CARP problem with VMWare Server



  • Hello!

    I'm having problems with CARP using 2 virtual machines under VMWare Server. I´ve setup the cluster following the tutorial and it does work somewhat ok: I have trafic, Nat forwarding is ok, failovers correctly, etc… But I'm having two issues with it:

    1.- It doesn't seem to failback correctly, even now that preemption is supposed to be enabled by default. How long should it take to failback to the master firewall?

    2.- The second problem it's really annoying: one or more of my CARP VIP's get moved from the master to the slave firewall randomly. I've been unable to find why or when the VIP's gets removed from the master pfSense ???

    Has someone any clue about any of this problems?
    It's CARP supposed to work correctly under VMWare Server?

    Thanks a lot!



  • I don't think I know anyone using CARP in VMware Server in production. It works fine in ESX, though you have to enable promiscuous mode. That isn't applicable in VMware Server though. From what you describe it sounds like VMware or your network setup is hosing the multicast traffic. What you describe is what people see when they have a switch that breaks or blocks multicast.



  • What version of ESX do you have you got PFsense with CARP working on?

    I am currently trying to set it up on ESX 3.5 and have followed what little instructions I can in regards to enabling promiscuous mode with no luck.

    I have added the following lines in to the .vmx file for the VM's nics:

    ethernetN.nopromisc = "false"

    and have stopped the vswitch from blocking promiscuous.

    I am pulling my hair out!

    Cheers everyone



  • Can anyone confirm that VMware Server doesn't work with pfSense CARP?

    Thanks.



  • Yes, it can work! I have it working on vmware-server 1.0.7, Linux host.

    read this: http://www.ogris.de/docs/vmware-server-vrrp.html
    and this: http://mark.foster.cc/blog/2008/10/pfsense-and-carp-on-vmware-server.html

    Basically a small hack the vmnet driver.

    I don't think this will work on ESX though, just vmware-server.


Log in to reply