11 Jan

Freebsd 11.0 – Carp

In this short article i’ll go through CARP(Common Address Redundancy Protocol), how it works and when/where it could be applied. And in the end a basic practical example how to activate and configure CARP on freebsd 11.0.

This is CARP

Carp is a network protocol which allows multiple hosts / servers on the same network to share a set of ip addresses thus creating virtual addresses. This is to prevent downtime by creating a failover redundancy group, but it could also provide load balancing functionality. Carp could be compared to other protocols such as VRRP and HSRP.

It’s like having two office buildings next to each other sharing the same entrance. That way you have one master door leading to the master office, and a backup door leading backup office, but they are sharing the same address. If master door & office is blocked by some reason or out of service, the backup door/office becomes the master till the moment the other door is unblocked or works again. That way a visitor a.k.a client will be able to use the service without noticing anything different.

TL;DR one virtual / shared ip address on several hosts, one server goes down the backup takes over, thus failover but ip only level.

Practical exampel

The example bellow will show how to setup two server with CARP, each server will have their own static ip and a shared virtual ip. And we also have a password to prevent abuse. The setup will be as the picture bellow. And one usage area could be as in this example: proxy interface, if one proxy server goes down the other one continues, thus redundancy.

Master Working

Backup line taking over

Server 1 – /etc/rc.conf
# setup interface em0 with ip 10.0.2.2 and start it.
ifconfig_em0="inet 10.0.2.2 netmask 255.255.255.0"

# Clone interface and name it carp0
cloned_interfaces="carp0"

# set default route to gw in this case 10.0.2.1
defaultrouter="10.0.2.1"

# skew must be =<100
# setup virtual iface on interface carp0, virtual host id 1, advskew 100(master)
# shared password passwd, shared Virtual ip 10.0.2.5
ifconfig_carp0_proxy="inet vhid 1 advskew 100 pass paswd alias 10.0.2.5/32"
Server 2 - /etc/rc.conf
# setup interface em0 with ip 10.0.2.2 and start it.
ifconfig_em0="inet 10.0.2.3 netmask 255.255.255.0"

# Clone interface and name it carp0
cloned_interfaces="carp0"

# set default route to gw in this case 10.0.2.1
defaultrouter="10.0.2.1"

# skew must be =<100
# setup virtual iface on interface em0, virtual host id 1, advskew 200(slave/backup) 
# shared password passwd, shared Virtual ip 10.0.2.5
ifconfig_carp0_proxy="inet vhid 1 advskew 200 pass paswd alias 10.0.2.5/32"
Server 1 & 2 - /boot/loader.conf
# load carp upon boot
carp_load="YES"
Server 1 & 2 - /etc/sysctl.conf
# Allow carp data on the interfaces (enabled by default, but just to make sure)
net.inet.carp.allow=1
# Unsure how to explain but, servers will look ahead and make sure master is master
# and backup is a backup.
net.inet.carp.preempt=1
# Enable logging of the vhid's, logging bad carp data. 
net.inet.carp.log=1
Testing

Could be done by allowing a client to ping 10.0.2.5, and shutdown server 1. Or setup a web-server on both servers with the same configuration on both servers and visit http://10.0.2.5 and do some basic tests to ensure that it works.

Source

And for those who wants more information about carp, look at the good freebsd documentation bellow
https://www.freebsd.org/doc/handbook/carp.html

Leave a Reply

Your email address will not be published. Required fields are marked *