30.12. Common Address Redundancy Protocol (CARP)

Contributed by Tom Rhodes.

The Common Address Redundancy Protocol (CARP) allows multiple hosts to share the same IP address. In some configurations, this may be used for availability or load balancing. Hosts may use separate IP addresses, as in the example provided here.

To enable support for CARP, the FreeBSD kernel can be rebuilt as described in Chapter 9, Configuring the FreeBSD Kernel with the following option:

device	carp

Alternatively, the if_carp.ko module can be loaded at boot time. Add the following line to /boot/loader.conf:

if_carp_load="YES"

CARP functionality should now be available and may be tuned via several sysctl(8) variables:

OIDDescription
net.inet.carp.allowAccept incoming CARP packets. Enabled by default.
net.inet.carp.preemptThis option downs all of the CARP interfaces on the host when one goes down. Disabled by default.
net.inet.carp.logA value of 0 disables any logging. A value of 1 enables logging of bad CARP packets. Values greater than 1 enable logging of state changes for the CARP interfaces. The default value is 1.
net.inet.carp.arpbalanceBalance local network traffic using ARP. Disabled by default.
net.inet.carp.suppress_preemptA read-only variable showing the status of preemption suppression. Preemption can be suppressed if the link on an interface is down. A value of 0 means that preemption is not suppressed. Every problem increments this variable.

The CARP devices themselves may be created using ifconfig(8):

# ifconfig carp0 create

In a real environment, each interface has a unique identification number known as a Virtual Host IDentification (VHID) which is used to distinguish the host on the network.

30.12.1. Using CARP for Server Availability

One use of CARP is to provide server availability. This example configures failover support for three hosts, all with unique IP addresses and providing the same web content. These machines act in conjunction with a Round Robin DNS configuration. The failover machine has two additional CARP interfaces, one for each of the content server's IP addresses. When a failure occurs, the failover server will pick up the failed machine's IP address. This means that the failure should go completely unnoticed by the user. The failover server requires identical content and services as the other content servers it is expected to pick up load for.

The two machines should be configured identically other than their hostnames and VHIDs. This example calls these machines hosta.example.org and hostb.example.org respectively. First, the required lines for a CARP configuration have to be added to /etc/rc.conf. Here are the lines for hosta.example.org:

hostname="hosta.example.org"
ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0"
cloned_interfaces="carp0"
ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24"

On hostb.example.org, use the following lines:

hostname="hostb.example.org"
ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0"
cloned_interfaces="carp0"
ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24"

Note:

It is very important that the passwords, specified by the pass option to ifconfig(8), are identical. The carp devices will only listen to and accept advertisements from machines with the correct password. The VHID must also be unique for each machine.

The third machine, provider.example.org, should be prepared so that it may handle failover from either host. This machine will require two carp devices, one to handle each host. The appropriate /etc/rc.conf configuration lines will be similar to the following:

hostname="provider.example.org"
ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0"
cloned_interfaces="carp0 carp1"
ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24"
ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24"

Having the two carp devices will allow provider.example.org to notice and pick up the IP address of either machine, should it stop responding.

Note:

The default FreeBSD kernel may have preemption enabled. If so, provider.example.org may not relinquish the IP address back to the original content server. In this case, an administrator may have to manually force the IP back to the master. The following command should be issued on provider.example.org:

# ifconfig carp0 down && ifconfig carp0 up

This should be done on the carp interface which corresponds to the correct host.

At this point, CARP should be enabled and available for testing. For testing, either networking has to be restarted or the machines rebooted.

More information is available in carp(4).

All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/

Questions that are not answered by the documentation may be sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.