Bug #2828
closed
CARP does not work on dual-homed VMware ESXi hosts without a workaround on the ESX host
0%
Description
Certain active/active VMware ESXi configurations loop back CARP multicast frames sent by the machine. This breaks CARP, the machine continously reports
lan_vip3: 2 link states coalesced
and the VIPs are not available, even when the machine is alone in the network.
This is described in the Wiki (http://doc.pfsense.org/index.php/CARP_Configuration_Troubleshooting#VMware_ESX.2FESXi_Users), but altering a setting on the HOST is absolutely impossible in a shared multi-tenant environment.
There is a patch around that allows ignoring the own CARP hello even if it is echoed back. Please consider adding that: http://www.mail-archive.com/freebsd-net@freebsd.org/msg30562.html
Updated by Jim Pingle almost 12 years ago
- Subject changed from CARP does not work on dual-homed VMware ESXi hosts to CARP does not work on dual-homed VMware ESXi hosts without a workaround on the ESX host
- Target version deleted (
2.1) - Affected Version deleted (
2.1)
The workaround for altering the ESX host is correct and works for most people, since it's a problem with ESX.
If we can patch around it that may be nice to have for the future, but perhaps not a requirement to have right this moment.
It's probably a bit too late in the 2.1 release cycle to start patching things and hope they don't break in other unintended ways. Might need to wait for 2.2.
Updated by Bernhard Schmidt almost 12 years ago
Weird thing is, it only seems to affect pfSense boxes. We have tons of Linux and Windows machines, even in the same portgroup, none of them see their own multicast frames in tcpdump.
Updated by Bernhard Schmidt almost 12 years ago
Oops, I was dead wrong, other machines see the same behaviour as soon as Promiscous Mode is enabled on the VMware port profile. And promiscous mode is required for CARP to work.
Updated by Chris Buechler over 10 years ago
- Status changed from New to Closed
this is a VMware issue, not our issue. CARP is likely to be deprecated in favor of VRRP in FreeBSD, so touching CARP for workarounds to other software's bugs where the other software has a proper work around isn't a priority.