Project

General

Profile

Actions

Regression #14026

open

CARP backup node is unable to ping master node CARP VIP address

Added by Christopher Cope about 1 year ago. Updated 6 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
CARP
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

This was brought up by a customer and I am able to reproduce it.

Master 10.41.1.252
Backup 10.40.1.253
CARP 10.40.1.254

10.40.1.253 is unable to ping 10.40.1.254 on 23.01, but is able to on a 22.05 install.

When pinging 10.40.1.253 > 10.40.1.254 and using packet capture it shows packets reaching 10.41.1.252 and replies making it back to 10.41.1.253, but ping never sees the response. There are no blocked entries in the firewall logs.


Related issues

Related to Feature #11369: add Enabling IPv6 Source Address Validation supportResolved02/04/2021

Actions
Has duplicate Bug #14798: can't ping VIP addresses from the secondary nodeDuplicate

Actions
Actions #2

Updated by Marcos M 9 months ago

For reference:
This is due to source validation which is now being enabled by default. To return the previous behavior, set net.inet.ip.source_address_validation and net.inet6.ip6.source_address_validation to 0.

ref: IPv4 commit , IPv6 commit

Actions #3

Updated by Marcos M 9 months ago

  • Related to Feature #11369: add Enabling IPv6 Source Address Validation support added
Actions #4

Updated by Jim Pingle 6 months ago

  • Has duplicate Bug #14798: can't ping VIP addresses from the secondary node added
Actions #5

Updated by Jim Pingle 6 months ago

  • Subject changed from CARP backup is unable to ping master via CARP IP. to CARP backup node is unable to ping master node CARP VIP address
Actions

Also available in: Atom PDF