Carp and OpenBGP
-
Good Afternoon,
I'm trying to configure carp to demote when openbgp session fails
Currently my config reads
This file was created by the package manager. Do not edit!
AS 2***
fib-update yes
listen on ...126
network ...194/26 (Different Network - Alias is on the interface)
group "Primary" {
remote-as ***
neighbor ...125 {
descr "Primary Circuit"
set nexthop ...125
announce self
demote carp
}
}
deny from any
deny to any
allow from ...125
allow to ..*.125So I'm getting the following carp error
error initializing group "carp"
Is this not supported and if not how is carp suppose to fail over on BGP session drop ?
Our config is
FW1 –--- BGP Router
/ |
Internal Carp IP External CarpIP
\ |
FW2 ----- BGP RouterSo on session failure we really need carp to fail over but openbgp seems to have problems initialising the CARP group
when i run ifconfig -g carp is get
ifconfig -g carp
pfsync0
vip1
vip2I have tried manually increasing the counter with
ifconfig -g carp carpdemote 128
but nothing seems to happen am I missing something ? our carp interfaces sit on Lagg Failover bonded interfaces
Thanks Again for you Help
J
-
Well I've partly answered my own question,
Carpdev does not seem to have been implemented yet on pfsense
So how do you configure an ordered failover of based upon bgp sessions ?
-
Well I've partly answered my own question,
Carpdev does not seem to have been implemented yet on pfsense
So how do you configure an ordered failover of based upon bgp sessions ?
which interface won't work? ;)
[2.1-BETA1][root@gw1.zws8.local]/root(32): ifconfig -g carp
pfsync0
wan_vip211
wan_vip212
lan_vip213
lan_vip214
opt2_vip215
wan_vip216
wan_vip217looks good. I guess you haven't found this (I searched long time to find it):
[2.1-BETA1][root@gw1.zws8.local]/root(33): sysctl -a | grep carp
…
net.inet.ip.same_prefix_carp_only: 0
net.inet.carp.allow: 1
net.inet.carp.preempt: 1 <<=== this option must be set under Advanced => System Tunables
net.inet.carp.log: 1
net.inet.carp.arpbalance: 0
net.inet.carp.suppress_preempt: 0
net.link.ether.inet.carp_mac: 0