Bug 213804

Summary: [carp]: packets got processes on the BACKUP node under certain conditions
Product: Base System Reporter: emz
Component: kernAssignee: freebsd-net mailing list <net>
Status: New ---    
Severity: Affects Only Me    
Priority: ---    
Version: 10.3-STABLE   
Hardware: Any   
OS: Any   

Description emz 2016-10-26 11:58:52 UTC
Consider the following scheme:

   iface1 |                 | iface2
  +-------| host A (MASTER) |--------
  |       |                 |
  |       +-----------------+
  |       +-----------------+
  |       |                 |  iface2
  +-------| host B (BACKUP) |--------  << packet to carp 1 IP
   iface1 |                 |

Lets assume both hosts are advertising themselves using rtadvd as ipv6 routers for network attached to the iface2. In this case, they both can receive ipv6 packets undercertain conditions, destined to the CARP address carp1. When a BACKUP node receives such packets, it processes them locally, regardless of the state of the CARP, as if it was MASTER.

I observe this only on the ipv6, because the process of router advertising in ipv6 is different from ipv4. However, I suppose the same rule applies to the ipv4, but it's not that important, since I cannot imagine the configuration that would reproduce this for ipv4.