[Pacemaker] Help with Pacemaker 2-node Router Setup

Michael Schwartzkopff misch at multinet.de
Sat Dec 26 12:46:09 UTC 2009


Am Samstag, 26. Dezember 2009 12:22:47 schrieb Eric Renfro:
> Michael Schwartzkopff wrote:
> > Am Samstag, 26. Dezember 2009 08:12:49 schrieb Eric Renfro:
> >> Hello,
> >>
> >> I'm trying to setup 2 nodes that'll run pacemaker with openais as the
> >> communication layer. Ideally what I want is for router1 to be the master
> >> node and take over for router2 if it comes back up fully functional
> >> again. In my setup, the routers are both internet-facing servers that
> >> toggle the external internet IP to whichever controls it at the time,
> >> and also handles the internal IP for the gateway for internal systems to
> >> route via.
> >>
> >> My problem is with Route in my setup, so far, and later getting
> >> shorewall to start/stop per whichever nodes active.
> >>
> >> Route, in my case in the setup I will show below, is failing to start
> >> initially because I presume the internet IP address is not fully
> >> initialized at the time it's trying to enable the route. If I do a crm
> >> resource cleanup failover-gw, it brings it up just fine. If I try to
> >> move the router_cluster resource to router2 from router1 after it's
> >> fully up, it fails because of failover-gw on router2.
> >
> > (...)
> >
> > If you just want to create a HA firewall why do you need to switch the
> > routing? Do you know my HOWTO for a HA firewall
> > (www.multinet.de/HAFirewall) ? I am just switching the ip_forward in the
> > kernel.
> >
> > Greetings,
>
> Well, it's not technically just a HA firewall. What I'm doing is making
> two routers that are facing the internet directly and providing a
> default route point IP (hence, 192.168.0.1), which is why the routes
> need to change as a result. Having the internet IP up on both computers
> tends to cause IP conflicts, correct?

Yes, should do so. Especially in routing packages back.

> Though it was wierd, when I tried
> this with keepalived, both had the internet IP up fully while just
> passing the internal IP, 192.168.0.1, without any noticeable problem.

I don't know how keepalive can cope with two same IP address in a network. 
What MAC address gets your internet router asking for that IP?

> I'm on business class with Brighthouse Business, and they have my router
> set up in bridged mode.

Bridged mode would also be an option, but a full blown router is better. think 
of dynamic routing, netfilter possibilities, ...

> I'm about to try out what you said in the previous email. I'm also on
> IRC freenode #linux-ha and #linux-cluster presently too, but I don't
> mind using the mailing list, perhaps the discussion will help others in
> the future anyway as well. ;)

I have seen your discussion on the channel. I dod not follow it to the end 
(Lunchtime here). Did you find a solution.

By the way (about classes):
https://www.gurulabs.com/linux-training/courses/GL640/

;-)

Greetings,

-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75

mail: misch at multinet.de
web: www.multinet.de

Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens

---

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42




More information about the Pacemaker mailing list