After upgrading from from 13.2 to 14.0, CARP stopped working as expected. For one, no matter what I do with manually setting the state or adjusting the advskew, it doesn't work as expected. The same with the preempt kernel parameter. I have tried both unicast and multicast peer settings. Here are the configs: host1 $ ifconfig | grep 'vhid 10' inet 172.21.4.170 netmask 0xffffffff broadcast 172.21.4.170 vhid 10 carp: MASTER vhid 10 advbase 1 advskew 50 host1 $ grep 'vhid 10' /etc/rc.conf ifconfig_vmx0_alias10="inet vhid 10 advskew 50 pass redacted alias 172.21.4.170/32" host1 $ $ export PS1='host2 $ ' host2 $ export PS1='host2 $ '^C host2 $ ifconfig | grep 'vhid 10' inet 172.21.4.170 netmask 0xffffffff broadcast 172.21.4.170 vhid 10 carp: MASTER vhid 10 advbase 1 advskew 100 host2 $ grep 'vhid 10' /etc/rc.conf ifconfig_vmx0_alias10="inet vhid 10 advskew 100 pass redacted alias 172.21.4.170/32" host2 $ host1 $ cat /etc/sysctl.conf net.inet.carp.allow=1 net.inet.carp.preempt=1 net.inet.carp.log=1 Nothing has changed other than the OS version. I verified the hypervisor environment by making sure two 13.2 hosts with identical configs except their IPs work on the same vSwitch and the same ESXi hosts. I also tried changing the NIC type from VMXNET3 (vmx driver) to intel (em driver) with the same results.
^Triage: reassign to valid address.
Hi, to allow CARP chatting on vmware network security policies "Promiscuous mode" and "Forged transmits" should be set to "Allow". Also see this https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277349 about the new net source validation mechanism introduced in FreeBSD 14.