Hi, my enviroments is
 two server in HA 10.6.10.46 (real server 1)10.6.10.47 (real server 
2)10.6.10.48 (virtual server for snmp)10.6.10.41 (virtual server for splunk)
the master is 10.6.10.46
and load balancing using keepalived with the following conf
global_defs {
   notification_email   {
     u025243@*
                        }
   notification_email_from u025243@*
   smtp_server 192.168.62.8
   smtp_connect_timeout 30
   lvs_id LVS_DEVEL
            }
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 10
priority 101   # 101 on master, 100 on backup
virtual_ipaddress       {
                            10.6.10.41
                            10.6.10.48
                        }
notify_master "/etc/keepalived/notify.sh del 10.6.10.41"
notify_backup "/etc/keepalived/notify.sh add 10.6.10.41"
notify_fault "/etc/keepalived/notify.sh add 10.6.10.41"
notify_master "/etc/keepalived/notify.sh del 10.6.10.48"
notify_backup "/etc/keepalived/notify.sh add 10.6.10.48"
notify_fault "/etc/keepalived/notify.sh add 10.6.10.48"


}


virtual_server 10.6.10.41 8089{
    delay_loop 6
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP! rela server 1
    real_server 10.6.10.46 8089 {
                                    weight 1
                                    TCP_CHECK   {
                                                    connect_port 8089
                                                    connect_timeout 3
                                                }
                                }
! real server #2...
    real_server 10.6.10.47 8089 {
                                    weight 1
                                    TCP_CHECK   {
                                    connect_port 8089
                                    connect_timeout 3
                }
                                }
}

virtual_server 10.6.10.48 162 {
    delay_loop 6
    lb_algo rr
    !lb_algo lc
    lb_kind DR
    nat_mask 255.255.255.0
    !persistence_timeout 1
    protocol UDP

    ! specify our real servers' IP addresses and ports
    real_server 10.6.10.46 162 {
                                    weight 1
                                    MISC_CHECK  {
                                                    connect_timeout 3
                                                    misc_path 
"/etc/keepalived/snmptrapd_check.sh"
                                                }
                                }
! real server #2...
    real_server 10.6.10.47 162 {
                                    weight 1
                                    MISC_CHECK  {
                                                    connect_timeout 3
                                                    misc_path 
"/etc/keepalived/snmptrapd_check_remote.sh"
                                                }
                                }
}


first server owns 10.6.10.48 and receives the traps i send. Using RR scheduling 
algorithm it forwards to the real server 10.6.10.46  (same machine) and 
10.6.10.47. 10.6.10.46 is the same that owns 10.6.10.48
the second real server receives (via round robin) the traps, but it doesn't log 
anything
via tcpdump i can see on the second (10.6.10.47) the correct udp packet 
forwarded by load balancer

10:44:45.807257 IP (tos 0x0, ttl 60, id 0, offset 0, flags [DF], proto UDP 
(17), length 120)
    10.7.0.108.59378 > 10.6.10.48.snmptrap: [udp sum ok]  { SNMPv2c { 
V2Trap(77) R=877474700  system.sysUpTime.0=608461 S:1.1.4.1.0=E:8072.2.3.0.1 
E:8072.2.3.2.1=9998 } } 
        0x0000:  4500 0078 0000 4000 3c11 1fcd 0a07 006c
        0x0010:  0a06 0a30 e7f2 00a2 0064 e5fe 305a 0201
        0x0020:  0104 0670 7562 6c69 63a7 4d02 0434 4d33
        0x0030:  8c02 0100 0201 0030 3f30 0f06 082b 0601
        0x0040:  0201 0103 0043 0309 48cd 3019 060a 2b06
        0x0050:  0106 0301 0104 0100 060b 2b06 0104 01bf
        0x0060:  0802 0300 0130 1106 0b2b 0601 0401 bf08
        0x0070:  0203 0201 0202 270e
but snmptrapd (started with -d option) doesn't dump any packet

any idea?
thanks
Luca 
 



------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to