Remco Bressers wrote:
> I'm running 2 boxes with FreeBSD 6.2-STABLE and CARP configured to share a
> single IP address. (I know this group is OpenBSD, but this issue is
> only related to CARP.)
>
> These 2 boxes are mailservers for which i do DNS
> round-robin for incoming e-mail on the HOST IP address (not the CARP
> address). Ofcourse this works nicely. But.. all outgoing mail has to go
> out with that single IP address on the CARP interface as the source IP
> address. On Postfix this is configured using the smtp_bind_address. This
> works fine, but when using CARP with arpbalance, only one machine can send
> out and the other machine can't use the same source address.
>
> This is the CARP configuration for host A :
>
> carp0: flags=49 mtu 1500
> inet 10.0.0.1 netmask 0xffffff00
> carp: MASTER vhid 1 advbase 1 advskew 0
> carp1: flags=49 mtu 1500
> inet 10.0.0.1 netmask 0xffffff00
> carp: BACKUP vhid 2 advbase 1 advskew 100
>
>
> This is the CARP configuration for host B :
>
> carp0: flags=49 mtu 1500
> inet 10.0.0.1 netmask 0xffffff00
> carp: BACKUP vhid 1 advbase 1 advskew 100
> carp1: flags=49 mtu 1500
> inet 10.0.0.1 netmask 0xffffff00
> carp: MASTER vhid 2 advbase 1 advskew 0
>
>
> The following sysctl vars are set on both machines:
>
> net.inet.carp.allow: 1
> net.inet.carp.preempt: 1
> net.inet.carp.log: 2
> net.inet.carp.arpbalance: 1
> net.inet.carp.suppress_preempt: 0
>
>
> I know that arpbalance won't work behind a router for incoming traffic,
> but why is it that there's only one machine that can use the CARP address
> as a source address?

What do you think would happen to the return traffic?

> I hope one of you has a solution (preferably with CARP, but other
> solutions are also welcome as well).

What do you really want to do? And why can you not
a) send from two distinct addresses?
b) use NAT at the border device?

Joachim