[LARTC] Re: failover with conntrackd
Abhijit Menon-Sen
ams at toroid.org
Tue Oct 23 08:08:00 CEST 2007
(Sorry for the delayed response. I've been on vacation. I'm quoting
extensively to provide context.)
At 2007-10-10 09:55:57 -0500, gtaylor at riverviewtech.net wrote:
>
> > Is anyone using conntrack-tools to implement gateway failover on a
> > network with windows clients? [...]
To recap: I have two gateway machines that share two virtual addresses
(one on eth0, connected to the internal network and the other on eth1,
connected to the outside world).
> Um, why are you not using the same MAC address for the gateway and
> having the systems decide who is actively using the MAC at any given
> time?
Mostly because neither ucarp nor keepalived seem to support changing the
MAC address... and besides, everything I read seems to suggest that just
gratuitous ARP should be sufficient.
> There is a very simple VRRP daemon (vrrpd) for Linux / Unix that will
> achieve this. To my knowledge it works by creating a new MAC address
> that is used for the VRRP router.
I did not realise that vrrpd supports it.
My problem with ucarp (which, like vrrpd, also uses a single daemon per
interface/shared IP) is that the pair of daemons on eth0 were not always
perfectly synchronised with the pair on eth1. As a result, failover time
was unpredictable. That's why I switched to keepalived, so as to manage
both interfaces with a single process.
But I'll try vrrpd anyway, thanks.
> The two or more VRRP routers will heart beat each other (I think by
> multicast (?))
Yes, through multicast; and if the primary goes down, the remaining
nodes elect a new primary.
I'll try it and report.
-- ams
More information about the LARTC
mailing list