Hi Aaron,
thanks for the advice, I have set up OpenVPN between nodes and am
looking to set it up like you suggested using that to avoid the whole
NAT thing. Also - this way I can have a single IP for the tunnel and
use my local subnet for DRBD.
That raises a new question, how to configure */etc/network/interfaces*?
Obviously I need the external IP on eth0 and I'm using KVM so I'm using
a bridged interface for the VMs. I have currently 5 resources I want to
sync from my 2 node cluster through this stacked resource. Can I
perhaps get a peek at */etc/network/interfaces* from your node that is
off-site and behind the VPN?
With the tunnel active I have the following listed as active :
root@kvm-srv-03:~# ifconfig
eth0 Link encap:Ethernet HWaddr 84:2b:2b:40:1b:2f
inet addr:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx
Mask:255.255.255.252
inet6 addr: fe80::862b:2bff:fe40:1b2f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:650589 errors:0 dropped:0 overruns:0 frame:0
TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:42452974 (40.4 MiB) TX bytes:7327 (7.1 KiB)
Interrupt:16 Memory:da000000-da012800
eth1 Link encap:Ethernet HWaddr 84:2b:2b:40:1b:30
inet addr:yyy.yyy.yyy.yyy Bcast:yyy.yyy.yyy.yyy
Mask:255.255.255.0
inet6 addr: fe80::862b:2bff:fe40:1b30/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:649179 errors:0 dropped:0 overruns:0 frame:0
TX packets:2322 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:42322482 (40.3 MiB) TX bytes:325348 (317.7 KiB)
Interrupt:17 Memory:dc000000-dc012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:123 errors:0 dropped:0 overruns:0 frame:0
TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8626 (8.4 KiB) TX bytes:8626 (8.4 KiB)
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.16.0.41 P-t-P:172.16.0.42 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:924 (924.0 B) TX bytes:924 (924.0 B)
on my local nodes */etc/network/interfaces* looks like this:
root@kvm-srv-01:~# cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet manual
# Network bridge
auto br0
iface br0 inet static
address 192.168.0.30
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.254
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0
# The secondary network interface used for DRBD resource replication
auto eth1
allow-hotplug eth1
iface eth1 inet static
address 192.168.2.31
network 192.168.2.0
netmask 255.255.255.0
broadcast 192.168.2.255
auto eth1:0
allow-hotplug eth1:0
iface eth1:0 inet static
address 192.168.2.41
netmask 255.255.255.0
auto eth1:1
allow-hotplug eth1:1
iface eth1:1 inet static
address 192.168.2.51
netmask 255.255.255.0
auto eth1:2
allow-hotplug eth1:2
iface eth1:2 inet static
address 192.168.2.61
netmask 255.255.255.0
auto eth1:3
allow-hotplug eth1:3
iface eth1:3 inet static
address 192.168.2.71
netmask 255.255.255.0
# The tertiary network interface - DMZ
auto eth2
iface eth2 inet manual
# Network bridge - DMZ
auto br2
iface br2 inet static
address 192.168.4.30
network 192.168.4.0
netmask 255.255.255.0
broadcast 192.168.4.255
# static routing
post-up route add -net 0.0.0.0 gw 192.168.4.254
pre-down route del -net 0.0.0.0 gw 192.168.4.254
dns-nameservers 64.59.160.13 64.59.160.15
bridge_ports eth2
bridge_stp off
bridge_fd 0
bridge_maxwait 0
on the remote node I still have only my 2 external IPs configured from
the basic Debian set up. :
root@kvm-srv-03:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask 255.255.255.252
gateway xxx.xxx.xxx.xxx
dns-nameservers 64.59.160.15 64.59.161.69
# The DRBD network interface
allow-hotplug eth1
iface eth1 inet static
address yyy.yyy.yyy.yyy
netmask 255.255.255.0
gateway yyy.yyy.yyy.yyy
dns-nameservers 64.59.160.15 64.59.161.69
So I'm not at all sure how to alias the IPs through the tunnel at
kvm-srv-03 as I did directly on eth1 on kvm-srv-01.
Am I making any sense here? I think I'm confusing myself...
*Paul O’Rorke*
Tracker Software Products
[email protected] <mailto:[email protected]>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
PLEASE NOTE : - If you are sending files for us to look at or assist with
these must ALWAYS be wrapped in either a ZIP/RAR or 7z FILE
or they will be removed by our Firewall/Virus management software.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
**Certified by Microsoft**
"Works with Vista"
PDF-XChange & SDK, Image-XChange
PDF-Tools & SDK, TIFF-XChange & SDK.
Support:
http://tracker-software.com/support/
or
http://www.tracker-software.com/forum/index.php
Download latest Releases
http://www.tracker-software.com/downloads/
On 9/27/2013 10:26 AM, Aaron Johnson wrote:
Paul,
That config looks right, however you will want to use a VIP address
instead of the IP address of just 1 node. This IP will move between
the 2 local nodes to whichever node is active, otherwise if when the
node with the IP in the local resource is down you will not get
updates to the stacked offsite node.
Also be aware of private vs. public IP space and how the IPs may
appear when NAT comes into play and which IPs need to appear where in
the config. I avoid this by having my 2 locations connected by VPN so
all addresses are direct, no NAT.
Aaron
On 9/26/2013 4:06 PM, Paul O'Rorke wrote:
Thanks for that Aaron,
I'm looking at this page
http://www.drbd.org/users-guide/s-three-nodes.html and not quite sure
I understand how to merge this with my current config. Currently I
have 5 resources using Protocol C on my 2 node local cluster.
For the sake of this set up I will consider the set up one of these
resources with a third node using a stacked resource and protocol A
then hopefully once that is working I can apply this to the other
resources.
In the example provided it appears that I need to define all three
resources in the one .res file. I have the following 2 config files:
*/etc/drbd.d/global_common.conf*
global {
usage-count yes;
}
common {
protocol C;
}
and
*/etc/drbd.d/restored.res*
resource restored {
device /dev/drbd2;
disk /dev/VirtualMachines/restored;
meta-disk internal;
on kvm-srv-01 {
address 192.168.2.41:7789;
}
on kvm-srv-02 {
address 192.168.2.42:7789;
}
}
can I just tack something like this onto the end of
*/etc/drbd.d/restored.res*?
resource restored-U {
net {
protocol A;
}
stacked-on-top-of restored {
device /dev/drbd10;
address 192.168.3.41:7788;
}
on buckingham {
device /dev/drbd10;
disk /dev/hda6;
address <fixed IP at backup node>:7788; # Public IP of the backup node
meta-disk internal;
}
}
I am also wondering, since I have a spare NIC on my local nodes,
would I be better to use that to connect to my off site resource or
use the LAN connected NIC? In the example above I used a different
subnet for the off site and called the off site machine 'buckingham'.
I hope my question makes sense, still finding my feet here.
Please and thanks
*Paul O’Rorke*
Tracker Software Products
[email protected] <mailto:[email protected]>
On 9/25/2013 2:21 PM, Aaron Johnson wrote:
Yes you can add the stacked resource later, I have done this same thing several
times now by making the the device slightly larger first and using internal
metadata.
Also I have a DR site using protocol C and pull-ahead enabled without using
DRBD proxy. The main site and DR site are connected via cable modem
connections (10Mbit up/ 20 down both sides). The only thing I have troubles
with is if I need to add a large amount of data (50+ GB), which in my case is
fairly rare (daily norm is ~2GB), then it can take days or weeks to sync up
fully again. Also I used truck-based updates for the initial setup of ~1TB to
avoid having to pull all that over the internet link.
Thanks,
AJ
On Sep 25, 2013, at 7:54 AM, Lionel Sausin<[email protected]> wrote:
Le 25/09/2013 08:10,[email protected] a écrit :
The purpose you are talking about, sounds more as the purpose DRBD Proxy has
been developed for
www.linbit.com/en/products-and-services/drbd-proxy
Yes and no, my understanding is that DRBD-proxy lets your production cluster
run faster than the connection speed by acting like a write cache.
But if I'm not mistaken you still need a stacked configuration for 3 node
setups until v9.0 is released.
Someone please correct me if that's wrong of course.
Lionel Sausin
_______________________________________________
drbd-user mailing list
[email protected]
http://lists.linbit.com/mailman/listinfo/drbd-user
_______________________________________________
drbd-user mailing list
[email protected]
http://lists.linbit.com/mailman/listinfo/drbd-user
_______________________________________________
drbd-user mailing list
[email protected]
http://lists.linbit.com/mailman/listinfo/drbd-user
