Adrian Chapela wrote:
Papp Tamás escribió:
Dear All,
I try to setup a HA firewall, still without real success.
I guess, I have to use pingd, the check, the connection is alive or not.
1.
I've made an example pingd resource with a host, which impossible to
ping and I see, the resource is still running? Why? How should it be
used? What could I make wrong?
The hosts are defined at ha.cf, example:
ping_group ping_nodes IP1 IP2
2. How can I tell to heartbeat, if any of the connection is not alive
(pingd fail), take all resources to the other node, so how all
resource (or just one, doesn't matter I guess) could depend on pingd.
I read http://www.linux-ha.org/pingd, but doesn't understand
everything, I mean, it's a bit too complicated for a beginner on this
subject:)
To move resources because network is down, you need to define a
constraint. Example:
<rsc_location id="my_resource:loc" rsc="resource_name">
<rule id="my_resource:connected:rule" score="-INFINITY"
boolean_op="or">
<expression id="my_resource:connected:expr:undefined"
attribute="pingd" operation="not_defined"/>
<expression id="my_resource:connected:expr:zero"
attribute="pingd" operation="lte" value="0"/>
</rule>
</rsc_location>
To use pingd you need to define a clone of pingd. All instructions is
for a V2 Heartbeat cluster mode.
Thank you very much both of you.
This is not strongly heartbeat related, but I hope, you know the answer.
Unfortunately I'm not a routing expert.
I wrote, this will be a 'failover' firewall/router. Do I need to move
the IP address of the interface on the side of the internet, or it's
enough to move on the side of the subnets?
So does the ISP routes our IP subnet behand my router's IP address, or
my router says, IT is it (I think, the forst one is the right).
Thank you,
tamas
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
