locked
Hyper-V 2016 FreeBSD CARP problem RRS feed

  • Question

  • Hello everyone,

    Original post

    I have a Win 2016 Hyper-V cluster. And I want to make a failover balancer based on FreeBSD 11 and Nginx. I created 2 VMs and installed FreeeBSD 11. It's very easy to configure CARP on FreeBSD, just load carp kernel module and add something like this "ifconfig_hn0_alias0="inet vhid 10 pass somepass alias 192.168.1.10/32" in /etc/rc.conf.

    But when I did it I saw errors in log:

    Feb  7 14:06:25 vm-ha-01 kernel: carp: 10@hn0: BACKUP -> MASTER (master timed out)
    Feb  7 14:06:31 vm-ha-01 kernel: carp: 10@hn0: MASTER -> BACKUP (more frequent advertisement received)

    CARP state was switching from BACKUP to MASTER and back over and over.Ok, I launched tcpdump to capture only incoming traffic and saw this:

    root@vm-ha-03:~ # tcpdump --direction=in -n -e proto CARP
    14:08:27.447718 90:e2:ba:d7:44:11 > 01:00:5e:00:00:12, ethertype IPv4 (0x0800), length 70: 192.168.159.2 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0, authtype none, intvl 1s, length 36

    or

    14:08:33.634475 90:e2:ba:d7:44:10 > 01:00:5e:00:00:12, ethertype IPv4 (0x0800), length 70: 192.168.159.2 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0, authtype none, intvl 1s, length 36

    90:e2:ba:d7:44:11 and 90:e2:ba:d7:44:10 are mac-addresses of  host's physical adapters, which w ere combinedin the SET (Switch Embedded Teaming). If I understood correctly, the problem was the system recieved its own sent CARP packets, but its mac-address had been spoofed by SET. According to this article (https://technet.microsoft.com/library/mt403349.aspx#bkmk_mac) this behavior is OK. But I want CARP to work properly. Why doesn't Virtual Switch drop multicast packets, which mac address was spoofed by virtual switch' physical adapters.

    And the problem occurs only when LoadBalancingAlgorithm is "Dynamic", if I set LoadBalancingAlgorithm = HyperVPort CARP works fine.

    • Edited by Uncletimmy3 Wednesday, February 8, 2017 9:26 AM
    Wednesday, February 8, 2017 9:02 AM

Answers

  • Long story short you should use "HyperVPort" if you want to use CARP... Otherwise it does not work
    • Marked as answer by Uncletimmy3 Wednesday, June 21, 2017 10:21 AM
    Wednesday, June 21, 2017 10:21 AM