Any way of getting around the VHID limit of 256
-
Option 4. - Make routing on a routing device or a switch.
-
@bepo said in Any way of getting around the VHID limit of 256:
Option 4. - Make routing on a routing device or a switch.
Yes changing the network design is definitely option 4.
-
Actually You could re-use VHID as long as they are in a different/distinct Layer2 network segment. I'll test this out tomorrow
-
As long as the L2 is separate, you can use the same VHID for each interface.
-
@xciter327 Great idea!
-
So I've been testing with a large number of CARP interfaces. I keep getting:
sonewconn : pcb 0xfffff800298220f0 Listet queue overflow. 193 already in queue awaiting acceptance(xxxxx occurrences)
Theoretically I can start increasing the "kern.ipc.somaxconn", but I am unsure if this is the right way.
-
That error wouldn't be from CARP directly, but from a daemon or other socket provider on the firewall (web server, php, etc)
-
I am still investigating, however currently it looks like pfctl is trying to start the firewall and failing.
-
A little bit of PSA.
While You seem to be able to configure unlimited amount of interfaces, pFSense has major issues when the number of interfaces goes above 128. High CPU load, UI times out, DHCP does not work, CARP/Sync becomes unusable, system freezes up etc.
This is very much pFSense related and not a FreeBSD problem, by the looks of it.
To reproduce: make 200 vlans and assign them IPs, DHCP etc. If Your devices is really powerful make more. I've tested this on a Atom 2758 box.
-
The number of CARP VIPs and the number of interfaces are completely unrelated problems, but thanks for the note.
