tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: npf and carp



Mindaugas Rasiukevicius <rmind%netbsd.org@localhost> wrote:
> Brook Milligan <brook%nmsu.edu@localhost> wrote:
> > I am trying to get npf to play nicely with a carp interface and am
> > having trouble.  The basic setup is that two hosts share in IP via carp
> > and I want to connect to that interface (i.e., either host) via ssh.
> > The following works:
> > 
> > - Carp will switch the interface from host to host
> > - Ssh connects to either host via its native IP
> > - Ssh connects to a carp IP only if npf is not active; this is the
> > problem.
> 
> Hmm.  Perhaps it is a bug in network stack bug and the packet gets
> associated with a different network interface.  Just a random guess.
> 

Indeed, the traffic looks asymmetric.  The packet filters (not only NPF)
see the outgoing packets on the physical interface.  It is reset here:

http://nxr.netbsd.org/xref/src/sys/net/if_ethersubr.c?r=1.209#222

-- 
Mindaugas


Home | Main Index | Thread Index | Old Index