From owner-freebsd-cluster@FreeBSD.ORG Sat Mar 31 22:27:18 2007 Return-Path: X-Original-To: freebsd-cluster@freebsd.org Delivered-To: freebsd-cluster@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A7E5516A40F for ; Sat, 31 Mar 2007 22:27:18 +0000 (UTC) (envelope-from bseklecki@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 7EAFF13C459 for ; Sat, 31 Mar 2007 22:27:18 +0000 (UTC) (envelope-from bseklecki@collaborativefusion.com) Received: from [192.168.4.6] (c-67-171-75-90.hsd1.pa.comcast.net [67.171.75.90]) (AUTH: LOGIN seklecki, TLS: TLSv1/SSLv3,128bits,RC4-MD5) by wingspan with esmtp; Sat, 31 Mar 2007 18:17:06 -0400 id 00056403.460EDDE2.0000FB8C From: "Brian A. Seklecki" To: Ross Draper In-Reply-To: <48279.83.104.128.109.1174847030.squirrel@virtualgeek.net> References: <48279.83.104.128.109.1174847030.squirrel@virtualgeek.net> Organization: Collaborative Fusion, Inc. Date: Sat, 31 Mar 2007 17:17:20 -0500 Message-Id: <1175379440.7585.58.camel@ingress> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-Mailer: Evolution 2.2.3-10mdk Cc: freebsd-cluster@freebsd.org Subject: Re: Vrrp/CARP/UCarp Problems X-BeenThere: freebsd-cluster@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Clustering FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Mar 2007 22:27:18 -0000 You could put an OpenBSD or FreeBSD box runnig pf(4) in "front" of your web server cluster. You setup your public IP anchor and a service-VIP for your web service application. Then you do a RDR nat into a pf(4) table. You set the contents of the table based on a shell script that checks the health of the system. I suppose you could carp between the two RDR boxes; keep state tables even too. I.e., carp was never designed to move an HA L4 address between two systems. Only to provide a HA L4 IP gateway. Bob Beck did a great presentation on this at NYCBSDcon 06. Google it and grab his slides. ~BAS On Sun, 2007-03-25 at 19:23 +0100, Ross Draper wrote: > Hi guys > > I was wondering if I could get some advice from those of you who have > successfully implemented ip address failover systems such as carp and > freevrrpd. > > I am trying to set up a high availability web loadbalancer using a pair of > freebsd 6.2 boxes. I have tried a number of ways to perform failover but > always seem to be hitting a problem. > > UCARP - Pro's:This would be my ideal solution as the startup/shutdown > scripts enable me to stop and start my applications and add aliases to > adaptors easily. > Cons: When the backup box is rebooted it always comes up advertising > itself as the master then after a few seconds revers to backup, although I > was under the impression it was supposed to wait and listen for > advertisements(it doesnt seem to). Its initial gratuitous arp as a master > is sufficient to poison any traffic from the local router to the shared ip > address. Only solution was to use arp-sk to send gratuitous arps every few > secs, however, arp-sk was a bit flakey and it was a bodge. > > CARP - Pro's: stable and built into the kernel. Could enable acive/active > arp load sharing at a later point. > Cons: There is a Freebsd bug (I've seen it discussed on the lists where > the creation and destroyal of a carp interface causes a kernel panic. > Also, there is no support for start/stop scripts. > > Freevrrpd - Pros: Mac address changing removes some of the arp timeout > issues/gratuitus arp problems and it supports start/stop scripts > Cons: I'm finding that upon rebooting the backup unit it correctly starts > as a backup, then three seconds later syslogs that it is the master and > changes its mac address accordingly. although a sniff of the network > traffic indicates it is sending the right advertisements, it never goes > into backup mode again. > > So, what am I doing wrong? are these the experiences others have had or > are there more suitable options? the loadbalancers are all single homed > and I have tried a mixture of xl, bge and fxp cards. > > Also, any links to a perl based gratuitous arp utils would be great > > Any help/suggestions much appreciated. > > Ross > > > _______________________________________________ > freebsd-cluster@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-cluster > To unsubscribe, send any mail to "freebsd-cluster-unsubscribe@freebsd.org"