[ClusterLabs] Antw: Regarding IP tables and IP Address clone

Ulrich Windl Ulrich.Windl at rz.uni-regensburg.de
Wed Dec 30 12:48:28 CET 2015


>>> Somanath Jeeva <somanath.jeeva at ericsson.com> schrieb am 30.12.2015 um 11:34 in
Nachricht <4F5E5141ED95FF45B3128F3C7B1B2A6721ABFE13 at eusaamb109.ericsson.se>:
> On 12/22/2015 08:09 AM, Somanath Jeeva wrote:
>> Hi
>> I am trying to use ip loadbalancing using cloning feature in pacemaker. but 
> After 15 min the virtual ip becomes unreachable. Below is the pacemaker 
> cluster config
>>
>>  # pcs status
>> Cluster name: DES
>> Last updated: Tue Dec 22 08:57:55 2015
>> Last change: Tue Dec 22 08:10:22 2015
>> Stack: cman
>> Current DC: node-01 - partition with quorum
>> Version: 1.1.11-97629de
>> 2 Nodes configured
>> 2 Resources configured
>>
>>
>> Online: [ node-01 node-02 ]
>>
>> Full list of resources:
>>
>>  Clone Set: ClusterIP-clone [ClusterIP] (unique)
>>      ClusterIP:0        (ocf::heartbeat:IPaddr2):       Started node-01
>>      ClusterIP:1        (ocf::heartbeat:IPaddr2):       Started node-02
>>
>> #pcs config
>> Cluster Name: DES
>> Corosync Nodes:
>>   node-01 node-02
>> Pacemaker Nodes:
>> node-01 node-02
>>
>> Resources:
>>  Clone: ClusterIP-clone
>>   Meta Attrs: clone-max=2 clone-node-max=2 globally-unique=true
>>   Resource: ClusterIP (class=ocf provider=heartbeat type=IPaddr2)
>>    Attributes: ip=10.61.150.55 cidr_netmask=23 clusterip_hash=sourceip
>>    Operations: start interval=0s timeout=20s (ClusterIP-start-timeout-20s)
>>                stop interval=0s timeout=20s (ClusterIP-stop-timeout-20s)
>>                monitor interval=5s (ClusterIP-monitor-interval-5s)
>>
>> Stonith Devices:
>> Fencing Levels:
>>
>> Location Constraints:
>> Ordering Constraints:
>> Colocation Constraints:
>>
>> Cluster Properties:
>>  cluster-infrastructure: cman
>>  cluster-recheck-interval: 0
>>  dc-version: 1.1.11-97629de
>>  stonith-enabled: false
>> Pacemaker and Corosync version:
>> Pacemaker - 1.1.12-4
>> Corosync  - 1.4.7
>>
>>
>> Is the issue due to configuration error or firewall issue.
>>
>>
>> With Regards
>> Somanath Thilak J
> 
>> Hi Somanath,
> 
>> The configuration looks fine (aside from fencing not being configured),
>> so I'd suspect a network issue.
>>
>> The IPaddr2 cloning relies on multicast MAC addresses (at the Ethernet
>> level, not multicast IP), and many switches have issues with that. Make
>> sure your switch supports multicast MAC (and if necessary, has it
>> enabled on the relevant ports).
>>
>> Some people have found it necessary to add a static ARP entry for the
>> cluster IP/MAC in their firewall and/or switch.
> 
> Hi ,
> 
> It seems that the switches have multicast support enabled. Any idea on how 
> to trouble shoot the issue. I also tried adding the Multicast MAC to the ip 
> neigh tables. Still the Virtual IP goes down in 15 min or so.

Did you try a "watch arp -vn" on your nodes to watch for changes (if you only have a few connections)?

> 
> 
> Regards
> Somanath Thilak J







More information about the Users mailing list