|
On Tue, 3 Jul 2007, Jacob Smullyan wrote:
> Joseph Mack NA3T wrote:
>> On Tue, 3 Jul 2007, Tim Mooney wrote:
>>
>>
>>> In regard to: [lvs-users] arp_ignore issues, Jacob Smullyan said (at
>>> 5:48pm...:
>>>
>>>
>>>> Hi --
>>>>
>>>> I have an LVS-DR cluster that has been running for
>>>> years; its realservers have linux 2.4 kernels and I use
>>>> the noarp module to hide the VIP. I now want to add
>>>> realservers with 2.6 kernels (2.6.20 at the moment),
>>>> and am attempting to use arp_ignore and arp_announce to
>>>> solve the arp problem as follows:
>>>>
>>>> # from sysctl.conf
>>>> net.ipv4.conf.all.arp_ignore = 1
>>>> net.ipv4.conf.all.arp_announce = 2
>>>> net.ipv4.conf.eth0.arp_ignore=1
>>>> net.ipv4.conf.eth1.arp_ignore = 1
>>>> net.ipv4.conf.eth0.arp_announce = 2
>>>> net.ipv4.conf.eth1.arp_announce = 2
>>>>
>>> We're using
>>>
>>> net.ipv4.conf.lo.arp_ignore = 1
>>> net.ipv4.conf.lo.arp_announce = 2
>>> net.ipv4.conf.all.arp_ignore = 1
>>> net.ipv4.conf.all.arp_announce = 2
>>>
>>
>> it's in the HOWTO as well
>>
>> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.arp_problem.html#2.6_arp
> That HOWTO says:
>
> On the realservers the VIP will still be on lo (as for the hidden
> method). If the reply packets to the client are routed through eth0,
> then the arp announcements/requests are made through eth0 and you
> will apply the arp_ignore/arp_announce sysctls to eth0, not to lo
> (you cannot use arp_ignore/arp_announce on lo).
>
> Mr. Mooney's settings apply the sysctls to lo, however. I think my
> settings, above, are consistent with the HOWTO -- or am I mistaken?
Hmm. Seems I've flubbed up. Apologies all round. I looked at
Tim's posting and then looked at the HOWTO and thought they
were identical. I now look at the HOWTO to find they're not
at all and that you've used it as is done in the HOWTO.
(I remember the HOWTO was wrong for a while, I think acting
on lo, which added to my confusion. I don't know how Tim's
machine is working then.)
In that case to answer your original posting
> eth0 and eth1 both have real network interfaces; there are
> no others.
are both facing the router that delivers the packets to the
VIP? I think you only need arp_ignore/announce on the
interface that hears the arp requests.
> I gather I'm supposed to add the VIP nowadays
> on lo.
It's the place we've always put it.
> So, having enabled the above options, I attempt to
> add the VIP like so:
>
> ifconfig lo:0 $VIP
>
> When this happens, the existing interfaces go beserk; my
> ssh connection to the machine begins to drop most packets,
> and I am lucky to get enough packets across to bring down
> lo:0, which restores the network to sanity. Using
> iproute2:
>
> ip address add $VIP dev lo
>
> the same thing occurs, and is remedied the same way (by
> taking the VIP off the lo interface).
>
> Is it obvious to anyone what I am doing wrong?
Have you tried with the correct netmask/broadcast address
(the VIP on lo has to be on a /32 network).
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
