carp(4)
NAME
carp - Common Address Redundancy Protocol
SYNOPSIS
device carp
DESCRIPTION
- The carp interface is a pseudo-device that implements and
- controls the
CARP protocol. CARP allows multiple hosts on the same local - network to
share a set of IP addresses. Its primary purpose is to en - sure that these
addresses are always available, but in some configurations - carp can also
provide load balancing functionality. - A carp interface can be created at runtime using the
- ifconfig carpN
create command or by configuring it via cloned_interfaces in - the
/etc/rc.conf file. - To use carp, the administrator needs to configure at minimum
- a common
virtual host ID and virtual host IP address on each machine - which is to
take part in the virtual group. Additional parameters can - also be set on
a per-interface basis: advbase and advskew, which are used - to control how
frequently the host sends advertisements when it is the mas - ter for a virtual host, and pass which is used to authenticate carp ad
- vertisements.
The advbase parameter stands for ``advertisement base''. It - is measured
in seconds and specifies the base of the advertisement in - terval. The
advskew parameter stands for ``advertisement skew''. It is - measured in
1/256 of seconds. It is added to the base advertisement in - terval to make
one host advertise a bit slower that the other does. Both - advbase and
advskew are put inside CARP advertisements. These configu - rations can be
done using ifconfig(8), or through the SIOCSVH ioctl(2). - Additionally, there are a number of global parameters which
- can be set
using sysctl(8): - net.inet.carp.allow Accept incoming carp packets.
- Enabled by
- default.
- net.inet.carp.preempt Allow virtual hosts to preempt
- each other.
- It is also used to failover
- carp interfaces
as a group. When the option - is enabled and
one of the carp enabled physi - cal interfaces
goes down, advskew is changed - to 240 on all
carp interfaces. See also the - first example. Disabled by default.
- net.inet.carp.log Value of 0 disables any log
- ging. Value of
- 1 enables logging of bad carp
- packets.
Values above 1 enable logging - state changes
of carp interfaces. Default - value is 1.
- net.inet.carp.arpbalance Balance local traffic using
- ARP. Disabled
- by default.
- net.inet.carp.suppress_preempt
- A read only value showing the
- status of
preemption suppression. Pre - emption can be
suppressed if link on an in - terface is down
or when pfsync(4) interface is - not synchronized. Value of 0 means that
- preemption is
not suppressed, since no prob - lems are
detected. Every problem in - crements suppression counter.
EXAMPLES
- For firewalls and routers with multiple interfaces, it is
- desirable to
failover all of the carp interfaces together, when one of - the physical
interfaces goes down. This is achieved by the preempt op - tion. Enable it
on both host A and B:
sysctl net.inet.carp.preempt=1- Assume that host A is the preferred master and
- 192.168.1.x/24 is configured on one physical interface and 192.168.2.y/24 on anoth
- er. This is
the setup for host A:
ifconfig carp0 create
ifconfig carp0 vhid 1 pass mekmitasdigoat- 192.168.1.1/24
ifconfig carp1 create
ifconfig carp1 vhid 2 pass mekmitasdigoat - 192.168.2.1/24
- The setup for host B is identical, but it has a higher
- advskew:
ifconfig carp0 create
ifconfig carp0 vhid 1 advskew 100 pass mekmitasdigoat- 192.168.1.1/24
ifconfig carp1 create
ifconfig carp1 vhid 2 advskew 100 pass mekmitasdigoat - 192.168.2.1/24
- Because of the preempt option, when one of the physical in
- terfaces of
host A fails, advskew is adjusted to 240 on all its carp in - terfaces.
This will cause host B to preempt on both interfaces instead - of just the
failed one. - In order to set up an ARP balanced virtual host, it is nec
- essary to configure one virtual host for each physical host which would
- respond to ARP
requests and thus handle the traffic. In the following ex - ample, two virtual hosts are configured on two hosts to provide balancing
- and failover
for the IP address 192.168.1.10. - First the carp interfaces on host A are configured. The
- advskew of 100
on the second virtual host means that its advertisements - will be sent out
slightly less frequently.
ifconfig carp0 create
ifconfig carp0 vhid 1 pass mekmitasdigoat- 192.168.1.10/24
ifconfig carp1 create
ifconfig carp1 vhid 2 advskew 100 pass mekmitasdigoat - 192.168.1.10/24
- The configuration for host B is identical, except the
- advskew is on virtual host 1 rather than virtual host 2.
ifconfig carp0 create
ifconfig carp0 vhid 1 advskew 100 pass mekmitasdigoat- 192.168.1.10/24
ifconfig carp1 create
ifconfig carp1 vhid 2 pass mekmitasdigoat - 192.168.1.10/24
- Finally, the ARP balancing feature must be enabled on both
- hosts:
sysctl net.inet.carp.arpbalance=1- When the hosts receive an ARP request for 192.168.1.10, the
- source IP
address of the request is used to compute which virtual host - should
answer the request. The host which is master of the select - ed virtual
host will reply to the request, the other(s) will ignore it. - This way, locally connected systems will receive different
- ARP replies
and subsequent IP traffic will be balanced among the hosts. - If one of
the hosts fails, the other will take over the virtual MAC - address, and
begin answering ARP requests on its behalf. - Note: ARP balancing only works on the local network segment.
- It cannot
balance traffic that crosses a router, because the router - itself will
always be balanced to the same virtual host.
SEE ALSO
inet(4), pfsync(4), rc.conf(5), ifconfig(8), sysctl(8)
HISTORY
- The carp device first appeared in OpenBSD 3.5. The carp de
- vice was
imported into FreeBSD 5.4. - BSD May 15, 2005