tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: npf and carp



In article <20150527211006.BE9DD14A2F6%mail.netbsd.org@localhost>,
Mindaugas Rasiukevicius  <rmind%netbsd.org@localhost> wrote:
>Mindaugas Rasiukevicius <rmind%netbsd.org@localhost> wrote:
>> Brook Milligan <brook%nmsu.edu@localhost> wrote:
>> > I am trying to get npf to play nicely with a carp interface and am
>> > having trouble.  The basic setup is that two hosts share in IP via carp
>> > and I want to connect to that interface (i.e., either host) via ssh.
>> > The following works:
>> > 
>> > - Carp will switch the interface from host to host
>> > - Ssh connects to either host via its native IP
>> > - Ssh connects to a carp IP only if npf is not active; this is the
>> > problem.
>> 
>> Hmm.  Perhaps it is a bug in network stack bug and the packet gets
>> associated with a different network interface.  Just a random guess.
>> 
>
>Indeed, the traffic looks asymmetric.  The packet filters (not only NPF)
>see the outgoing packets on the physical interface.  It is reset here:
>
>http://nxr.netbsd.org/xref/src/sys/net/if_ethersubr.c?r=1.209#222

Try s/ifp/ifp0/g at line 430...

christos



Home | Main Index | Thread Index | Old Index