CARP VIP link local vs IPv6 communication

Started by GreenMatter, Today at 01:44:55 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 01:44:55 PM
I'm not able to set CARP VIPs for link local addresses (https://docs.opnsense.org/manual/how-tos/carp.html#setup-virtual-ipv6-link-local-address) to make IPv6 communication flowing. RA announces current, physical link local ipv6 address as router which is different than CARP VIP. I've tried setting fe80::/64 and fe80::1/64  as CARP VIP without any luck...

But as I use tunnelbroker I can't use my ipv4 WAN interface to set up CARP VIP (https://docs.opnsense.org/manual/how-tos/carp.html#setup-virtual-ipv6-global-unicast-address) and I think this should have been my GIF interface...(?) And if I set next hop, either tunnel remote or local address as CARP VIP address, VIP remains as disabled...

How to set it up properly?
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
Today at 02:35:12 PM #1
fe80::/64 is not a valid address but fe80::1/64 should be fine. I use fe80::<VLAN ID>/64 everywhere.

Please show a screenshot of

- the interface configuration of both units
- the CARP VIP configuration on the active/master (should propagate to the standby once you do a configuration sync)
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 08:22:41 PM #2
Quote from: Patrick M. Hausen on Today at 02:35:12 PM- the interface configuration of both units
- the CARP VIP configuration on the active/master
So, I adjusted local link addresses - as per your advice to make sure they are different

I couldn't attached screenshots here as limit is only 250 kB (?)
Link to listed below screenshots: https://imgur.com/a/r9RSFma
Master interface: 
Backup interface:
CARP VIP global (I had multicast, same issue, so I tried unicast)
CARP VIP local:


VHID groups are fine, initially I synchronised CARP VIPs, later I changed them to unicast.
So, where's mistake???
OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
Today at 09:00:09 PM #3 Last Edit: Today at 09:02:01 PM by Patrick M. Hausen
I block so called image hosting sites, sorry.

This works.

Interface configuration on the primary node:



CARP VIP:



Radvd config:



HTH,
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 10:10:11 PM #4
Quote from: Patrick M. Hausen on Today at 09:00:09 PMRadvd config:
Thanks!
Can you confirm, do you use: Services -> Router Advertisements? Because I don't have any dropdown list to choose from...

OPNsense on:
Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (4 cores)
8 GB RAM
50 GB HDD
and plenty of vlans ;-)
Today at 10:21:18 PM #5
I use Services: Router Advertisements. I don't recognise your screen shot.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 10:38:15 PM #6
Patrick, my settings look like the one above, as well. Your seems to be from an old version or the business version. There is no dropdown in "Source Adress" with 26.1.4, not even when a CARP VIP exists on the interface.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Today at 10:39:27 PM #7
Yes, the setup in question is BE 25.10.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions