[ClusterLabs] Concept of a Shared ipaddress/resource for generic applicatons

Jan Pokorný jpokorny at redhat.com
Tue Dec 3 09:06:14 EST 2019

On 02/12/19 09:50 -0600, Ken Gaillot wrote:
> On Sat, 2019-11-30 at 18:58 +0300, Andrei Borzenkov wrote:
>> 29.11.2019 17:46, Jan Pokorný пишет:
>>> "Clone" feature for IPAddr2 is actually sort of an overloading that
>>> agent with an alternative functionality -- trivial low-level load
>>> balancing.  You can ignore that if you don't need any such.
>> I would say IPaddr2 in clone mode does something similar to
>> SharedAddress.
> Just a side note about something that came up recently:
> IPaddr2 cloning utilizes the iptables "clusterip" feature, which has
> been deprecated in the Linux kernel since 2015. IPaddr2 cloning
> therefore must be considered deprecated as well. (Using it for a single
> floating IP is still fully supported.)
> IPaddr2 could be modified to use a newer iptables capability called
> "xt_cluster", but someone would have to volunteer to do that as it's
> not a priority.

You likely refer to


however this extension is activelly maintained to this day, so don't
see any immediate risks other than something related to containers
as referred to from said commit -- that is good to know about in
such scenarios nonetheless.

My up2date Fedora Rawhide iptables installation, or rather its
iptables-extensions(8) man page does not mention any deprecation
at all (unlike with ULOG extension).

OTOH, what may be a true show stopper is a support for IPv4 only,
which xt_cluster seems to rectify.

Jan (Poki)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.clusterlabs.org/pipermail/users/attachments/20191203/54a368b9/attachment.sig>

More information about the Users mailing list