arp could help. But your best option is to use heartbeat / pacemaker, and deploy hard fencing such as a networked PDU, or a managed switch.
On Fri, May 2, 2014 at 8:27 AM, John Lauro <[email protected]> wrote: > Any reason not just using heartbeat on the two nodes? (yum install heartbeat) > Then setup multiple interfaces between the two servers and let heartbeat > bring services up/down as needed, and heartbeat can control which node has > the secondary ip address active, etc. > > > ----- Original Message ----- >> From: "Nico Kadel-Garcia" <[email protected]> >> To: "CS_DBA" <[email protected]> >> Cc: "Scientific Linux Users" <[email protected]> >> Sent: Friday, May 2, 2014 8:02:05 AM >> Subject: Re: Network question - disable access to an IP without running >> ifdown ? >> >> Don't use the main IP address for your traffic. Use a secondary, >> virtual IP address on the same port or ports, say "ifcfg-eth0:1", and >> tie it to any of the common VIP monitoring packages such as is used >> by >> the master-master-mysql monitoring program. Basically, they >> communicate over the available, primary IP address. If it's down, the >> secondary VIP is kept down. When the primary address comes back down, >> they negotiate over the primary address about which host to enable >> the >> secondary VIP on. >> >> On Thu, May 1, 2014 at 12:31 PM, CS_DBA <[email protected]> >> wrote: >> > Hi All; >> > >> > we have a failover tool (for a database) that pings te master and >> > if it's >> > not responding runs ifdown over ssh to bring an ip alias down, then >> > runs >> > ifup of the alias on the standby node. >> > >> > A possible issue would be if the master was not reachable, thus the >> > ifdown >> > fails and once the master becomes available again then we have 2 >> > nodes with >> > the ip alias and we risk a split brain issue >> > >> > Is there a way to disable any traffic from getting to the old >> > master via >> > commands we can run outside of the master server? >> > >> > Thanks in advance >>
