[OPENBSD] CARP active/active configuration works with icmp but not with http

lipkowski.be · February 1, 2024, 10:42am

Hi,

i want to setup a carp loadbalancing with 2 webservers. The VIP Address is reachable via icmp i have checked this with tcpdump but if i check http always the webside of host b will be displayed and after 5 or 6 trys its take long until the page is displayed. Whats my fault?

here is my current config

#Host A
ifconfig inet 192.168.10.10/32
route add 192.168.10.1 -llinfo -link -iface re0
route add default 192.168.10.1

ifconfig carp0 10.10.10.10/32 carpdev re0 carpnodes 1:0,2:100 balancing ip-stealth
sysctl net.inet.carp.preempt=1


#Host B
ifconfig inet 192.168.10.11/32
route add 192.168.10.1 -llinfo -link -iface re0
route add default 192.168.10.1

ifconfig carp0 10.10.10.10/32 carpdev re0 carpnodes 1:100,2:0 balancing ip-stealth
sysctl net.inet.carp.preempt=1

MadeInGermany · February 7, 2024, 9:42am

Welcome!

Can you reach the hostA ip via http?

Maybe a firewall on hostA blocks the virtual ip?

lipkowski.be · February 7, 2024, 11:10am

Hi,

yes both servers reachable via dedicaded ip over http but not over the shared ip. I have setup 2 fresh openbsd 7.4 hosts and i can not see any firewall rule that blocks the requests.

If i use the same setup with master and slave it works but master/master (active/active loadbalance) doesnt work.

MadeInGermany · February 7, 2024, 1:11pm

Can they see each other`s MAC in the ARP cache?

arp -a

The important MAC´s are on the 10.10.10.10/32 network.

lipkowski.be · February 13, 2024, 9:39am

Hi,

i have created simpler testsetup.

#Host A
ifconfig inet 10.66.6.10/24
route add default 10.66.6.1

ifconfig carp0 10.66.6.21/24 carpdev em0 carpnodes 1:100,2:0 balancing ip-stealth
sysctl net.inet.carp.preempt=1

#Host B
ifconfig inet 10.66.6.11/24
route add default 10.66.6.1

ifconfig carp0 10.66.6.21/24 carpdev em0 carpnodes 1:0,2:100 balancing ip-stealth
sysctl net.inet.carp.preempt=1

Both bsd servers connected to the same bridge. And the testing server is connected to the same bridge to (ip 10.66.6.101/24).

here is the arp cache of both nodes

hosta# arp -an
Host                                 Ethernet Address    Netif Expire    Flags
10.66.6.1                            f6:13:3c:c9:63:00     em0 19m6s     
10.66.6.10                           52:54:00:4f:0f:1a     em0 permanent l
10.66.6.21                           00:00:5e:00:01:01   carp0 permanent l
10.66.6.101                          ba:5e:ee:a9:30:de     em0 19m1s  

###
hostb# arp -an                                                                           
Host                                 Ethernet Address    Netif Expire    Flags
10.66.6.1                            f6:13:3c:c9:63:00     em0 19m42s    
10.66.6.11                           52:54:00:13:92:90     em0 permanent l
10.66.6.21                           00:00:5e:00:01:01   carp0 permanent l
10.66.6.101                          ba:5e:ee:a9:30:de     em0 18m42s

Have somebody successful created a active/active http balancing with carp. Currently i think its impossible .

hicksd8 · February 13, 2024, 3:31pm

You have configured the hard ip addresses and the CARP virtual ip address but did you enable load balancing:

net.inet.carp.arpbalance

What other 'sysctl' options have you configured?

Ref:

P.S. Oh! And welcome to the forum!

lipkowski.be · February 13, 2024, 4:48pm

i got

hosta# sysctl net.inet.carp.arpbalance
sysctl: fourth level name arpbalance in net.inet.carp.arpbalance is invalid

This are the other carp options

hosta# sysctl -a | grep carp             
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=2

system · February 27, 2024, 4:49pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.