Date: Mon, 19 Sep 2005 12:31:17 -0500 From: Colin Farley <Colin.Farley@ecarecenters.com> To: freebsd-stable@freebsd.org Subject: Gratuitous ARP Message-ID: <OFA8BFF797.1DD8840D-ON86257081.00603FB8-86257081.00603FBB@ecarecenters.com>
next in thread | raw e-mail | index | archive | help
Hi all, I am using UCARP on two FreeBS= D 4.10-RELEASE-p16 nodes to offer highly available apache virtual hosts.&nb= sp; Everything seems to work very well except that occasionally one webserv= er will become inaccessable from outside it's subnet. I have narrowed= this down to an arp issue. When a UCARP IP becomes unavailable. = ; I normally start a constant ping to it from my machine which lives on a d= ifferent subnet, all requests timeout. I log into the cisco router th= at has an interfaces living on the webserver's subnet. I then view th= e arp table of the cisco router an see that the MAC that is listed for that= UCARP IP is the MAC of the inactive node. I then clear the arp cache= on the cisco router, this makes the routers arp table update correctly aft= er that my ping requests get replied and the webserver is again accessible = from the outside. So, I have come up with a few = solutions to this problem, which include: 1.&nbs= p; Set the arp cache timeout of the cisco router very low so that outages a= re minimal. I would rather not do this as it will problably stress th= e router too much. Unfortunately I know little about cisco devices so= I really cant figure this one out, does anyone think that this is a bad th= ing? Can you tell a cisco device not to cache arp entries on just the= internal interface? The subnet currently consists of about 25 hosts = so this may not be so bad after all? 2. Run an ANT task to = clear the cache on the cisco device, this task can become part of the UCARP= scripts. This may be a good solution but security is a concern. 3. Find a way to make the FreeBSD nodes produce more than usual= gratuitous arp packets or add a line to do only that in the UCARP scripts.= Anyone have any thoughts on this or suggestions on how I may be able= to do this? I have tried by re adding the alias but this sometimes d= oesn't work until I again remove and readd the alias. Could it be a p= roblem with the alias addition not functioning properly? &= nbsp; Any input at all is greatly appreciated. Thanks, Colin =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OFA8BFF797.1DD8840D-ON86257081.00603FB8-86257081.00603FBB>