On 2012-08-29T10:15:50, Ulrich Windl <[email protected]> wrote:
> The network guys say no. Should "arp" show the Cluster-IP? I cannot see it,
> so I wonder if something's wrong.
Well, you should see the MAC/IP mapping in the arp table if the host is
on the same ethernet segment, yes. Otherwise the host doesn't know where
to send the packets to.
You should see the ARP responses come in with tcpdump/wireshark.
> Could the "martian source" thing be responsible? I see this for the ARPs:
> Aug 29 09:21:35 o1 kernel: [ 1261.556861] martian source 172.20.3.59 from
> 172.20.3.59, on dev br0
That's difficult to comment on without knowing if "o1" is the gateway
router, one of the servers, or one of the clients on the network, and
what the network interfaces are like.
> BTW: Inspecting the RA, I found a small problem with the MAC address:
> IF_MAC=`echo $OCF_RESKEY_ip $NETMASK $BRDCAST | \
> md5sum | \
> sed -e 's#\(............\).*#\1#' \
> -e 's#..#&:#g; s#:$##' \
> -e 's#^\(.\)[02468aAcCeE]#\11#'`
>
> Specifically in "#\11#", shouldn't that be "#\13#"? (MAC & 1) is the I/G-bit,
> while (MAC & 2) is the U/L-bit. So if the address is locally assigned
> (Administered) (which I guess is), the bit should be also set (says
> Wikipedia).
Probably, but this doesn't really matter nor affect your problem.
> > Can you get the network trace of the arp traffic on the router into the
> > subnet when an outside ping comes in?
> I see this on the host (one cluster node):
> o1:~ # tcpdump -p -i br0 -s100 -v -n host 172.20.3.59
Are you trying to reach the cluster IP from one of the cluster nodes
itself? I'm not sure that will work.
> tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 100 bytes
> 09:43:38.305460 arp who-has 172.20.3.59 tell 172.20.3.62
> 09:43:38.305493 arp reply 172.20.3.59 is-at f1:e9:91:b1:b9:51
>
> (172.20.3.62 is the gateway)
That looks OK. You should check the ARP table on the gateway if it is
correctly updated with the address, though.
If you try to ping the cluster IP from a client, what does tcpdump show
on the servers/gateway? Do you see the ICMP ECHO REQUEST go to the
cluster IP with the above MAC? How do the servers respond?
> Packets also arrive via broadcast:
> 09:45:03.826371 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP
> (17), length 271) 172.20.3.59.138 > 172.20.3.63.138: NBT UDP PACKET(138)
> 09:45:13.836608 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP
> (17), length 271) 172.20.3.59.138 > 172.20.3.63.138: NBT UDP PACKET(138)
You have traffic *from* the cluster IP to the broadcast address of your
network? That looks wrong. All nodes are likely to log a martian source
for that one (since they're getting traffic from a locally bound IP). To
communicate internally in the cluster, Samba should use one of the local
IP addresses.
The cluster IP is only useful for communicating with the outside world,
not inside the cluster itself.
> Still don't know where to start debugging.
Start with something simpler than Samba, see if the CIP can be pinged
from the outside and what happens there.
Regards,
Lars
--
Architect Storage/HA
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB
21284 (AG Nürnberg)
"Experience is the name everyone gives to their mistakes." -- Oscar Wilde
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
