Mailing List Archive: Linux-HA: Users

ldirectord not forwarding to real servers

Index | Next | Previous | View Threaded

revans42 at gmail

Jun 24, 2008, 8:05 AM

Post #1 of 11 (270 views)
Permalink

ldirectord not forwarding to real servers

Hello,

I am attempting to configure a load balancing cluster using heartbeat
and ldirectord.

I have two machines running heartbeat and two machines running apache.

Everything appears to be running correctly, but when I connect to the
VIP (192.168.0.125) I cannot establish a connection. Apache is
running on both of the real servers and I can connect to them if I use
their actual ip addresses. When I attempt to connect to the VIP the
output of ipvsadm -L shows entries in the InActConn column (I would
think they should be in the ActiveConn but I'm not sure). The apache
logfiles on each of the real servers show the heartbeat connections
every few seconds, but there are no entries when I attempt to connect
using the VIP.

There is nothing in the ldirectord.log that indicates there is any problem.

I have disabled the firewall on all machines.

I would appreciate any pointers to what config steps I have missed or
how I might troubleshoot this.

Thank you.

--------------------------
contents of ha.cf:
crm on
udpport 694
bcast eth0
node centos-1.mydomain.com centos-2.mydomain.com

---------------------------

contents of ldirectord.cf:
checktimeout=10
checkinterval=2
autoreload=yes
logfile="/var/log/ldirectord.log"
quiescent=yes
virtual=192.168.0.125:80
fallback=127.0.0.1:80
real=192.168.0.123:80 gate
real=192.168.0.124:80 gate
service=http
request="test.html"
receive="Still alive"
scheduler=wlc
protocol=tcp
checktype=negotiate
persistent=600
-----------------------------

crm_mon output:
============
Last updated: Tue Jun 24 09:24:50 2008
Current DC: centos-2.mydomain.com (ca0c23d9-f25c-4023-b7ee-8a7170234cf8)
2 Nodes configured.
1 Resources configured.
============

Node: centos-2.mydomain.com (ca0323d2-f8hc-4023-e3ee-8a7170234cf8): online
Node: centos-1.mydomain.com (a7023c30-0dke-1298-f8a4-d75681f2f25e): online

Resource Group: group_Load_Balancer
resource_ip_address (heartbeat::ocf:IPaddr2): Started
centos-2.mydomain.com
resource_ldirector (heartbeat::ocf:ldirectord): Started
centos-2.mydomain.com
------------------

ipvsadm -L output:
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.125:http wlc persistent 600
-> centos-3.mydomain.com Route 1 0 1
-> centos-4.mydomain.com Route 1 0 0

-------------------------------

I have enabled ip forwarding on both machines running heartbeat:
net.ipv4.ip_forward = 1

I have set these values on the two real servers:

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

revans42 at gmail

Jun 24, 2008, 8:44 AM

Post #2 of 11 (261 views)
Permalink

Re: ldirectord not forwarding to real servers [In reply to]

I also have entries on the two real servers for lo:0

[root[at]centos-3 ~]# ifconfig lo:0
lo:0 Link encap:Local Loopback
inet addr:192.168.0.125 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1

Thanks.

On Tue, Jun 24, 2008 at 10:05 AM, Randy Evans <revans42[at]gmail.com> wrote:
> Hello,
>
> I am attempting to configure a load balancing cluster using heartbeat
> and ldirectord.
>
> I have two machines running heartbeat and two machines running apache.
>
> Everything appears to be running correctly, but when I connect to the
> VIP (192.168.0.125) I cannot establish a connection. Apache is
> running on both of the real servers and I can connect to them if I use
> their actual ip addresses. When I attempt to connect to the VIP the
> output of ipvsadm -L shows entries in the InActConn column (I would
> think they should be in the ActiveConn but I'm not sure). The apache
> logfiles on each of the real servers show the heartbeat connections
> every few seconds, but there are no entries when I attempt to connect
> using the VIP.
>
> There is nothing in the ldirectord.log that indicates there is any problem.
>
> I have disabled the firewall on all machines.
>
>
> I would appreciate any pointers to what config steps I have missed or
> how I might troubleshoot this.
>
> Thank you.
>
>
>
>
> --------------------------
> contents of ha.cf:
> crm on
> udpport 694
> bcast eth0
> node centos-1.mydomain.com centos-2.mydomain.com
>
> ---------------------------
>
> contents of ldirectord.cf:
> checktimeout=10
> checkinterval=2
> autoreload=yes
> logfile="/var/log/ldirectord.log"
> quiescent=yes
> virtual=192.168.0.125:80
> fallback=127.0.0.1:80
> real=192.168.0.123:80 gate
> real=192.168.0.124:80 gate
> service=http
> request="test.html"
> receive="Still alive"
> scheduler=wlc
> protocol=tcp
> checktype=negotiate
> persistent=600
> -----------------------------
>
> crm_mon output:
> ============
> Last updated: Tue Jun 24 09:24:50 2008
> Current DC: centos-2.mydomain.com (ca0c23d9-f25c-4023-b7ee-8a7170234cf8)
> 2 Nodes configured.
> 1 Resources configured.
> ============
>
> Node: centos-2.mydomain.com (ca0323d2-f8hc-4023-e3ee-8a7170234cf8): online
> Node: centos-1.mydomain.com (a7023c30-0dke-1298-f8a4-d75681f2f25e): online
>
> Resource Group: group_Load_Balancer
> resource_ip_address (heartbeat::ocf:IPaddr2): Started
> centos-2.mydomain.com
> resource_ldirector (heartbeat::ocf:ldirectord): Started
> centos-2.mydomain.com
> ------------------
>
> ipvsadm -L output:
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 192.168.0.125:http wlc persistent 600
> -> centos-3.mydomain.com Route 1 0 1
> -> centos-4.mydomain.com Route 1 0 0
>
>
> -------------------------------
>
>
> I have enabled ip forwarding on both machines running heartbeat:
> net.ipv4.ip_forward = 1
>
>
>
> I have set these values on the two real servers:
>
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
>
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

tlyons at ivenue

Jun 24, 2008, 2:56 PM

Post #3 of 11 (258 views)
Permalink

Re: Re: ldirectord not forwarding to real servers [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Jun 24, 2008 at 10:44:34AM -0500, Randy Evans wrote:

>I also have entries on the two real servers for lo:0
>
>[root[at]centos-3 ~]# ifconfig lo:0
>lo:0 Link encap:Local Loopback
> inet addr:192.168.0.125 Mask:255.255.255.255
> UP LOOPBACK RUNNING MTU:16436 Metric:1

Good. What about the director? That VIP should be on eth0:0 or
something like that.

>> I have set these values on the two real servers:
>>
>> net.ipv4.conf.lo.arp_ignore = 1
>> net.ipv4.conf.lo.arp_announce = 2
>> net.ipv4.conf.all.arp_ignore = 1
>> net.ipv4.conf.all.arp_announce = 2

Good.

>> Everything appears to be running correctly, but when I connect to the
>> VIP (192.168.0.125) I cannot establish a connection. Apache is

Where are you attempting to connect from? You cannot connect to a VIP
from the load balancer itself.

>> There is nothing in the ldirectord.log that indicates there is any problem.

Good.

>> I have disabled the firewall on all machines.

Good.

>> virtual=192.168.0.125:80
>> fallback=127.0.0.1:80
>> real=192.168.0.123:80 gate
>> real=192.168.0.124:80 gate

As long as you're connecting from some other machine than the director,
then this should be working.

>> ipvsadm -L output:
>> IP Virtual Server version 1.2.1 (size=4096)
>> Prot LocalAddress:Port Scheduler Flags
>> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
>> TCP 192.168.0.125:http wlc persistent 600
>> -> centos-3.mydomain.com Route 1 0 1
>> -> centos-4.mydomain.com Route 1 0 0

Looks good.

What is the default gateway of the director?
What is the default gateway of the real machines? (since you're using
the direct routing method, the real machines should not be using the
director as the gateway, that method is called Masquerade).

You are very close, I suspect it will be one small tiny thing that will
make everything work properly.
- --
Regards... Todd
we're off on the usual strange tangents. next will be whether
it is ethical to walk in your neighbor's open house if they're
running ipv6:-). --Randy Bush
Linux kernel 2.6.24-18-generic 3 users, load average: 0.10, 0.07, 0.08
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIYW15Y2VBGxIDMLwRAtxbAJ0RvzAoQZoi+mZmVoj4z6aCOg7dhQCfdoFa
nUsBthDVuuNh04sxRJayfRE=
=Ar0W
-----END PGP SIGNATURE-----
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

revans42 at gmail

Jun 24, 2008, 5:07 PM

Post #4 of 11 (260 views)
Permalink

Re: Re: ldirectord not forwarding to real servers [In reply to]

On Tue, Jun 24, 2008 at 4:56 PM, Todd Lyons <tlyons[at]ivenue.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, Jun 24, 2008 at 10:44:34AM -0500, Randy Evans wrote:
>
>>I also have entries on the two real servers for lo:0
>>
>>[root[at]centos-3 ~]# ifconfig lo:0
>>lo:0 Link encap:Local Loopback
>> inet addr:192.168.0.125 Mask:255.255.255.255
>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>
> Good. What about the director? That VIP should be on eth0:0 or
> something like that.

Yes, the VIP is attached to eth0:0 on the "active" node running ldirectord.

>>> Everything appears to be running correctly, but when I connect to the
>>> VIP (192.168.0.125) I cannot establish a connection. Apache is
>
> Where are you attempting to connect from? You cannot connect to a VIP
> from the load balancer itself.
>

I am connecting from a separate machine.

> What is the default gateway of the director?
> What is the default gateway of the real machines? (since you're using
> the direct routing method, the real machines should not be using the
> director as the gateway, that method is called Masquerade).
>

The default gateway is set on all machines to our standard gateway.

>
> You are very close, I suspect it will be one small tiny thing that will
> make everything work properly.
> - --
> Regards... Todd

One thing I didn't mention but probably should have, I am running
these machines under vmware (we are always short on hardware for
testing). I have never had a problem before but since you didn't find
any glaring errors, I will find real machines somewhere to reproduce
this setup.

Thank you very much.

Randy
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

jslezacek at novell

Jun 25, 2008, 12:31 AM

Post #5 of 11 (249 views)
Permalink

Re: Re: ldirectord not forwarding to real servers [In reply to]

> >> ipvsadm -L output:
> >> IP Virtual Server version 1.2.1 (size=4096)
> >> Prot LocalAddress:Port Scheduler Flags
> >> �-> RemoteAddress:Port � � � � � Forward Weight ActiveConn InActConn
> >> TCP �192.168.0.125:http wlc persistent 600
> >> �-> centos-3.mydomain.com Route � 1 � � �0 � � � � �1
> >> �-> centos-4.mydomain.com Route � 1 � � �0 � � � � �0

The weight is 0 which means that ldirectord will not forward any traffic to
the real servers.

Ldirectord most likely doesn't receive the expected "heartbeat" reply from the
real-servers and thus gives them a weight of 0.

In your ldirectord.cf, this is what the server expects:

� � � � request="test.html"
� � � � receive="Still alive"

To check this, point your web-browser from the server running ldirector to
<real_server_ip>/test.html

You have to receive "Still alive" as reply.

--
Best regards

Jo
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

revans42 at gmail

Jun 25, 2008, 4:26 AM

Post #6 of 11 (244 views)
Permalink

Re: ldirectord not forwarding to real servers [In reply to]

On Wed, Jun 25, 2008 at 2:31 AM, Jozef Slezacek <jslezacek[at]novell.com> wrote:
>> >> ipvsadm -L output:
>> >> IP Virtual Server version 1.2.1 (size=4096)
>> >> Prot LocalAddress:Port Scheduler Flags
>> >> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
>> >> TCP 192.168.0.125:http wlc persistent 600
>> >> -> centos-3.mydomain.com Route 1 0 1
>> >> -> centos-4.mydomain.com Route 1 0 0
>
> The weight is 0 which means that ldirectord will not forward any traffic to
> the real servers.
>
> Ldirectord most likely doesn't receive the expected "heartbeat" reply from the
> real-servers and thus gives them a weight of 0.
>
> In your ldirectord.cf, this is what the server expects:
>
> request="test.html"
> receive="Still alive"
>
> To check this, point your web-browser from the server running ldirector to
> <real_server_ip>/test.html
>
> You have to receive "Still alive" as reply.
>
> --
> Best regards
>
> Jo

Actually, I think the column alignment is messed up.

The 0's you are seeing are from the ActiveConn column (however, I
never see anything but 0's in ActiveConn, I only see numbers changing
in InActConn when I attempt to connect).

I am able to connect to the real servers (using their real ip's) and
get back the "Still alive" text.

If I take both of the real servers down, I can get the cluster to
return a web page from 127.0.0.1.

Thanks
Randy
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

jslezacek at novell

Jun 25, 2008, 6:27 AM

Post #7 of 11 (244 views)
Permalink

Re: Re: ldirectord not forwarding to real servers [In reply to]

On Wednesday 25 June 2008 13:26:41 Randy Evans wrote:
> On Wed, Jun 25, 2008 at 2:31 AM, Jozef Slezacek <jslezacek[at]novell.com>
wrote:
> >> >> ipvsadm -L output:
> >> >> IP Virtual Server version 1.2.1 (size=4096)
> >> >> Prot LocalAddress:Port Scheduler Flags
> >> >> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> >> >> TCP 192.168.0.125:http wlc persistent 600
> >> >> -> centos-3.mydomain.com Route 1 0 1
> >> >> -> centos-4.mydomain.com Route 1 0 0
> >
> > The weight is 0 which means that ldirectord will not forward any traffic
> > to the real servers.
> >
> > Ldirectord most likely doesn't receive the expected "heartbeat" reply
> > from the real-servers and thus gives them a weight of 0.
> >
> > In your ldirectord.cf, this is what the server expects:
> >
> > request="test.html"
> > receive="Still alive"
> >
> > To check this, point your web-browser from the server running ldirector
> > to <real_server_ip>/test.html
> >
> > You have to receive "Still alive" as reply.
> >
> > --
> > Best regards
> >
> > Jo
>
> Actually, I think the column alignment is messed up.

Ah yes.

> I have set these values on the two real servers:

> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2

Change "conf.lo" to "conf.ethX " where ethX is your real IP interface.

--
Best regards

Jo
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

revans42 at gmail

Jun 25, 2008, 1:40 PM

Post #8 of 11 (236 views)
Permalink

Re: Re: ldirectord not forwarding to real servers [In reply to]

On Wed, Jun 25, 2008 at 8:27 AM, Jozef Slezacek <jslezacek[at]novell.com> wrote:
>
>> I have set these values on the two real servers:
>
>> net.ipv4.conf.lo.arp_ignore = 1
>> net.ipv4.conf.lo.arp_announce = 2
>> net.ipv4.conf.all.arp_ignore = 1
>> net.ipv4.conf.all.arp_announce = 2
>
> Change "conf.lo" to "conf.ethX " where ethX is your real IP interface.
>
> --
> Best regards
>
> Jo
>

Sorry, I didn't get a chance to try this setup, I had already deleted
my original vmware setup for the two apache "real servers".

Since it was going to take a couple of days for me to get more
hardware, I decided to try again with two new vmware instances and a
minimal install of CentOS. I used all the config information from my
original email and this time it worked perfectly.

My only explanation is I had used the original vmware instances
several times for different configurations and some odd setting must
have gotten changed in the networking at some point in the past.

I have to say, it really is quite cool the way it works!

Thanks a lot to everyone for your assistance.

Randy
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

Nils.Hildebrand at bamf

Jun 30, 2008, 4:29 AM

Post #9 of 11 (208 views)
Permalink

RE: ldirectord not forwarding to real servers [In reply to]

Hi,

I think this is rather an lvs-question.

Do you have the vip-address up and running on your real servers?
What kind of lvs-method do you use?

btw - why do you need heartbeat for this?

Kind regards, Nils

> -----Original Message-----
> From: linux-ha-bounces[at]lists.linux-ha.org
> [mailto:linux-ha-bounces[at]lists.linux-ha.org] On Behalf Of Randy Evans
> Sent: Tuesday, June 24, 2008 5:05 PM
> To: linux-ha[at]lists.linux-ha.org
> Subject: [Linux-HA] ldirectord not forwarding to real servers
>
> Hello,
>
> I am attempting to configure a load balancing cluster using
> heartbeat and ldirectord.
>
> I have two machines running heartbeat and two machines running apache.
>
> Everything appears to be running correctly, but when I
> connect to the VIP (192.168.0.125) I cannot establish a
> connection. Apache is running on both of the real servers
> and I can connect to them if I use their actual ip addresses.
> When I attempt to connect to the VIP the output of ipvsadm
> -L shows entries in the InActConn column (I would think they
> should be in the ActiveConn but I'm not sure). The apache
> logfiles on each of the real servers show the heartbeat
> connections every few seconds, but there are no entries when
> I attempt to connect using the VIP.
>
> There is nothing in the ldirectord.log that indicates there
> is any problem.
>
> I have disabled the firewall on all machines.
>
>
> I would appreciate any pointers to what config steps I have
> missed or how I might troubleshoot this.
>
> Thank you.
>
>
>
>
> --------------------------
> contents of ha.cf:
> crm on
> udpport 694
> bcast eth0
> node centos-1.mydomain.com centos-2.mydomain.com
>
> ---------------------------
>
> contents of ldirectord.cf:
> checktimeout=10
> checkinterval=2
> autoreload=yes
> logfile="/var/log/ldirectord.log"
> quiescent=yes
> virtual=192.168.0.125:80
> fallback=127.0.0.1:80
> real=192.168.0.123:80 gate
> real=192.168.0.124:80 gate
> service=http
> request="test.html"
> receive="Still alive"
> scheduler=wlc
> protocol=tcp
> checktype=negotiate
> persistent=600
> -----------------------------
>
> crm_mon output:
> ============
> Last updated: Tue Jun 24 09:24:50 2008
> Current DC: centos-2.mydomain.com
> (ca0c23d9-f25c-4023-b7ee-8a7170234cf8)
> 2 Nodes configured.
> 1 Resources configured.
> ============
>
> Node: centos-2.mydomain.com
> (ca0323d2-f8hc-4023-e3ee-8a7170234cf8): online
> Node: centos-1.mydomain.com
> (a7023c30-0dke-1298-f8a4-d75681f2f25e): online
>
> Resource Group: group_Load_Balancer
> resource_ip_address (heartbeat::ocf:IPaddr2): Started
> centos-2.mydomain.com
> resource_ldirector (heartbeat::ocf:ldirectord): Started
> centos-2.mydomain.com
> ------------------
>
> ipvsadm -L output:
> IP Virtual Server version 1.2.1 (size=4096) Prot
> LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 192.168.0.125:http wlc persistent 600
> -> centos-3.mydomain.com Route 1 0 1
> -> centos-4.mydomain.com Route 1 0 0
>
>
> -------------------------------
>
>
> I have enabled ip forwarding on both machines running heartbeat:
> net.ipv4.ip_forward = 1
>
>
>
> I have set these values on the two real servers:
>
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> _______________________________________________
> Linux-HA mailing list
> Linux-HA[at]lists.linux-ha.org
> http://lists.linux-ha.org/mailman/listinfo/linux-ha
> See also: http://linux-ha.org/ReportingProblems
>
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

revans42 at gmail

Jun 30, 2008, 8:42 AM

Post #10 of 11 (207 views)
Permalink

Re: ldirectord not forwarding to real servers [In reply to]

On Mon, Jun 30, 2008 at 6:29 AM, Hildebrand, Nils, 232
<Nils.Hildebrand[at]bamf.bund.de> wrote:
> Hi,
>
> I think this is rather an lvs-question.
>
> Do you have the vip-address up and running on your real servers?

The vip address is configured on the real servers on lo:0.

> What kind of lvs-method do you use?

Direct Routing

>
> btw - why do you need heartbeat for this?

If the machine currently running ldirectord died, it will
automatically start on the other cluster node.

Thanks.
Randy

>
> Kind regards, Nils
>
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

Nils.Hildebrand at bamf

Jul 2, 2008, 4:24 AM

Post #11 of 11 (186 views)
Permalink

RE: ldirectord not forwarding to real servers [In reply to]

Hi,

> The vip address is configured on the real servers on lo:0.

Do you get "martian source"-messages in /var/log/messages ?

> > What kind of lvs-method do you use?
>
> Direct Routing

If you are using DR-lvs you should rather use the physical interface
where your lvs-machine sends its packets.

Is your lvs-interface in the same subnet as the real-server-address?
Do you have a real interface that is located in the same subnet as the
real-server-address?

Here is what I use for DR on my real-servers (lvs has an own vlan so the
real-server-address is not on the same subnet):

Linux-Kernel-Version is 2.6.18.8,
LVS_IFACE=eth2 # in my case

PROCNET=/proc/sys/net/ipv4/conf
# This prevents other interfaces from answering arp-calls to
REAL_IP
echo 1 > ${PROCNET}/all/arp_filter
for i in ${PROCNET}/eth*
do
echo 1 > $i/arp_filter
echo 1 > $i/arp_ignore
echo 2 > $i/arp_announce
done
# Suppress "martian source" filtering on LVS_IFACE
sysctl -q -w net.ipv4.conf.default.rp_filter=0
sysctl -q -w net.ipv4.conf.${LVS_IFACE}.rp_filter=0
# Add REAL_IP so that the local service can listen to it
ip addr add ${REAL_IP}/32 dev ${LVS_IFACE} scope link >/dev/null
2>&1

This setup does NOT need ip-forwarding.

> > btw - why do you need heartbeat for this?
>
> If the machine currently running ldirectord died, it will
> automatically start on the other cluster node.

> Thanks.
> Randy

Kind regards, Nils
_______________________________________________
Linux-HA mailing list
Linux-HA[at]lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com