Hi Christof, could you send me your last hb_report and a copy of your whitepaper in DOC-Format ? I will take a look ...
Thanks ! Nikita Michalko Am Donnerstag, 7. August 2008 17:26 schrieb [EMAIL PROTECTED]: > I apologize in advance for the top posting and the horrible web based > e-mail.... I'm on the road. > > > I wrote a whitepaper/book about building Internet firewalls using Linux > based systems, and have been keeping it up until relatively recently. It > includes a chapter on using Heartbeat in order to manage an active/passive > firewall setup. The book itself is centered around RHEL/CentOS, but the > majority of it would work for pretty much any Linux distribution. > > The main reason I haven't been keeping it up is that I am working on the > "Second Edition" of it. The original was based around the 4.x version of > RHEL/CentOS. The new version will be based around the 5.x version. > > > Another important note is that in the old version, it uses 2.0.8 of > Heartbeat. The new version will be using 2.1.3, but the config files, at > least as far as a firewall is concerned, look like they will be the same. > > I'd be more than happy to send you a copy. I can either send you the PDF > of it or the DOC version of it. > > > Dear list members, > > at the moment I try to setup a linux cluster of 2 firewalls that should > both be online and only one should run virtual ip addresses of all > network segments. > > My configuration looks like the following: > master fw is linux (uname) and slave is idefix. I generated a > resource group called grp_vips that contains all virtual ip > resources (rsc_int_vip and rsc_ext_vip). If I reboot the master (linux) > idefix takes over all resources and everything is ok, but if I > shutdown a resource (rsc_int_vip) on the master the second resource > (rsc_ext_vip) migrates to the slave (idefix) and the first resource > (rsc_int_vip) stays at the master (linux) as unmanaged. Attached are the > ha.cf and cib.xml files of my configuration. > > What I want to achieve is: > - one dedicated master (linux), only, if there are problems > switch to the slave (idefix) > - if the master comes back (or only the interface that was gone) > the whole group should migrate > back to the primary master (linux) > - if one resource of the group goes down, the whole group should > be migrated to the slave > (collocated = true of the group is already set) > - if possible, the slave should become master (to always have > the master where the resources are running > > One feature I detected also with my init scripts on Opensuse 10.3 is > that heartbeat sometimes (80%) > does not start because the network is not ready. I downloaded heartbeat > rpms from the linux-ha download > site and I'm using heartbeat 2.1.3. > > Any hints how I can achieve what I want are highly appreciated. > > Thank you for your help. > > Best regards > > Christof > > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
