The Common Address Redundancy Protocol (CARP) allows multiple hosts to share the same IP address and Virtual Host ID (VHID) in order to provide high availability for one or more services. This means that one or more hosts can fail, and the other hosts will transparently take over so that users do not see a service failure.
In addition to the shared IP address, each host has its own IP address for management and configuration. All of the machines that share an IP address have the same VHID. The VHID for each virtual IP address must be unique across the broadcast domain of the network interface.
High availability using CARP is built into FreeBSD, though the steps to configure it vary slightly depending upon the FreeBSD version. This section provides the same example configuration for versions before and equal to or after FreeBSD 10.
This example configures failover support with three hosts,
all with unique IP addresses, but providing
the same web content. It has two different masters named
hosta.example.org
and
hostb.example.org
, with a shared backup
named hostc.example.org
.
These machines are load balanced with a Round Robin DNS configuration. The master and backup machines are configured identically except for their hostnames and management IP addresses. These servers must have the same configuration and run the same services. When the failover occurs, requests to the service on the shared IP address can only be answered correctly if the backup server has access to the same content. The backup machine has two additional CARP interfaces, one for each of the master content server's IP addresses. When a failure occurs, the backup server will pick up the failed master machine's IP address.
Enable boot-time support for CARP by
adding an entry for the carp.ko
kernel
module in /boot/loader.conf
:
carp_load="YES"
To load the module now without rebooting:
#
kldload carp
For users who prefer to use a custom kernel, include the following line in the custom kernel configuration file and compile the kernel as described in Chapter 9, Configuring the FreeBSD Kernel:
device carp
The hostname, management IP address and
subnet mask, shared IP address, and
VHID are all set by adding entries to
/etc/rc.conf
. This example is for
hosta.example.org
:
hostname="hosta.example.org
" ifconfig_em0
="inet192.168.1.3
netmask255.255.255.0
" ifconfig_em0
_alias0="vhid1
passtestpass
alias192.168.1.50
/32"
The next set of entries are for
hostb.example.org
. Since it
represents a second master, it uses a different shared
IP address and VHID.
However, the passwords specified with pass
must be identical as CARP will only listen
to and accept advertisements from machines with the correct
password.
hostname="hostb.example.org
" ifconfig_em0
="inet192.168.1.4
netmask255.255.255.0
" ifconfig_em0
_alias0="vhid2
passtestpass
alias192.168.1.51
/32"
The third machine,
hostc.example.org
, is configured to
handle failover from either master. This machine is
configured with two CARP
VHIDs, one to handle the virtual
IP address for each of the master hosts.
The CARP advertising skew,
advskew
, is set to ensure that the backup
host advertises later than the master, since
advskew
controls the order of precedence when
there are multiple backup servers.
hostname="hostc.example.org" ifconfig_em0
="inet192.168.1.5
netmask255.255.255.0
" ifconfig_em0
_alias0="vhid1
advskew100
passtestpass
alias192.168.1.50
/32" ifconfig_em0
_alias1="vhid2
advskew100
passtestpass
alias192.168.1.51
/32"
Having two CARP
VHIDs configured means that
hostc.example.org
will notice if
either of the master servers becomes unavailable. If a master
fails to advertise before the backup server, the backup server
will pick up the shared IP address until
the master becomes available again.
Preemption is disabled by default. If preemption has
been enabled, hostc.example.org
might not release the virtual IP address
back to the original master server. The administrator
can force the backup server to return the
IP address to the master with the
command:
#
ifconfig em0 vhid 1 state backup
Once the configuration is complete, either restart networking or reboot each system. High availability is now enabled.
CARP functionality can be controlled via several sysctl(8) variables documented in the carp(4) manual pages. Other actions can be triggered from CARP events by using devd(8).
The configuration for these versions of FreeBSD is similar to the one described in the previous section, except that a CARP device must first be created and referred to in the configuration.
Enable boot-time support for CARP by
loading the if_carp.ko
kernel module in
/boot/loader.conf
:
if_carp_load="YES"
To load the module now without rebooting:
#
kldload carp
For users who prefer to use a custom kernel, include the following line in the custom kernel configuration file and compile the kernel as described in Chapter 9, Configuring the FreeBSD Kernel:
device carp
Next, on each host, create a CARP device:
#
ifconfig carp0 create
Set the hostname, management IP
address, the shared IP address, and
VHID by adding the required lines to
/etc/rc.conf
. Since a virtual
CARP device is used instead of an alias,
the actual subnet mask of /24
is used
instead of /32
. Here are the entries for
hosta.example.org
:
hostname="hosta.example.org
" ifconfig_fxp0
="inet192.168.1.3
netmask255.255.255.0
" cloned_interfaces="carp0" ifconfig_carp0="vhid1
passtestpass
192.168.1.50/24
"
On hostb.example.org
:
hostname="hostb.example.org
" ifconfig_fxp0
="inet192.168.1.4
netmask255.255.255.0
" cloned_interfaces="carp0" ifconfig_carp0="vhid2
passtestpass
192.168.1.51/24
"
The third machine,
hostc.example.org
, is configured to
handle failover from either of the master hosts:
hostname="hostc.example.org
" ifconfig_fxp0
="inet192.168.1.5
netmask255.255.255.0
" cloned_interfaces="carp0 carp1" ifconfig_carp0="vhid1
advskew100
passtestpass
192.168.1.50/24
" ifconfig_carp1="vhid2
advskew100
passtestpass
192.168.1.51/24
"
Preemption is disabled in the GENERIC FreeBSD kernel. If
preemption has been enabled with a custom kernel,
hostc.example.org
may not release
the IP address back to the original
content server. The administrator can force the backup
server to return the IP address to the
master with the command:
#
ifconfig carp0 down && ifconfig carp0 up
This should be done on the carp
interface which corresponds to the correct host.
Once the configuration is complete, either restart networking or reboot each system. High availability is now enabled.
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <[email protected]>.
Send questions about this document to <[email protected]>.