FreeVRRP
-
Hi folks. I'm running pfSense on XenServer 7 where the default network switch back end is OVS. After some extensive testing and research, I have come to the disappointing conclusion that CARP won't work due to the multicast mac not being supported on OVS and I'm unwilling to change to the bridge back end (right now at least) so I was looking to see if I could instead use the FreeVRRP package.
The package has installed correctly, but it has a dependency on ng_ether, ng_bridge, ng_socket and ng_eiface. I managed to pull these kernel module from a FreeBSD 11.1 RELEASE ISO, but ng_ether won't load (kldstat -v says it's built in). When I try to start up freevrrp, here is the error I get:May 20 21:14:55 fw1 freevrrpd[85534]: launching daemon in background mode
May 20 21:14:55 fw1 freevrrpd[85861]: initializing threads and all VRID
May 20 21:14:55 fw1 freevrrpd[85861]: reading configuration file /usr/local/etc/freevrrpd.conf
May 20 21:14:55 fw1 freevrrpd[85861]: cannot create an eiface/ether netgraph interface: File exists
May 20 21:14:55 fw1 kernel: xn2: permanently promiscuous mode enabled
May 20 21:14:55 fw1 freevrrpd[85861]: ng_ether.ko is probably not loaded, use kldload ng_ether.ko before running freevrrpd
May 20 21:14:55 fw1 freevrrpd[85861]: cannot create a virtual interface via netgraph: File exists
May 20 21:14:55 fw1 freevrrpd[85861]: check that ng_socket, ng_ether, ng_eiface and ng_bridge are loadedAm I just SOL?
-
If CARP won't work neither will VRRP. They use essentially the same network functions, including the same multicast address etc.
Not sure what you are seeing on XenServer 7 but CARP works just fine in XenServer 6.
-
If CARP won't work neither will VRRP. They use essentially the same network functions, including the same multicast address etc.
Not sure what you are seeing on XenServer 7 but CARP works just fine in XenServer 6.
Hmm… this and other threads https://forum.pfsense.org/index.php?topic=122588.0
Suggest that they function differently. Where as CARP uses a multicast MAC VRRP uses a single virtual unicast MAC?
Either way, I can confirm that the keepalived vrrp implementation works in my environment so I'm hopeful that freevrrp will work as well.Are/Were you using OVS on XenServer6? The network switch default backend is bridge mode..
