|
Roberto and all,
--- Roberto Nibali <ratz@xxxxxx> wrote:
> Wrong. You can happily have the same MAC, you just
> need to make sure the switch
> doesn't shut down the ports.
My very simple meaning here is that when the LVS (or
NAT) VIPs failover to the backup LVS box, the MAC
(ethernet address(s)) addresses change (associated
with the VIPs). The "arping" command lets you ping
the LVS and NAT IP addresses and see which MAC they
come from (and -D option looks for duplicates). Not
sure what part of this is not understood....
> What's wrong with 'ip neigh show'?
Well, for one, "ip neigh show" is NOT showing me the
LVS or NAT IP addresses. Try it folks, showed my
neighborly IP addresses all over the place, but not
the LVS and NAT IP's !
> That's a basic problem of hotspare clustering and
> caused a lot of people headaches.
Which is exactly my reason for wanting to run a script
on each LVS box using "arping ..." or whatever works
to verify IP + MAC addr pairs. If I find the same IPs
(specifically the LVS and NAT IPs) running
simultaneously on different LVS boxes, the scripts can
take action to alleviate the issue.
> What's an LVS daemon?
What do you call the main daemon that runs Linux
Virtual Server ? (Not hearbeat... lvs.)
> Yes, the failover/failback cluster software should
> definitely be aware that
> there is already someone on the same physical
> segment stealing away packets.
Yes, and I've noted that the when network
communications is restored so heartbeat knows the
backup LVS should go back to sleep again (so to speak)
it correctly stops the LVS processes and hearbeat
chucks along fine... but what we saw once or twice is
it did NOT take down the LVS eth0:1 and NAT eth1:1
devices, so routing was messed up.
Having an arping or similar script to determine IP and
MAC pairings would help to stop rogue virtual ethernet
devices from carrying on when they should have shut
down (such as on the backup LVS).
> Despite the fact that I do not understand what
> exactly you're trying to achieve
> you might want to consider the concept of having one
> or two heartbeat interfaces via crosscable that
> check the running state of each director.
I think I've explained it - a simple script
incorporating arping or similar to get me VIP plus MAC
(ethernet) address pairings, and act on duplicates (as
far as the primary and backup LVS boxes interfering
with one another due to not taking down the virtual
ethernets and VIPs properly). Not that this happens
very often, hardly not, but it has.
> I use arping to set up interfaces actually but not
> to do the checking.
Now I don't understand YOUR use of arping. On my
system LVS itself starts and stops virtuap ethernet
devices and VIPs based on heartbeat.
> > Why does arping only work from the backup and not
> > the primary LVS nor from my PC ? I cannot seem
> link state down? missing routing info?
arping -I eth0 <IPADDR> <-D>
only works from the backup LVS box.
ip neigh show
does not show me the LVS and NAT VIP's at all.
only shows the host IPs (yes backup and primary)
Thanks
Peter
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
|
