From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 23:03:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 12CB4E73; Tue, 1 Apr 2014 23:03:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1FEF8E4; Tue, 1 Apr 2014 23:03:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31N38Lk032103; Tue, 1 Apr 2014 23:03:08 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31N38BE032102; Tue, 1 Apr 2014 23:03:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404012303.s31N38BE032102@svn.freebsd.org> From: Dru Lavigne Date: Tue, 1 Apr 2014 23:03:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44414 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 23:03:09 -0000 Author: dru Date: Tue Apr 1 23:03:08 2014 New Revision: 44414 URL: http://svnweb.freebsd.org/changeset/doc/44414 Log: Editorial review of CARP chapter. Add a few clarifications. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 22:55:59 2014 (r44413) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:03:08 2014 (r44414) @@ -4903,22 +4903,38 @@ route_hostD="192.168.173.4 hatm0 0 102 l The Common Address Redundancy Protocol (CARP) allows multiple hosts to share the - same IP address and provide high - availability. One or more hosts can fail, and the - others will take over for the failed system transparently. In - addition to the shared IP address, hosts also - have a unique IP address for management and - configuration, as in the example provided here. - - - Using <acronym>CARP</acronym> for High - Availability + same IP address and Virtual Host ID + (VHID) in order to provide high + availability for one or more services. This means that one or more + hosts can fail, and the + other hosts will transparently take over so that users do not see a service + failure. + + In + addition to the shared IP address, each host + has its own IP address for management and + configuration. All of the machines that share an + IP address have the same + VHID. The VHID for each + virtual IP address must be unique across + the broadcast domain of the network interface. + + High availability using CARP is built + into &os;, though the steps to configure it vary slightly + depending upon the &os; version. This section provides the same + example configuration for versions before and equal to or after + &os; 10. - CARP is often used to provide - high availability for one or more services. This example + This example configures failover support with three hosts, all with unique IP addresses, but providing the same web - content. These machines are load balanced with a Round Robin + content. It has two different masters named + hosta.example.org and + hostb.example.org, with + a shared backup named + hostc.example.org. + + These machines are load balanced with a Round Robin DNS configuration. The master and backup machines are configured identically except for their hostnames and management IP addresses. These servers @@ -4930,82 +4946,69 @@ route_hostD="192.168.173.4 hatm0 0 102 l interfaces, one for each of the master content server's IP addresses. When a failure occurs, the backup server will pick up the failed master machine's - IP address. Users will not see a service - failure at all. - - This example has two different masters named - hosta.example.org and - hostb.example.org, with - a shared backup named - hostc.example.org. - - Each virtual IP address has a unique - identification number known as a Virtual Host Identification - (VHID). All of the machines that share an - IP address have the same - VHID. The VHID for each - virtual IP address must be unique across - the broadcast domain of the network interface. - + IP address. Using <acronym>CARP</acronym> on &os; 10 and Later - Enable support for CARP by loading the + Enable boot-time support for CARP by adding an entry for the carp.ko kernel module in /boot/loader.conf: carp_load="YES" - - The CARP module can also be built into - the &os; kernel as described in + + To load the module now without rebooting: + + &prompt.root; kldload carp + + For users who prefer to use a custom kernel, include the + following line in the custom kernel configuration file and + compile the kernel as described in : device carp - The hostname, management IP address, - CARP configuration, and the - IP address to be shared are all set by + The hostname, management IP address and subnet mask, + shared IP address, and VHID are all set by adding entries to /etc/rc.conf. This example is for hosta.example.org: - hostname="hosta.example.org" -ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 1 pass testpass alias 192.168.1.50/32" - - On hostb.example.org: - - hostname="hostb.example.org" -ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 2 pass testpass alias 192.168.1.51/32" - - - The passwords specified with &man.ifconfig.8; - must be identical. + hostname="hosta.example.org" +ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 pass testpass alias 192.168.1.50/32" + + The next set of entries are for + hostb.example.org. Since it + represents a second master, it uses a different shared + IP address and + VHID. However, the passwords specified with + must be identical as CARP will only listen to and accept advertisements from machines with the correct password. - + + hostname="hostb.example.org" +ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 2 pass testpass alias 192.168.1.51/32" The third machine, - hostc.example.org, is prepared to - handle failover from either of the previous hosts. This + hostc.example.org, is configured to + handle failover from either master. This machine is configured with two CARP VHIDs, one to handle the virtual - IP address of each of the master hosts. - , the CARP - advertising skew, is set to ensure that the backup host - advertises later than the master. + IP address for each of the master hosts. + The CARP + advertising skew, , is set to ensure that the backup host + advertises later than the master, since controls the order of precedence when there are multiple - backup servers. Set the configuration in - /etc/rc.conf: + backup servers. hostname="hostc.example.org" -ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 1 advskew 100 pass testpass alias 192.168.1.50/32" -ifconfig_em0_alias1="vhid 2 advskew 100 pass testpass alias 192.168.1.51/32" +ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 advskew 100 pass testpass alias 192.168.1.50/32" +ifconfig_em0_alias1="vhid 2 advskew 100 pass testpass alias 192.168.1.51/32" Having two CARP VHIDs configured means that @@ -5027,8 +5030,8 @@ ifconfig_em0_alias1="vhid 2 advskew 100 &prompt.root; ifconfig em0 vhid 1 state backup - At this point, either networking must be restarted or the - machine rebooted, then CARP is + Once the configuration is complete, either restart networking or reboot + each system. High availability is now enabled. CARP functionality can be controlled @@ -5042,76 +5045,63 @@ ifconfig_em0_alias1="vhid 2 advskew 100 Using <acronym>CARP</acronym> on &os; 9 and Earlier - Enable support for CARP by loading the + The configuration for these versions of &os; is similar to + the one described in the previous section, except that a + CARP device must first be created and + referred to in the configuration. + + Enable boot-time support for CARP by loading the if_carp.ko kernel module in /boot/loader.conf: if_carp_load="YES" - CARP can also be built into the - &os; kernel as described in + To load the module now without rebooting: + + &prompt.root; kldload carp + + For users who prefer to use a custom kernel, include the + following line in the custom kernel configuration file and + compile the kernel as described in : device carp - The CARP devices themselves may be - created using &man.ifconfig.8;: + Next, on each host, create a CARP device: &prompt.root; ifconfig carp0 create - Set the hostname, configure the management - IP address, then configure - CARP and the IP address - to be shared by adding the required lines to - /etc/rc.conf. Here are example lines for + Set the hostname, management + IP address, the shared + IP address, and VHID + by adding the required lines to + /etc/rc.conf. Since a virtual + CARP device is used instead of an alias, + the actual subnet mask of /24 is used + instead of /32. Here are the entries for hosta.example.org: - hostname="hosta.example.org" -ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" + hostname="hosta.example.org" +ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" cloned_interfaces="carp0" -ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" +ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" On hostb.example.org: - hostname="hostb.example.org" -ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" + hostname="hostb.example.org" +ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" cloned_interfaces="carp0" -ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" - - - The passwords specified with &man.ifconfig.8; - must be identical. - CARP will only listen to and accept - advertisements from machines with the correct password. The - VHID must also be unique for each virtual - IP address. - +ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" The third machine, - hostc.example.org, is prepared to - handle failover from either of the previous hosts. This - machine is configured with two CARP - devices, one to handle each of the virtual - IP address of each of the master hosts. - Setting the controls the - CARP advertising skew. The skew ensuring - that the backup hosts advertises later than the master, and - controls the order of precedence when there are multiple - backup servers. Set the configuration in - /etc/rc.conf: + hostc.example.org, is configured to + handle failover from either of the master hosts: - hostname="hostc.example.org" -ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0" + hostname="hostc.example.org" +ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0" cloned_interfaces="carp0 carp1" -ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" -ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24" - - Having two CARP devices configured - means that hostc.example.org will - notice if either of the master servers becomes unavailable. - If a master fails to advertise before the backup server, the - backup server will pick up the shared IP - address until the master becomes available again. +ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" +ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24" Preemption is disabled in the GENERIC &os; kernel. @@ -5128,15 +5118,10 @@ ifconfig_carp1="vhid 2 advskew 100 pass interface which corresponds to the correct host. - At this point, either networking must be restarted or the - machine rebooted, then CARP is + Once the configuration is complete, either restart networking or reboot + each system. High availability is now enabled. - CARP functionality can be controlled - via several &man.sysctl.8; variables documented in the - &man.carp.4; manual pages. Other actions can be triggered - from CARP events by using - &man.devd.8;.