| CARP(4) | Device Drivers Manual | CARP(4) | 
carp —
pseudo-device carp
carp interface is a pseudo-device which implements
  and controls the CARP protocol. carp allows multiple
  hosts on the same local network to share a set of IP addresses. Its primary
  purpose is to ensure that these addresses are always available, but in some
  configurations carp can also provide load balancing
  functionality.
A carp interface can be created at runtime
    using the ifconfig carpN
    create command.
To use carp, the administrator needs to
    configure at minimum a common virtual host ID and virtual host IP address on
    each machine which is to take part in the virtual group. Additional
    parameters can also be set on a per-interface basis:
    advbase and advskew, which
    are used to control how frequently the host sends advertisements when it is
    the master for a virtual host, and pass which is
    used to authenticate carp advertisements. Finally
    carpdev is used to specify which interface the
    carp device attaches to. If unspecified, the kernel
    attempts to set carpdev by looking for another interface with the same
    subnet. These configurations can be done using
    ifconfig(8), or through the
    SIOCSVH ioctl.
Additionally, there are a number of global parameters which can be set using sysctl(8):
carp packets. Enabled by
    default.carp interfaces as a group. When the option is
      enabled and one of the carp enabled physical
      interfaces goes down, advskew is changed to 240 on all
      carp interfaces. See also the first example.
      Disabled by default.carp packets. Disabled by default.carp interfaces together, when one of the
  physical interfaces goes down. This is achieved by the preempt option. Enable
  it on both host A and B:
# sysctl -w
  net.inet.carp.preempt=1Assume that host A is the preferred master and 192.168.1.x/24 is configured on one physical interface and 192.168.2.y/24 on another. This is the setup for host A:
# ifconfig carp0 create # ifconfig carp0 vhid 1 pass mekmitasdigoat 192.168.1.1 \ netmask 255.255.255.0 # ifconfig carp1 create # ifconfig carp1 vhid 2 pass mekmitasdigoat 192.168.2.1 \ netmask 255.255.255.0
The setup for host B is identical, but it has a higher advskew:
# ifconfig carp0 create # ifconfig carp0 vhid 1 advskew 100 pass mekmitasdigoat \ 192.168.1.1 netmask 255.255.255.0 # ifconfig carp1 create # ifconfig carp1 vhid 2 advskew 100 pass mekmitasdigoat \ 192.168.2.1 netmask 255.255.255.0
Because of the preempt option, when one of the physical interfaces
    of host A fails, advskew is adjusted to 240 on all its
    carp interfaces. This will cause host B to preempt
    on both interfaces instead of just the failed one.
In order to set up an ARP balanced virtual host, it is necessary to configure one virtual host for each physical host which would respond to ARP requests and thus handle the traffic. In the following example, two virtual hosts are configured on two hosts to provide balancing and failover for the IP address 192.168.1.10.
First the carp interfaces on Host A are
    configured. The advskew of 100 on the second virtual
    host means that its advertisements will be sent out slightly less
    frequently.
# ifconfig carp0 create # ifconfig carp0 vhid 1 pass mekmitasdigoat 192.168.1.10 \ netmask 255.255.255.0 # ifconfig carp1 create # ifconfig carp1 vhid 2 advskew 100 pass mekmitasdigoat \ 192.168.1.10 netmask 255.255.255.0
The configuration for host B is identical, except the skew is on virtual host 1 rather than virtual host 2.
# ifconfig carp0 create # ifconfig carp0 vhid 1 advskew 100 pass mekmitasdigoat \ 192.168.1.10 netmask 255.255.255.0 # ifconfig carp1 create # ifconfig carp1 vhid 2 pass mekmitasdigoat 192.168.1.10 \ netmask 255.255.255.0
Finally, the ARP balancing feature must be enabled on both hosts:
# sysctl -w
  net.inet.carp.arpbalance=1When the hosts receive an ARP request for 192.168.1.10, the source IP address of the request is used to compute which virtual host should answer the request. The host which is master of the selected virtual host will reply to the request, the other(s) will ignore it.
This way, locally connected systems will receive different ARP replies and subsequent IP traffic will be balanced among the hosts. If one of the hosts fails, the other will take over the virtual MAC address, and begin answering ARP requests on its behalf.
Note: ARP balancing only works on the local network segment. It cannot balance traffic that crosses a router, because the router itself will always be balanced to the same virtual host.
carp device first appeared in
  OpenBSD 3.5.
| April 10, 2019 | NetBSD 9.4 |