FreeBSD/CARP vs VRRP

From TomJudge.com
Jump to: navigation, search


CARP vs VRRP

Why is there a problem?

Well people at OpenBSD get very annoyed when someone decided it would be good to ratify a standard that is patent encumbered. Full details can be read here.

The problem is that the author of carp decided in there infinite wisdom to use the same IP protocol number (112) as VRRP to annoy the VRRP folks. Ok but why is this bad? I here you say. Well what if you have a switch or something that is running VRRP and you want to run CARP on the same subnet? Some of these devices are quite fussy about the VRRP frames they receive, and CARP frames can cause them problems. Another problem is that the VRRP frames coming in to your CARP enabled FreeBSD box will start spamming you log file with junk about frames that can't be decoded.

How do I fix ?

Simply apply the following patch, build a new kernel and install it and the /etc/protocols file. Then reboot all your members. If you leave some members with this patch and others without expect bad things to happen(TM).


File contents from SVN: change-protocol-num.diff
Index: etc/protocols
===================================================================
--- etc/protocols	(revision 522)
+++ etc/protocols	(revision 523)
@@ -119,7 +119,7 @@
 snp	109	SNP		# Sitara Networks Protocol
 compaq-peer	110	Compaq-Peer	# Compaq Peer Protocol
 ipx-in-ip	111	IPX-in-IP	# IPX in IP
-carp	112	CARP	vrrp		# Common Address Redundancy Protocol
+vrrp	112	VRRP		# Virtual Router Redundancy Protocol
 pgm	113	PGM		# PGM Reliable Transport Protocol
 #	114			# any 0-hop protocol
 l2tp	115	L2TP		# Layer Two Tunneling Protocol
@@ -147,5 +147,6 @@
 mpls-in-ip	137	MPLS-IN-IP	# Encapsulating MPLS in IP
 #	138-254			# Unassigned
 pfsync	240	PFSYNC		# PF Synchronization
+carp    241 CARP # Common Address Redundancy Protocol
 #	255			# Reserved
 divert	258	DIVERT		# Divert pseudo-protocol [non IANA]
Index: sys/netinet/in.h
===================================================================
--- sys/netinet/in.h	(revision 522)
+++ sys/netinet/in.h	(revision 523)
@@ -258,9 +258,9 @@
 #define	IPPROTO_SCTP		132		/* SCTP */
 /* 101-254: Partly Unassigned */
 #define	IPPROTO_PIM		103		/* Protocol Independent Mcast */
-#define	IPPROTO_CARP		112		/* CARP */
 #define	IPPROTO_PGM		113		/* PGM */
 #define	IPPROTO_PFSYNC		240		/* PFSYNC */
+#define	IPPROTO_CARP		241		/* CARP */
 /* 255: Reserved */
 /* BSD Private, local use, namespace incursion, no longer used */
 #define	IPPROTO_OLD_DIVERT	254		/* OLD divert pseudo-proto */
Retrieved from "http://www.tomjudge.com/index.php/FreeBSD/CARP_vs_VRRP"
Personal tools