[ClusterLabs] IPaddr2 RA and multicast mac

Tomer Azran tomer.azran at edp.co.il
Tue Sep 3 18:27:55 EDT 2019 

Hello,

When using IPaddr2 RA in order to set a cloned IP address resource:

pcs resource create vip1 ocf:heartbeat:IPaddr2 ip=10.0.0.100 iflabel=vip1 cidr_netmask=24 flush_routes=true op monitor interval=30s
pcs resource clone vip1 clone-max=2 clone-node-max=2 globally-unique=true

Then the cluster set the iptables CLUSTERIP module, and the result is something like that:

# iptables -L -n
.
.
.
CLUSTERIP  all  --  0.0.0.0/0            10.0.0.100         CLUSTERIP hashmode=sourceip-sourceport clustermac=A1:DE:DE:89:A6:FE total_nodes=2 local_node=1 hash_init=0
.
.
.

The problem is that the RA picks a clustermac address which is not on the multicast range (must start with 01:00:5E)
If not working with a multicast address, the traffic is being treated as broadcast which is bad.

I found that you can set a multicast mac if you use the "mac" parameter, which solves the issue.

Can the RA default be changed to use multicast range?
In addition, I think that you might need to update the documentation (https://clusterlabs.org/pacemaker/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_clone_the_ip_address.html) and instruct users to use the mac parameter when creating the resource. In addition, I think that the documentation should instruct the user to enable multicast traffic on the network, which is not enabled by default.

Tomer Azran
IDM & LINUX Professional Services

tomer.azran at edp.co.il<mailto:tomer.azran at edp.co.il>
m: +972-52-6389961
t: +972-3-6438222
f: +972-3-6438004

[http://www.edp.co.il/logo1-small.png]<http://www.edp.co.il/>
www.edp.co.il<http://www.edp.co.il/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clusterlabs.org/pipermail/users/attachments/20190903/70b2ed34/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3807 bytes
Desc: image001.png
URL: <https://lists.clusterlabs.org/pipermail/users/attachments/20190903/70b2ed34/attachment.png>

More information about the Users mailing list