[Pacemaker] IP Range Failover with IPaddr2 and clone / globally-unique="true"

Reid, Mike MBReid at thepei.com
Mon Jan 23 15:05:34 EST 2012 

FYI,


The solution turned out to be related to IPTABLES rules that were added
using this approach.
By adding a custom IPTables "CLUSTERIP" chain, the firewall started
letting everything through :)

Unfortunately, it seems that this approach is somewhat experimental and
not very stable, so while I finally found my solution, I will be going
back to using individual IPaddr2 Primitives for the time being.

Thanks,

Mike

>Dejan,
>
>Yes, thank you. I realized I was missing "unique_clone_address" in the
>config, which made _most_ of the difference.
>
>However, now I'm seeing some weirdness with regards to ARP -- In my setup,
>I currently have three elastic IPs configured (effectively a small sample
>of my intended IP Range), which all show up as Started, are visible via
>"ip adds show", but only the to-pmost IP in the range is able to be
>pinged?? It appears as if everything is working, I just can't use each of
>the individual IP addresses. I even show all the CLUSTERIP IPTables rules,
>etc.
>
>I'm looking for some recommendations on figuring this out, because as far
>as I can tell it's all working as intended, however the IPs cannot be
>used. In the #linux-ha IRC channel, it was recommended I look into ARP
>issues.
>
>NOTE: I'm running Ubuntu 10.10 / Pacemaker 1.0.9
>
>FWIW, all of the IP Addresses are Public IPs (against eth0 device) valid
>(confirmed subnet/gateway, etc), since using individual IPaddr2 primitive
>rules work for all of them. It's just when I attempt consolidating the CIB
>configuration to leverage setup of the entire IP Range that it does not
>work as intended. Could this be a bug or side effect of my version? I even
>ensure "libnet1-dev" was installed and re-compile cluster resource agents,
>with no luck. 
>
>
>Any help would be very much appreciated.
>
>Best,
>- Mike
>
>On 1/17/12 8:59 PM, "pacemaker-request at oss.clusterlabs.org"
><pacemaker-request at oss.clusterlabs.org> wrote:
>
>>$ crm ra info IPaddr2 | grep unique_clone_address
>>
>>Does that help?
>>
>>Thanks,
>>
>>Dejan
>

More information about the Pacemaker mailing list