Am Sonntag, 13. Juni 2010 05:38:19 schrieb Vadym Chepkov: > Hi, > > I think there is a bug in IPaddr2 RA. > If parameter unique_clone_address set to "true" and meta > globally-unique="true", there is no reason to install any iptables rules, > since each node will have it's own unique IP. for example: > > primitive ip ocf:heartbeat:IPaddr2 \ > params nic="eth0" ip="10.10.10.22" cidr_netmask="32" > unique_clone_address="true" > > clone ips ip \ > meta globally-unique="true" > > # ip addr show > 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen > 1000 link/ether 00:16:36:b7:43:e4 brd ff:ff:ff:ff:ff:ff > inet 10.10.10.19/24 brd 10.10.10.255 scope global eth0 > inet 10.10.10.23/32 brd 10.10.10.23 scope global eth0 > > # iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > CLUSTERIP all -- anywhere 10.10.10.23 CLUSTERIP > hashmode=sourceip-sourceport clustermac=79:A4:08:46:5D:6B total_nodes=3 > local_node=2 hash_init=0 > > As a result only one out of 3 virtual IPs is available, not something I was > expecting. > > Thanks, > Vadym > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems
Hi, when cloning IP addresses every node gets the same IP address and netfilters CLONEIP feature is used to figure out which node handles which traffic. See man iptables. Did this answer your question? -- Dr. Michael Schwartzkopff MultiNET Services GmbH Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany Tel: +49 - 89 - 45 69 11 0 Fax: +49 - 89 - 45 69 11 21 mob: +49 - 174 - 343 28 75 mail: [email protected] web: www.multinet.de Sitz der Gesellschaft: 85630 Grasbrunn Registergericht: Amtsgericht München HRB 114375 Geschäftsführer: Günter Jurgeneit, Hubert Martens --- PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
