The Common Address Redundancy Protocol (CARP) allows multiple hosts to share the same IP address. In some configurations, this may be used for availability or load balancing. Hosts may use separate IP addresses, as in the example provided here.
To enable support for CARP, the FreeBSD kernel can be rebuilt as described in Chapter 9, Configuring the FreeBSD Kernel with the following option:
Alternatively, the if_carp.ko
module
can be loaded at boot time. Add the following line to
/boot/loader.conf
:
CARP functionality should now be available and may be tuned via several sysctl(8) variables:
OID | Description |
---|---|
net.inet.carp.allow | Accept incoming CARP packets. Enabled by default. |
net.inet.carp.preempt | This option downs all of the CARP interfaces on the host when one goes down. Disabled by default. |
net.inet.carp.log | A value of 0 disables any
logging. A value of 1 enables
logging of bad CARP packets. Values
greater than 1 enable logging of
state changes for the CARP
interfaces. The default value is
1 . |
net.inet.carp.arpbalance | Balance local network traffic using ARP. Disabled by default. |
net.inet.carp.suppress_preempt | A read-only variable showing the status of
preemption suppression. Preemption can be suppressed
if the link on an interface is down. A value of
0 means that preemption is not
suppressed. Every problem increments this
variable. |
The CARP devices themselves may be created using ifconfig(8):
#
ifconfig carp0 create
In a real environment, each interface has a unique identification number known as a Virtual Host IDentification (VHID) which is used to distinguish the host on the network.
One use of CARP is to provide server availability. This example configures failover support for three hosts, all with unique IP addresses and providing the same web content. These machines act in conjunction with a Round Robin DNS configuration. The failover machine has two additional CARP interfaces, one for each of the content server's IP addresses. When a failure occurs, the failover server will pick up the failed machine's IP address. This means that the failure should go completely unnoticed by the user. The failover server requires identical content and services as the other content servers it is expected to pick up load for.
The two machines should be configured identically other
than their hostnames and VHIDs. This
example calls these machines
hosta.example.org
and
hostb.example.org
respectively. First, the
required lines for a CARP configuration
have to be added to /etc/rc.conf
. Here
are the lines for
hosta.example.org
:
On hostb.example.org
, use the following
lines:
It is very important that the passwords, specified by
the pass
option to ifconfig(8), are
identical. The carp
devices will
only listen to and accept advertisements from machines
with the correct password. The VHID
must also be unique for each machine.
The third machine, provider.example.org
,
should be prepared so that it may handle failover from either
host. This machine will require two
carp
devices, one to handle each
host. The appropriate /etc/rc.conf
configuration lines will be similar to the following:
Having the two carp
devices will
allow provider.example.org
to notice and pick
up the IP address of either machine, should
it stop responding.
The default FreeBSD kernel may have
preemption enabled. If so,
provider.example.org
may not relinquish the
IP address back to the original content
server. In this case, an administrator may have to manually
force the IP back to the master. The
following command should be issued on
provider.example.org
:
#
ifconfig carp0 down && ifconfig carp0 up
This should be done on the carp
interface which corresponds to the correct host.
At this point, CARP should be enabled and available for testing. For testing, either networking has to be restarted or the machines rebooted.
More information is available in carp(4).
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.