Hi, Could you please repost. This is really unreadable.
Thanks, Dejan On Wed, Nov 14, 2007 at 10:30:54PM +0000, North Country Boy wrote: > I will just bump this the once. Does anybody have any suggestions that may > help?Thanks in advance > > > From: [EMAIL PROTECTED]> To: [email protected]> Subject: RE: > > [Linux-HA] HA Firewall> Date: Sun, 4 Nov 2007 21:59:13 +0000> > Sorry for > > the delay, > > Please find attached configs. Its a curious problem...> > > > > > > Subject: Re: [Linux-HA] HA Firewall> From: [EMAIL PROTECTED]> To: > > [email protected]> Date: Mon, 29 Oct 2007 10:38:30 -0500> > On > > Thu, 2007-10-25 at 22:23 +0100, North Country Boy wrote:> > Ok ok, I admit. > > I dont get it!!!!> > > > I am trying to config a simple HA firewall and it > > just isnt working to how I had imagined.> > > > Ok here is the deal.> > > > > > The Firewall has two interfaces> > > > 1) Internal interface eth1 > > 192.168.0.254> > > > 2) External Interface eth0 195.63.63.100, > > 195.63.63.101, 195.63.63.102> > > > The plan would be that in the event of > > failure, these IP addresses as well as an iptables script would be brought > > online on the second box.> > > > The story so far....> > > > Because I am > > new to this, I wanted to take things nice and slowly and realise the full > > solution in stages so that I could learn & understand. I decided to test a > > simple failover with one ip just using the external interface.> > > > I > > added a second nic to both machines (node1 & node2) and got heartbeat > > working no problem. Using the verison 1 haresource file, I added the > > following line> > > > node1 195.63.63.101> > > > In the ha.cf file I added> > > > > > ping 195.63.63.254 (an external router accessible by both nodes)> > > > > > Also I added the ipfail command.> > > > Ok so heartbeat all looks good so > > far, the new address 195.63.63.101 is added as eth1:0 > > > > No I prevent > > access to the external router from node1, it recognises that it can no > > longer reach 195.63.63.254 in the logs, whilst node 2 says and does > > nothing. huh????> > I thought that at this point, ipfail flags a failure > > and the failover process begins????> > > > Conicidentally, pulling the > > heartbeat cable causes the failover to happen perfectly (which is nice to > > know).> > > > So now I am left wondering... If my external eth0 card fails, > > this isnt enough to cause failover?> > Yes, if things are configured > > correctly.> > I have been dealing with v2 only, so I won't be able to help > > you with> your configs, but I did play with v1 a tiny bit and I remember > > ipfail> working fine.> > Speaking of configs, you should post your ha.cf > > and haresources files> along with logs. I believe the list prefers > > attachments rather than> inline.> > [...]> > -- > Matt Zagrabelny - [EMAIL > > PROTECTED] - (218) 726 8844> University of Minnesota Duluth> Information > > Technology Systems & Services> PGP key 1024D/84E22DA2 2005-11-07> > > Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2> > He is not > > a fool who gives up what he cannot keep to gain what he cannot> lose.> -Jim > > Elliot> _________________________________________________________________> > > Get free emoticon packs and customisation from Windows Live. > > > http://www.pimpmylive.co.uk > _________________________________________________________________ > The next generation of MSN Hotmail has arrived - Windows Live Hotmail > http://www.newhotmail.co.uk_______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
