|
Brandon,
I agree that I could probably simplify the iptables rules. But the VRRP
communication was already solved before I opened this thread. The
problem that I started this thread for, had more to do with the IPVS
connection communication synchronization, and the connection status.
While both communication mechanisms are initiated by keepalived, in this
case, they're distinct from each other, and have different transmission
characteristics, etc.
Lloyd Brown
Systems Administrator
Fulton Supercomputing Lab
Brigham Young University
http://marylou.byu.edu
On 07/29/2014 09:29 AM, Brandon Perkins wrote:
> You shouldn't need anything beyond:
>
> -A INPUT -p vrrp -j ACCEPT
>
> to get keepalived communication working. To allow VRRP traffic for the
> Keepalived service to function:
>
> # /sbin/iptables -I INPUT -p vrrp -j ACCEPT
> # /sbin/service iptables save
>
> one could also tighten down the source and destination as well. Also,
> since this is RHEL, please feel free to reach out to your Red Hat
> support representatives in case there is something else that needs
> investigating in your particular environment.
>
> -- Thanks, Brandon
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
