[ovirt-users] CARP Fails on Bond mode=1
Matt .
yamakasi.014 at gmail.com
Wed Jul 13 13:59:50 UTC 2016
As addition: I get the same result using mode=4, only when I use
multiple VLANS on the interface.
2016-07-13 15:58 GMT+02:00 Matt . <yamakasi.014 at gmail.com>:
> Hi Pavel,
>
> Thanks for your update. I also saw that the post are both online but I
> thought the second nic only advertises the mac so the switch does not
> get confused.
>
> The issue might be that i do VRRP, so the bond is connected to two
> switches, they are not stacked, only trunked as that's what VRRP
> requires and works well on the side where there is only one VLAN on
> the Host interface.
>
> It just goes wrong on multiple vlans.
>
> This is what I see everywhere.
>
> Mode 1 (active-backup)
> This mode places one of the interfaces into a backup state and will
> only make it active if the link is lost by the active interface. Only
> one slave in the bond is active at an instance of time. A different
> slave becomes active only when the active slave fails. This mode
> provides fault tolerance.
>
> It's sure I need to get my traffic back on my sending port, so that is
> why the arp for the passive port was there I thought.
>
> Are there other modes that should be working on VRRP in your understanding ?
>
> Thanks a lot,
>
> Matt
>
>
>
> 2016-07-13 15:43 GMT+02:00 Pavel Gashev <Pax at acronis.com>:
>> In mode=1 the active interface sends traffic, but both interfaces accept incoming traffic. Hardware switches send broadcast/multicast/unknown destination MACs to all ports, including the passive interface. So packet sent from the active interface can be received back from the passive interface. FreeBSD CARP just would go mad when it receives its own packets.
>>
>> I believe if you get Linux implementation, it will work well in the same network setup. I use keepalived in oVirt VMs with bonded network, and have no issues.
>>
>> -----Original Message-----
>> From: "Matt ." <yamakasi.014 at gmail.com>
>> Date: Wednesday 13 July 2016 at 15:54
>> To: Pavel Gashev <Pax at acronis.com>, users <users at ovirt.org>
>> Subject: Re: [ovirt-users] CARP Fails on Bond mode=1
>>
>> How can it lead into packet duplication when the passive should not be
>> active and only it's mac-address should be visible on the switch to
>> prevent confusion on the switch ?
>>
>> For a VRRP setup on the switch there is no other option then mode=1 as
>> far as I know ?
>>
>> 2016-07-13 14:50 GMT+02:00 Pavel Gashev <Pax at acronis.com>:
>>> I would say that bonding breaks CARP somehow. In example mode=1 can lead to packet duplication, so pfsense can receive it's own packets. Try firewall in pfsense all incomming packets that have the same source MAC address as pfsense.
>>>
>>> -----Original Message-----
>>> From: "Matt ." <yamakasi.014 at gmail.com>
>>> Date: Wednesday 13 July 2016 at 15:29
>>> To: Pavel Gashev <Pax at acronis.com>
>>> Subject: Re: [ovirt-users] CARP Fails on Bond mode=1
>>>
>>> Hi Pavel,
>>>
>>> No it's Pfsense, so FreeBSD.
>>>
>>> Is there something different there ?
>>>
>>>
>>>
>>> 2016-07-13 13:59 GMT+02:00 Pavel Gashev <Pax at acronis.com>:
>>>> Matt,
>>>>
>>>> How is CARP implemented? Is it OpenBSD?
>>>>
>>>> -----Original Message-----
>>>> From: <users-bounces at ovirt.org> on behalf of "Matt ." <yamakasi.014 at gmail.com>
>>>> Date: Wednesday 13 July 2016 at 12:42
>>>> Cc: users <users at ovirt.org>
>>>> Subject: Re: [ovirt-users] CARP Fails on Bond mode=1
>>>>
>>>> Hi Pavel,
>>>>
>>>> This is done and used without the Bond before.
>>>>
>>>> Now I applied a bond it goes wrong and I'm searching but can't find a
>>>> thing about it.
>>>>
>>>>
>>>>
>>>> 2016-07-13 11:03 GMT+02:00 Pavel Gashev <Pax at acronis.com>:
>>>>> Matt,
>>>>>
>>>>> In order to use CARP/VRRP in a VM you have to disable MAC spoofing prevention.
>>>>> http://lists.ovirt.org/pipermail/users/2015-May/032839.html
>>>>>
>>>>> -----Original Message-----
>>>>> From: <users-bounces at ovirt.org> on behalf of "Matt ." <yamakasi.014 at gmail.com>
>>>>> Date: Tuesday 12 July 2016 at 21:58
>>>>> To: users <users at ovirt.org>
>>>>> Subject: [ovirt-users] CARP Fails on Bond mode=1
>>>>>
>>>>> Hi guys,
>>>>>
>>>>> I have been testing bonding with a vm connected to the network on this
>>>>> bond mode=1 (vlans on top of it) where the vm uses a carp IP for
>>>>> failover.
>>>>>
>>>>> It seems that when the VM which holds the Carp IP and so is Master you
>>>>> can ping both IP's, so interface IP and Carp IP, but you cannot
>>>>> throw/route any traffic over it.
>>>>>
>>>>> You can route traffic over the interface IP of the Carp Slave.
>>>>>
>>>>> Is this known or just not possible ?
>>>>>
>>>>> I hope it's a "bug" :)
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Matt
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at ovirt.org
>>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>>
>>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/users
>>>>
>>>>
>>>
>>>
>>
>>
More information about the Users
mailing list