Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Carp and OpenBGP

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jnex26
      last edited by

      Good Afternoon,

      I'm trying to configure carp to demote when openbgp session fails

      Currently my config reads

      This file was created by the package manager.  Do not edit!

      AS 2***
      fib-update yes
      listen on ...126
      network .      .      .194/26 (Different Network - Alias is on the interface)
      group "Primary" {
      remote-as ***
      neighbor ..      .125 {
          descr "Primary Circuit"
      set nexthop ..      .125
      announce self
      demote carp  
      }
      }
      deny from any
      deny to any
      allow from ..      .125
      allow to ..      *.125

      So I'm getting the following carp error

      error initializing group "carp"

      Is this not supported and if not how is carp suppose to fail over on BGP session drop ?

      Our config is

      FW1 –--- BGP Router
                        /     |
      Internal Carp IP    External CarpIP
                        \     |
                         FW2 ----- BGP Router

      So on session failure we really need carp to fail over but openbgp seems to have problems initialising the CARP group

      when i run ifconfig -g carp is get

      ifconfig -g carp
      pfsync0
      vip1
      vip2

      I have tried manually increasing the counter with

      ifconfig -g carp carpdemote 128

      but nothing seems to happen am I missing something ? our carp interfaces sit on Lagg Failover bonded interfaces

      Thanks Again for you Help

      J

      1 Reply Last reply Reply Quote 0
      • J
        jnex26
        last edited by

        Well I've partly answered my own question,

        Carpdev does not seem to have been implemented yet on pfsense

        So how do you configure an ordered failover of based upon bgp sessions ?

        1 Reply Last reply Reply Quote 0
        • R
          Reiner030
          last edited by

          @jnex26:

          Well I've partly answered my own question,

          Carpdev does not seem to have been implemented yet on pfsense

          So how do you configure an ordered failover of based upon bgp sessions ?

          which interface won't work? ;)

          [2.1-BETA1][root@gw1.zws8.local]/root(32): ifconfig -g carp
          pfsync0
          wan_vip211
          wan_vip212
          lan_vip213
          lan_vip214
          opt2_vip215
          wan_vip216
          wan_vip217

          looks good. I guess you haven't found this (I searched long time to find it):

          [2.1-BETA1][root@gw1.zws8.local]/root(33): sysctl -a | grep carp
          …
          net.inet.ip.same_prefix_carp_only: 0
          net.inet.carp.allow: 1
          net.inet.carp.preempt: 1              <<=== this option must be set under Advanced =>  System Tunables
          net.inet.carp.log: 1
          net.inet.carp.arpbalance: 0
          net.inet.carp.suppress_preempt: 0
          net.link.ether.inet.carp_mac: 0

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.