* ben <[EMAIL PROTECTED]> [2006-08-24 21:11]: > I just spent more time than I would have liked to searching for info > on providing HA/LB via CARP (and possibly other tools) for individual > services (such as http) rather than IP addresses. I was surprised to > find just about nothing on the topic since it seems like something > people would want to use CARP for. > > For example, lets say I have two machines set up as web servers, > sharing an IP address and load balanced with CARP. The httpd on one > host dies but it's interface is fine. > > Doesn't that mean CARP has no effect and approximately half the > requests going to the virtual host ip address will timeout? That > sucks.
yes. there's an interface now (in -current / will be in 4.0) for userland to to tell carp that "something" is broken. We call it demotion - and it's a counter, and it is included in the carp packet. When the demotion counter is > 0, the system acts like on interface is not master - it changes advskew to 240. As added bonus, the demotion counter is also included in the packet, and when all members if a carp group are at advskew=240, the one with the lowest demotion counter (="least damaged") becomes master. (also, demotion is per group - "carp" contains all carp interfaces. you could do crazy things with multiple carp groups...) bgpd makes use of that now. you can instruct bgpd to demote a certain group depending on the state of a session. when bgpd starts up and sees the demontion counter beeing nonzero (/etc/rc increases the demotion counter and decreses it again when it is done), it will increase the demotion counter when sessions configuured such are not established, and decrease it 60 seconds after the session is established. best explained in an example: your master bgpd router fails, slave takes over. master reboots. without the demotion stuff, it becomes master quickly after it is back up again, but bgpd doesn't have the sessions again yet - you are blackholing traffic. With the demotion stuff used properly, it will only become master again after it has its important sessions back up again and received and installed routes and such. Unless the slave is damaged (demoted) worse of course :) now, of course you can make use of that with some scriptery... aka no httpd running, increase demotion counter. not perfect, but can be extended. -- BS Web Services, http://www.bsws.de/, [EMAIL PROTECTED], [EMAIL PROTECTED] OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
