>>> "Ed Brown" <[EMAIL PROTECTED]> 01/19/06 10:32 AM >>> On Wed, 2006-01-18 at 22:26 -0500, PAUL WILLIAMSON wrote:
> > Thanks for that link. What I want to do is create a > > public/private key bound to a specific ip address (the vip), > > then utilize the BindToInterface to bind the communication > > to that same interface. Does this make sense? > > There is some tight coupling in cfengine between ip address > and hostname as returned by the system and reverse dns > lookup. Problems in these areas, as with dual-homed hosts, > can often be dealt with by using BindToAddress or SkipIdentify. > But wanting to use the same ip on different hosts is pretty > unusual. I'd ask WHY you want to do this, when you said both > hosts also have fixed addresses, in addition to the 'floating' vip. > I have a hard time imagining how this would work. For one > example, you would be limited to running cfagent on one box or > the other, never both at the same time, never on a fixed schedule. I think you are misunderstanding me. I don't want an ip address to float between to hosts, I want the ip address to float between two interfaces on the same host. I want this because it is our enterprise syslog server, connected to two different switches with the idea that if one switch goes down, the server will still be up. We have tested this and it works perfectly fine. The host name on the vip matches DNS. The other two ip addresses are tied to dns entries (servername-1 and servername-2) as well, but a uname returns just servername. I think the problem is that cfkey is generating the hash based on something other than the ip address/hostname combination that communication is happening. As for the other situation - we have that (IBM HACMP) - a highly fault tolerant cluster of servers, individual as they may be, but the application running on them is written so that if one host fails, one of the others in the cluster picks up right where the other one left off. That doesn't change the fact that the servers are individually configured from an administration standpoint. BUT, (and that's a big BUT), I have not been given the go ahead to install cfengine on that until I get this issue solved. Paul _______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
