24, 2017

@mimugmail in case you have the time and spirit to do some testing, 8ae34af should add support for a vhid on an ipalias.

@mimugmail

This comment has been minimized.

Copy link
Member

@mimugmail mimugmail commented Aug 24, 2017

I'm back from vacation on 4th of September and will so some testing of not already in master :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.