Hi, On Thu, Nov 15, 2007 at 02:50:25PM +0000, North Country Boy wrote: > Hi, Could you please repost. This is really unreadable. Thanks, Dejan > > Of course, many thanks in advance > > --- original message --- > > Ok ok, I admit. I dont get it!!!! I am trying to config a > simple HA firewall and it just isnt working to how I had > imagined. Ok here is the deal. The Firewall has two interfaces > 1) Internal interface eth1 192.168.0.254 2) External Interface > eth0 195.63.63.100, 195.63.63.101, 195.63.63.102 The plan would > be that in the event of failure, these IP addresses as well as > an iptables script would be brought online on the second box. > The story so far.... Because I am new to this, I wanted to take > things nice and slowly and realise the full solution in stages > so that I could learn & understand. I decided to test a simple > failover with one ip just using the external interface. I added > a second nic to both machines (node1 & node2) and got heartbeat > working no problem. Using the verison 1 haresource file, I > added the following line node1 195.63.63.101 In the ha.cf file > I added ping 195.63.63.254 (an external router accessible by > both nodes) Also I added the ipfail command. Ok so heartbeat > all looks good so far, the new address 195.63.63.101 is added > as eth1:0
> No I prevent access to the external router from > node1, it recognises that it can no longer reach 195.63.63.254 > in the logs, whilst node 2 says and does nothing. huh???? I > thought that at this point, ipfail flags a failure and the > failover process begins???? Yes, it should. > Conicidentally, pulling the > heartbeat cable causes the failover to happen perfectly (which > is nice to know). So now I am left wondering... If my external > eth0 card fails, this isnt enough to cause failover? Definitely it is. > Now I am > guessing 3 things. 1) I have missed the point 2) I have missed > something obvious 3) One of you kind hearted souls can see the > which of the previous points is correct! :-) Can't say. Your config looks OK. Could you provide the logs too. Thanks, Dejan > _________________________________________________________________ > Celeb spotting – Play CelebMashup and win cool prizes > https://www.celebmashup.com > node1 195.63.63.101 > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
