DHCP on a CARP Interface

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

DHCP on a CARP Interface

Patrick O'Sullivan-2
For the sake of both redundancy and tinkering, I'd like to get a CARP
setup running at home. I have two firewalls yet only one Internet
source. All my local subnets will have statically configured IPs on
both the CARP interface and the underlying interfaces. I briefly tried
to get CARP running on my Internet facing interface and have had no
luck with a DHCP client running on that interface.

Has anyone made this work? A fair amount of searching has not turned
up a definitive answer as to whether or not it will work. As for right
now, it's not working. dhclient never gets an IP on the CARP
interface. Here is the relevant info:

output of 'ifconfig -a'
----

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33160
        priority: 0
        groups: lo
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
em0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST>
mtu 9000
        lladdr 00:25:90:02:7b:62
        description: Native VLAN for Management
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
        status: active
        inet 192.168.78.1 netmask 0xffffff00 broadcast 192.168.78.255
        inet6 fe80::225:90ff:fe02:7b62%em0 prefixlen 64 scopeid 0x1
em1: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST>
mtu 9000
        lladdr 00:25:90:02:7b:63
        priority: 0
        media: Ethernet autoselect (1000baseT full-duplex)
        status: active
        inet6 fe80::225:90ff:fe02:7b63%em1 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
        priority: 0
vlan100: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 9000
        lladdr 00:25:90:02:7b:62
        description: Production Network
        priority: 0
        vlan: 100 priority: 0 parent interface: em0
        groups: vlan
        inet6 fe80::225:90ff:fe02:7b62%vlan100 prefixlen 64 scopeid 0x5
        inet 10.128.6.2 netmask 0xffffff00 broadcast 10.128.6.255
vlan403: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 9000
        lladdr 00:25:90:02:7b:63
        priority: 0
        vlan: 403 priority: 0 parent interface: em1
        groups: vlan
        inet6 fe80::225:90ff:fe02:7b63%vlan403 prefixlen 64 scopeid 0x6
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33160
        priority: 0
        groups: pflog
carp100: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:64
        priority: 0
        carp: MASTER carpdev vlan100 vhid 100 advbase 20 advskew 0
        groups: carp
        inet6 fe80::200:5eff:fe00:164%carp100 prefixlen 64 scopeid 0x7
        inet 10.128.6.1 netmask 0xffffff00 broadcast 10.128.6.255
carp101: flags=8803<UP,BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:65
        priority: 0
        carp: INIT carpdev vlan403 vhid 101 advbase 1 advskew 0
        groups: carp
        inet6 fe80::200:5eff:fe00:165%carp101 prefixlen 64 scopeid 0x8
----

/etc/hostname.em1
----
mtu 9000 up
----

/etc/hostname.vlan403
----
vlandev em1
----

/etc/hostname.carp101
----
dhcp vhid 101 advbase 1 advskew 0 carpdev vlan403 pass abcabcabcabc
----

output of 'dhclient carp101'
----
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 2
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 3
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 7
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 7
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 18
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 20
send_packet: Network is unreachable
DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 4
send_packet: Network is unreachable
No DHCPOFFERS received.
No working leases in persistent database - sleeping.
----

output of 'uname -a'
----
OpenBSD foo.insaneirish.com 4.7 GENERIC.MP#130 amd64
----

Any help would be greatly appreciated!

Reply | Threaded
Open this post in threaded view
|

Re: DHCP on a CARP Interface

Patrick O'Sullivan-2
For now I am going to go with a different design with a separate box
to take the Internet handoff, but I would still be interested to see
if anyone has successfully used CARP with dhclient.

On May 23, 2010, at 12:55 AM, Patrick O'Sullivan <[hidden email]> wrote:

> For the sake of both redundancy and tinkering, I'd like to get a CARP
> setup running at home. I have two firewalls yet only one Internet
> source. All my local subnets will have statically configured IPs on
> both the CARP interface and the underlying interfaces. I briefly tried
> to get CARP running on my Internet facing interface and have had no
> luck with a DHCP client running on that interface.
>
> Has anyone made this work? A fair amount of searching has not turned
> up a definitive answer as to whether or not it will work. As for right
> now, it's not working. dhclient never gets an IP on the CARP
> interface. Here is the relevant info:
>
> output of 'ifconfig -a'
> ----
>
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33160
>        priority: 0
>        groups: lo
>        inet 127.0.0.1 netmask 0xff000000
>        inet6 ::1 prefixlen 128
>        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
> em0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST>
> mtu 9000
>        lladdr 00:25:90:02:7b:62
>        description: Native VLAN for Management
>        priority: 0
>        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
>        status: active
>        inet 192.168.78.1 netmask 0xffffff00 broadcast 192.168.78.255
>        inet6 fe80::225:90ff:fe02:7b62%em0 prefixlen 64 scopeid 0x1
> em1: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST>
> mtu 9000
>        lladdr 00:25:90:02:7b:63
>        priority: 0
>        media: Ethernet autoselect (1000baseT full-duplex)
>        status: active
>        inet6 fe80::225:90ff:fe02:7b63%em1 prefixlen 64 scopeid 0x2
> enc0: flags=0<> mtu 1536
>        priority: 0
> vlan100: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 9000
>        lladdr 00:25:90:02:7b:62
>        description: Production Network
>        priority: 0
>        vlan: 100 priority: 0 parent interface: em0
>        groups: vlan
>        inet6 fe80::225:90ff:fe02:7b62%vlan100 prefixlen 64 scopeid 0x5
>        inet 10.128.6.2 netmask 0xffffff00 broadcast 10.128.6.255
> vlan403: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 9000
>        lladdr 00:25:90:02:7b:63
>        priority: 0
>        vlan: 403 priority: 0 parent interface: em1
>        groups: vlan
>        inet6 fe80::225:90ff:fe02:7b63%vlan403 prefixlen 64 scopeid 0x6
> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33160
>        priority: 0
>        groups: pflog
> carp100: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>        lladdr 00:00:5e:00:01:64
>        priority: 0
>        carp: MASTER carpdev vlan100 vhid 100 advbase 20 advskew 0
>        groups: carp
>        inet6 fe80::200:5eff:fe00:164%carp100 prefixlen 64 scopeid 0x7
>        inet 10.128.6.1 netmask 0xffffff00 broadcast 10.128.6.255
> carp101: flags=8803<UP,BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>        lladdr 00:00:5e:00:01:65
>        priority: 0
>        carp: INIT carpdev vlan403 vhid 101 advbase 1 advskew 0
>        groups: carp
>        inet6 fe80::200:5eff:fe00:165%carp101 prefixlen 64 scopeid 0x8
> ----
>
> /etc/hostname.em1
> ----
> mtu 9000 up
> ----
>
> /etc/hostname.vlan403
> ----
> vlandev em1
> ----
>
> /etc/hostname.carp101
> ----
> dhcp vhid 101 advbase 1 advskew 0 carpdev vlan403 pass abcabcabcabc
> ----
>
> output of 'dhclient carp101'
> ----
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 2
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 3
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 7
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 7
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 18
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 20
> send_packet: Network is unreachable
> DHCPDISCOVER on carp101 to 255.255.255.255 port 67 interval 4
> send_packet: Network is unreachable
> No DHCPOFFERS received.
> No working leases in persistent database - sleeping.
> ----
>
> output of 'uname -a'
> ----
> OpenBSD foo.insaneirish.com 4.7 GENERIC.MP#130 amd64
> ----
>
> Any help would be greatly appreciated!