CARP and D-Link DGS-1210-52

IB

I have pfsense cluster (2.2.6-Release i386) with internal interfaces connected to D-Link DGS-1210-52. Switch setup with CARP IP as default router. But it can't ping pfsense. When I capture traffic I see when ping pfsense from switch:
1. Switch send ARP-request
2. pFsense answer to this request with virtual MAC. But send answer from real MAC.
3. Switch add pair "CARP IP"+"Virtual MAC" to ARP-cache
4. But not send Echo Request to this IP/MAC

When I ping switch from pfsense - there is no reply from switch. Frames from pfSense has REAL MAC.

DLink support say, that frame must arrive from Virtual MAC (but this not explain p.4 in my trace)

In this forum I read about parameter 'net.link.ether.inet.carp_mac'. This must change MAC in outgoing packets from real to virtual. I insert it in System: Advanced: System Tunable. But I see no changes - packet from interface has real MAC, no virtual.

How to change MAC to virtual in outgoing pfsense packets? It's possible?

cmb

The DLink is broken. How CARP behaves is fine per RFCs, and works with everything else. There is no way to do what you're describing, that sysctl only changes the source MAC on ARP replies which wouldn't be enough for that.

IB

@cmb:

The DLink is broken. How CARP behaves is fine per RFCs, and works with everything else. There is no way to do what you're describing, that sysctl only changes the source MAC on ARP replies which wouldn't be enough for that.

Perhaps it makes sense to keep a separate topic in this forum with blacklist poor equipment ?

cmb

@IB:

Perhaps it makes sense to keep a separate topic in this forum with blacklist poor equipment ?

If there were anything to make a list of, I'd agree. This is the first such device anyone's reported in the nearly 12 years of our existence.

derwin

any Dlink not work with CARP:

• DES 3028, 3200, DGS 3120
• even the DIR-100 does not work
• etc.

Also raspberry pi any models with "Rasbian" (aka Rasberry Debian) have problem - packet loss(>75%), packet delay!
And some Gigabyte motherboard with WinXP have problem!

This link from Dlink-RUSSIA http://forum.dlink.ru/viewtopic.php?f=2&t=159663&hilit=carp
It says "if CARP = gateway for DLINK, you need to clear arp or linkup/linkdown L3-interface". But CARP does not work with dlink. In no way. Not necessary in gateway.

please, need help

cmb

The DLink is broken, you need to either get them to fix that, or get a non-broken switch. CARP works the same as all router redundancy protocols (VRRP, HSRP) in that regard, and those are the only switches in the world that have that issue.

No OS, Linux, Windows or otherwise, has any problem with CARP.  No switches other than those DLinks have a problem with it.

derwin

check raspberry pi with its Linux(debian), they are also experiencing problems.

Also raspberry pi any models with "Rasbian" (aka Rasberry Debian) have problem - packet loss(>75%), packet delay!
And some Gigabyte motherboard with WinXP have problem!

These problems go along with the refusal of CARP.
My office net have ~300 PC in different vlan, problem 5 PC with WinXP and ALL raspberry (over 500)

cmb

@derwin:

problem 5 PC with WinXP and ALL raspberry (over 500)

Not induced by CARP, no Windows or Linux versions have any issues with it. You're misdiagnosing whatever the real problem is there.