Hello,
I had to configure LAN interface with multiple CARP from different subnets.
I also have 2 box in HA.
Box 1:
LAN address = 192.168.250.253
CARP address = 192.168.250.1
CARP address = 10.254.0.1
Box 2:
LAN address = 192.168.250.252
CARP address = 192.168.250.1
CARP address = 10.254.0.1
When I try to ping from a machine with ip address 10.254.0.27 to 192.168.250.253 all works
When I try to ping from a machine with ip address 10.254.0.27 to 192.168.250.252 don't works
I can't understand why.
If I tracert to 192.168.250.252 destination is reached with no hops.
If I tracert to 192.168.250.253 I get the first hops and then request timeout
C:\>tracert -d 192.168.250.253
Traccia instradamento verso 192.168.250.253 su un massimo di 30 punti di passaggio
1 <1 ms <1 ms <1 ms 192.168.250.253
C:\>tracert -d 192.168.250.252
Traccia instradamento verso 192.168.250.252 su un massimo di 30 punti di passaggio
1 <1 ms <1 ms <1 ms 10.254.0.1
2 * * * richiesta scaduta
If I try to inspect traffic on 192.168.250.252 with tcpdump I only see the traffic IN but no reply from 192.168.250.252
root@opn02:~ # tcpdump -n host 10.254.0.27 and icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:30:58.480436 IP 10.254.0.27 > 192.168.250.252: ICMP echo request, id 33, seq 63230, length 72
It seems that box 2 don't know how to come back. Is this a problem with multiple CARP subnets on the same interface?
Any suggestion?
Yes, this cant work since opn2 has no active interface and doesnt know how to send the packets there. But after failover it should work on opn2 too
That's what I wanted to hear, thanks! :)
So this don't works for LAN interface.
The same configuration on WAN interface works. I image that the reason is that WAN interface has a gateway, right?
Yes, and ICMP redirect does the rest :)