RE: linux router and HA

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I played with failover from heatbeat with this.

It seemed to do everything you're looking for. Make sure that you have
at least one spare IP address on each subnet dedicated to each firewall.
I'm not sure if its necessary, but it makes the failover more friendly.
I had a lot of problems with false failovers and their IP probing tool.
It didn't failover when necessary and sometimes it did partial takeover,
but not failover, and sometimes they both failed over, effectively
having two idential IP's on every subnet. This was ugly. I do admit that
I could probably get it working if I had more time to get it working in
a development environment instead of prod. 

IP takeover and gratuitous arp spamming works
Detection of mutually dead IP's, I don't think it works too well. It
always seemed to assume that the entire node was fcked, and cause itself
to failover, but since both thought that, there was no bound IP's!!!

Not to discourage you for the attempt, but just expect some rough spots
along the way.


przemolicc@xxxxxxxxx wrote:
> While this may sound a bit off topic I suspect this list
> can be the best regarding _experience_ in linux routers failover. So
> forgive me if you my question is not exactly what you might expected. 
> 
> I have linux router (iptables + iproute2) transmiting (quite big)
> network traffic between 4 local LANs. The router works very well but
> I prepared, in case of hardware failures, another, similar router
> with the same configuration. But when the failure occurs I have to
> manually change cords into the new router. Of course it is not the
> most comfortable solution.     
> 
> So I am looking for a failover solution for such LAN. The most
> important thing is the router has four routing NICs. And all of them
> should be taken over to a failover router. Does anybody use such
> "failover" (working !) solution ?   
> 
> przemol
> _______________________________________________
> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
> http://lartc.org/  
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/


[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux