Hi,

I'm trying to setup ifstated to execute some scripts on state change on 
carp0.

Here is my config file on both machines

*****************************************************************
init-state auto

carp_up = "carp0.link.up"
carp_down = "carp0.link.down"

state auto {
     if $carp_up {
                 set-state primary
         }
         if $carp_down {
                 set-state backup
         }
}

state primary {
         init {
                 run "echo now primary"
         }

         if $carp_down {
                 set-state backup
         }
}

state backup {
         init {
                 run "echo now backup"
         }

         if $carp_up {
                 set-state primary
         }
}
*****************************************************************
# ifstated -n
ifstated: configuration OK
*****************************************************************
  => On slave
# sysctl net.inet.carp.preempt
net.inet.carp.preempt=1

# ifconfig -g carp
carp: carp demote count 0

# ifconfig carp0
carp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         lladdr 00:00:5e:00:01:01
         priority: 0
         carp: BACKUP carpdev em1 vhid 1 advbase 1 advskew 100
         groups: carp
         inet 213.XX.XX.XX netmask 0xfffffe00 broadcast 213.XX.XX.YY
         inet6 fe80::200:5eff:fe00:101%carp0 prefixlen 64 scopeid 0x9

# grep -i ifstated /var/log/daemon
Sep 24 23:31:43  ifstated[3142]: initial state: auto
Sep 24 23:31:43  ifstated[3142]: changing state to auto
Sep 24 23:31:43  ifstated[3142]: changing state to primary
Sep 24 23:31:43  ifstated[3142]: running echo now primary
Sep 24 23:31:43  ifstated[3142]: started

*****************************************************************
  => On master
# sysctl net.inet.carp.preempt
net.inet.carp.preempt=1

# ifconfig -g carp
carp: carp demote count 0

# ifconfig carp0
carp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         lladdr ...
[ message continues ]

I set net.inet.carp.preempt=1 on the primary ONLY for this reason.

[ message continues ]

It is the same if i disable net.inet.carp.preempt on the secondary, the 
secondary 'thinks' he's the master carp device :(

[ message continues ]

Odd, it works for me.  Try a tcpdump and make sure both nodes are seeing
the carp announcements.  Also verify advbase and advskew in the
announcements.  Make sure both FW's are passing carp traffic.

-Steve S.

[ message continues ]

I guess both are seeing carp traffic since carp interface becomes master 
/ slave when needed.

Gonna dig further with tcpdump and will let you know.

[ message continues ]

Even with pf disabled it still aint working. :$ :$ :$ :$

The carp traffic is passing fine

on the primary box:
inet....vhid 1 pass .... advbase 1 advskew 0

on the backup box:
inet....vhid 1 pass .... advbase 1 advskew 100

Did I miss something ?

[ message continues ]

Did tcpdump show both firewalls receiving both carp announcements?

-Steve S.

[ message continues ]