On Tue, 3 Jul 2007, Jacob Smullyan wrote: > Joseph Mack NA3T wrote: >> On Tue, 3 Jul 2007, Tim Mooney wrote: >> >> >>> In regard to: [lvs-users] arp_ignore issues, Jacob Smullyan said (at >>> 5:48pm...: >>> >>> >>>> Hi -- >>>> >>>> I have an LVS-DR cluster that has been running for >>>> years; its realservers have linux 2.4 kernels and I use >>>> the noarp module to hide the VIP. I now want to add >>>> realservers with 2.6 kernels (2.6.20 at the moment), >>>> and am attempting to use arp_ignore and arp_announce to >>>> solve the arp problem as follows: >>>> >>>> # from sysctl.conf >>>> net.ipv4.conf.all.arp_ignore = 1 >>>> net.ipv4.conf.all.arp_announce = 2 >>>> net.ipv4.conf.eth0.arp_ignore=1 >>>> net.ipv4.conf.eth1.arp_ignore = 1 >>>> net.ipv4.conf.eth0.arp_announce = 2 >>>> net.ipv4.conf.eth1.arp_announce = 2 >>>> >>> We're using >>> >>> net.ipv4.conf.lo.arp_ignore = 1 >>> net.ipv4.conf.lo.arp_announce = 2 >>> net.ipv4.conf.all.arp_ignore = 1 >>> net.ipv4.conf.all.arp_announce = 2 >>> >> >> it's in the HOWTO as well >> >> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.arp_problem.html#2.6_arp > That HOWTO says: > > On the realservers the VIP will still be on lo (as for the hidden > method). If the reply packets to the client are routed through eth0, > then the arp announcements/requests are made through eth0 and you > will apply the arp_ignore/arp_announce sysctls to eth0, not to lo > (you cannot use arp_ignore/arp_announce on lo). > > Mr. Mooney's settings apply the sysctls to lo, however. I think my > settings, above, are consistent with the HOWTO -- or am I mistaken?
Hmm. Seems I've flubbed up. Apologies all round. I looked at Tim's posting and then looked at the HOWTO and thought they were identical. I now look at the HOWTO to find they're not at all and that you've used it as is done in the HOWTO. (I remember the HOWTO was wrong for a while, I think acting on lo, which added to my confusion. I don't know how Tim's machine is working then.) In that case to answer your original posting > eth0 and eth1 both have real network interfaces; there are > no others. are both facing the router that delivers the packets to the VIP? I think you only need arp_ignore/announce on the interface that hears the arp requests. > I gather I'm supposed to add the VIP nowadays > on lo. It's the place we've always put it. > So, having enabled the above options, I attempt to > add the VIP like so: > > ifconfig lo:0 $VIP > > When this happens, the existing interfaces go beserk; my > ssh connection to the machine begins to drop most packets, > and I am lucky to get enough packets across to bring down > lo:0, which restores the network to sanity. Using > iproute2: > > ip address add $VIP dev lo > > the same thing occurs, and is remedied the same way (by > taking the VIP off the lo interface). > > Is it obvious to anyone what I am doing wrong? Have you tried with the correct netmask/broadcast address (the VIP on lo has to be on a /32 network). Joe -- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack (at) wm7d (dot) net - azimuthal equidistant map generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux! _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
