From owner-freebsd-net@FreeBSD.ORG Tue Mar 27 20:47:31 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 401D416A400 for ; Tue, 27 Mar 2007 20:47:31 +0000 (UTC) (envelope-from ross@virtualgeek.net) Received: from achilles.virtualgeek.net (perseus.demon.co.uk [83.104.128.109]) by mx1.freebsd.org (Postfix) with ESMTP id B9C4613C4CC for ; Tue, 27 Mar 2007 20:47:30 +0000 (UTC) (envelope-from ross@virtualgeek.net) Received: from virtualgeek.net (achilles.virtualgeek.net [127.0.0.1]) by achilles.virtualgeek.net (Postfix) with ESMTP id 66A46104B37; Mon, 26 Mar 2007 08:31:21 +0100 (BST) Received: from 83.104.128.109 (SquirrelMail authenticated user ross.virtualgeek) by virtualgeek.net with HTTP; Mon, 26 Mar 2007 08:31:21 +0100 (BST) Message-ID: <31629.83.104.128.109.1174894281.squirrel@virtualgeek.net> Date: Mon, 26 Mar 2007 08:31:21 +0100 (BST) From: "Ross Draper" To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: carp/vrrp/ucarp advice X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Mar 2007 20:47:31 -0000 Hi guys I was wondering if I could get some advice from those of you who have successfully implemented ip address failover systems such as carp and freevrrpd. I am trying to set up a high availability web loadbalancer using a pair of freebsd 6.2 boxes. I have tried a number of ways to perform failover but always seem to be hitting a problem. UCARP Pro's:This would be my ideal solution as the startup/shutdown scripts enable me to stop and start my applications and add aliases to adaptors easily. Cons: When the backup box is rebooted it always seems to come up advertising itself as the master, then after a few seconds reverts to backup, although I was under the impression it was supposed to wait and listen for advertisements(it doesnt seem to)to see if a master exists. Its initial gratuitous arp as a master is sufficient to poison any traffic from the local router to the shared ip address. Only solution was to use arp-sk to send gratuitous arps every few secs, however, arp-sk was a bit flakey and it was a bodge. CARP Pro's: stable and built into the kernel. Could enable acive/active arp load sharing at a later point. Cons: There is a Freebsd bug (I've seen it discussed on the lists) where the creation and destroyal of a carp interface causes a kernel panic. Also, there is no support for start/stop scripts. Freevrrpd Pros: Mac address changing removes some of the arp timeout issues/gratuitus arp problems and it supports start/stop scripts Cons: I'm finding that upon rebooting the backup unit it correctly starts as a backup, then three seconds later syslogs that it is the master and changes its mac address accordingly. although a sniff of the network traffic indicates it is sending the right advertisements, it never goes into backup mode again and keeps the virtual mac address. So, what am I doing wrong? are there more suitable options? the loadbalancers are all single homed and I have tried a mixture of xl, bge and fxp cards. Also, any links to a perl based gratuitous arp utils would be great Any help/suggestions much appreciated. Ross PS - I mailed this to freebsd-cluster earlier but it didnt seem to make it onto the list - apologies if this ends up as a cross post.