Hi all, I have a two node setup. Both nodes are directly connected to the internet, so they have their own offical IP's and default gateways. On top of this I have a failover IP address which is assigned to one of the nodes and can be switched over for failover reasons.
The nodes are also directly connected by a separate NIC used for pacemaker and drbd stuff. I'm sharing a private subnet between these nodes where my services (apache, postfix, mysql etc.) are listening. It's set up this way because I'd like to use both nodes concurrently for performance reasons (mysql on the left, apache on the right) and because I can arrange externally reachable services on both nodes and route the packets between them. Nevertheless, one big disadvantage here is that I need internal NATing to forward incoming requests (active failover IP) from one node to the internal address of a service which may be running on the other node. To (hopefully) make things better I started using the ldirectord service that manages the packet forwarding (NAT). Now we're getting close to my question: If the ldirectord and a managed service (let's say vsftpd) are on the same node, everything is fine. But if vsftpd is on a different node, I need a ocf:heartbeat:Route resource to set a special gateway in a separate routing table on both nodes so that the packets find their way back to the director. This setup is running fine if it's configued manullay, but of course I need this to be done automatically. I'm thinking about some kind of a location rule that should be usable on both nodes like this: - IF pri_ldirectord != ishere OR pri_vsftpd != ishere => start cloned_route here - IF pri_ldirectord == ishere AND pri_vsftpd == ishere => do not start cloned_route at all It seem like I'm stuck here. Either I just can't find the correct syntax or I've completely lost my way. Maybe someone here can point me to the right direction? Or: The there a different (better) way to set this all up? Regards, Thomas _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
