Blarg!
There's no intelligence in IPF to know where to send packets when IPMP detects a link failure.
So, even though the zone will get all the packets destined for it, the global kernel will pick an interface based on its global route table, pass the packet down the wrong interface, ipf will bounce it to the FAILED interface (below the ipmp layer, apparently) and the packet is never delivered.
So I need something that will notice when an IPMP failure occurs, and rewrites the IPF rules to respond to the networking topology change. Look for my PF_ROUTE socket watcher program to be posted shortly.
--Joe
No comments:
Post a Comment