Hello, But as far as I know, there is no VRRP implementations that fully comply with rfc2338 as it requires multiple MAC addresses for the one poor linux box's interface. Maybe, someone can suggest a working solution of this problem? I have seen one idea, but haven't tested it yet (hope someone can try it out): To bridge the physical iface with TAP on which the vrrpd (or keepalived) is running. In that case we could make the VRRP-router that fully comply with RFC. For more info see: http://www.math.leidenuniv.nl/pipermail/bridge/2002-June/002021.html BR, Dmitry ======= At 2002-12-11, 03:56:00 you wrote: ======= >The daemon at http://www.keepalived.org/ is the VRRPd implementation >that's supposed to be the best. It's actually part of the Linux Virtual >Server project (layer 4 load balancer), but the author claims you should >be able to use it as a pure VRRP daemon -- although when I've read the >doc, I couldn't figure out how. (But don't be discouraged by my >impatience. :) It's supposed to be the most mature and ready-for-production. > >There's also Jerome Etienne's reference implementation (don't have a >URL, but it's easy to Google). However, I've heard from more than place >that this is too proof-of-concept and perhaps not production-worthy. >Here's a link to a paper about running VRRPd as the hotspare protocol >for linux firewalls (uses Jerome Etienne's implementation): >http://www.gnusec.com/resource/security/docs/HAFirewallLinux-VRRP.pdf. > >BTW, keep in mind that if you intend to use VRRP in an environment with >Cisco routers, you'll need to do some work on them too. Cisco routers do >not accept multicast MAC addresses as legit ARP replies by default. >Unfortunately, the VRRP RFC and all implementations use multicast MACs. >What that means is that you'll need to either 1) turn the switch on the >Cisco routers that makes them accept multicast MAC ARP replies (good), >or 2) put a static ARP entry in the Cisco routers for the VRRP multicast >MACs (better). > >Hope that helps. > >-S > > >Anton Tinchev wrote: > >>Can someone point me for good VRRPD (rfc2338) implementation on linux. >>Some stable and live project >>Thanks >> >>_______________________________________________ >>LARTC mailing list / LARTC@mailman.ds9a.nl >>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >> >> > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
