Re: duplicate ip due to ip faking

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: duplicate ip due to ip faking
From:	Chris <chris@xxxxxx>
Date:	Tue, 10 Jul 2001 13:12:11 +0200

Hi,

I run into the same problems some time ago, so I wrote a little script,
which tests
the server first with an port connect (port 22 / ssh), but when the
connect fails, or the script
guesses it has allready taken the IP, it uses arping to check if the IP
is allive.
The -D switch of arping is very usefull in that case :-)

OK, now backup releases the IP from the director, but there are still
some arp-caches which uses the entry 
from the backup.
so I added following lines to end of the ip_stop functoin of IPaddr:



ETH=`${FINDIF} ${FULLIP} |cut -f1`


if ! `${ARPING} -D ${BASEIP} -I ${ETH} -c 1 -w 1 -q` ; then
 
  MACADDR=`${ARPING} -D ${BASEIP} -I ${ETH} -w 1 -c 1|grep Unicast|cut
-d "[" -f 2- | cut -d "]" -f1`
  for j in 1 2 3 4
  do
   $SENDARP ${ETH} ${BASEIP} ${MACADDR} ${BASEIP} ffffffffffff
   sleep 1
  done
 
fi

now the backup broadcasts the mac-address from the master into the
network.

the paths of findif, arping and sendarp must also be added to IPaddr.

--
Chris 

Miri Groentman wrote:
> 
> In ?High Availability?
> (<http://www.linuxvirtualserver.org/HighAvailability.html>) it is mentioned
> that the backup server activates Fake and fakes the server?s ip, and when
> the server (LinuxDirector) is up again, it releases the ip it was faking. My
> question is: Can there be a situation in which both LinuxDirector and the
> backup have the same ip address at a given moment ? (exaples to such a
> situation: A. In case a crucial demon on LinuxDirector is down, but the
> LinuxDirector itself is up and can respond to ARP. In such a case the backup
> might take over, faking LinuxDirector?s ip because of the crucial demon
> that?s down. Both LinuxDirector  and the backup might respond to the an ARP
> with the same ip address.
> B. In case the LinuxDirector  has recovered after a crash, and it is up
> again, but the backup hasn?t learned about it yet, again, both LinuxDirector
> and the backup have the same ip. What happens to a packet directed at the
> LinuxDirector  arriving at such time? )
> 
> Case b :
>                 LinuxDirector                   backup
>                         |                       |
>                         |                       |
>         down    --      |                       |
>                         |                       |
>                         |                       |--fakes ip
>                         |                       |
>                         |                       |
>         up again --     |                       |       |
>                         |                       |       | <--- what what
> happens here?
>                         |                       |       |
>                         |                       |-- learn that LinuxDirector
> is up and stop faking
> 
> thanks
> -Mrii
> 
> 
> 
> 
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
duplicate ip due to ip faking, Miri Groentman Re: duplicate ip due to ip faking, Horms Re: duplicate ip due to ip faking, Joseph Mack Re: duplicate ip due to ip faking, Chris <= Re: duplicate ip due to ip faking, Chris

Previous by Date:	Re: duplicate ip due to ip faking, Joseph Mack
Next by Date:	Re: duplicate ip due to ip faking, Chris
Previous by Thread:	Re: duplicate ip due to ip faking, Joseph Mack
Next by Thread:	Re: duplicate ip due to ip faking, Chris
Indexes:	[Date] [Thread] [Top] [All Lists]