[Openais] pingd - monitoring different subnet

Thu, 25 Nov 2010 11:28:11 -0800 

Hi, I am looking to setup a monitoring of gre/tunnel interface of our clustered 
firewall.

Both firewall do have a gre/ipsec tunnel to a another host/site.
What I would like to do is to add a pingd ressource which will monitor the 
other endpoint of the gre tunnel. fw01 and fw02 share the same internet 
connection, however to make the routing redundant I created a gre tunnel per 
fw, so obviously they both have different set of ip. Here's a brief diag..

fw01<-->gre(172.20.1.11/32)<-->gre(172.20.1.10)<-->ipsec1
fw02<-->gre(172.20.1.21/32)<-->gre(172.20.1.20)<-->ipsec2

I have tried the following, hoerver it look like when it failover to the other 
system the ressource is started on the other firewall.

primitive conn-check-gre-fw01 ocf:pacemaker:pingd \
        params host_list="172.20.1.11" multiplier="100" \
        op monitor interval="15s" timeout="5s" dampen="6s"
primitive conn-check-gre-fw02 ocf:pacemaker:pingd \
        params host_list="172.20.1.22" multiplier="100" \
        op monitor interval="15s" timeout="5s" dampen="6s"
location fw01-check-gre conn-check-gre-fw01 inf: fw01
location fw02-check-gre conn-check-gre-fw02 inf: fw02

What I want to do is ..

conn-check-gre-fw01 should be started only on fw01
conn-check-gre-fw02 should be started only on fw02

if one of the 2 ressource failed, the other firewall should takeover for other 
defined ressource, but those 2 ressource shouldn't redundant/started on the 
other node

     -Luc


CONFIDENTIALITY CAUTION 
This e-mail and any attachments may be confidential or legally privileged. If 
you received this message in error or are not the intended recipient, you 
should destroy the e-mail message and any attachments or copies, and you are 
prohibited from retaining, distributing, disclosing or using any information 
contained herein. Please inform us of the erroneous delivery by return e-mail. 
Thank you for your cooperation.
DOCUMENT CONFIDENTIEL 
Le présent courriel et tout fichier joint à celui-ci peuvent contenir des 
renseignements confidentiels ou privilégiés. Si cet envoi ne s'adresse pas à 
vous ou si vous l'avez reçu par erreur, vous devez l'effacer. Vous ne pouvez 
conserver, distribuer, communiquer ou utiliser les renseignements qu'il 
contient. Nous vous prions de nous signaler l'erreur par courriel. Merci de 
votre collaboration.
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais

Reply via email to