Re: From analysis of a simple ifstated.conf to more compex example
Do ypu mean that only carp0 is defined on both servers and it has
three different IPs?
How is it possible to define them so they are set for ftp, tftp and
scp separately for the defined IPs?
Kind regards,
Peter
On 21/02/2012, Damien Fleuriot m...@my.gd wrote:
To be honest, I'm not sure it's a good idea to use different *interfaces*.
Why don't you set multiple IPs on a single carp interface instead ?
On 21 Feb 2012, at 08:29, peter knezel peter.kne...@gmail.com wrote:
Hello Damien,
preemption is set on both systems, so when master server goes down or
any CARP interface on master
goes down, slave becomes master (but only on the CARP interface if
only that went down).
Can you have a look at my previous question??:
if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
Thanks and kind regards,
Peter
On 16/02/2012, Damien Fleuriot m...@my.gd wrote:
Preemption is used to ensure that, if a CARP interface goes down on host
A, host B will then assume mastership for all interfaces.
It prevents the nasty situation where you'd have, for example:
Public IP: master on host A
Private IP: master on host B
servers behind firewalls hosts A and B:
- traffic arrives on host A which creates a PF state
- servers reply via their default gateway, the CARP IP now master on host
B
Host B doesn't have a state for the traffic, drops it.
To enable preemption you need to run sysctl net.inet.carp.preempt=1 and
add the corresponding line to your sysctls file in etc.
On 2/15/12 7:04 PM, peter knezel wrote:
Well,
I am not fully familiar with CARP, but if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
BTW, what is CARP preemption and how is it possible to enable it?
Kind regards,
Peter
On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp
interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and
if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd
mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated
works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and
if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and
carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh
and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep
carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that
reacts when:
any one of the carp interfaces is down - followed by
another any
other carp interface down
I tried to define states:
duu =!carp0.link.up
Re: From analysis of a simple ifstated.conf to more compex example
Yes, I do mean you can have several IPs on a single CARP interface, see the example below: carp17: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 46.182.41.72 netmask 0x inet 46.182.41.76 netmask 0x inet 46.182.41.77 netmask 0x inet 46.182.41.78 netmask 0x inet 46.182.41.79 netmask 0x inet 46.182.41.80 netmask 0x inet 46.182.41.81 netmask 0x inet 46.182.41.82 netmask 0x inet 46.182.41.83 netmask 0x carp: MASTER vhid 117 advbase 1 advskew 100 See the rc.conf bit where I set the IPs: # WAN CARP ipv4_addrs_carp17=46.182.41.72/32 46.182.41.76/32 46.182.41.77/32 46.182.41.78/32 46.182.41.79/32 46.182.41.80/32 46.182.41.81/32 46.182.41.82/32 46.182.41.83/32 ifconfig_carp17=vhid 117 pass [removed] advskew 100 Regarding dedicating a given IP to a given service, you are supposed to do that in the service's configuration, when telling it which IP address to bind to. You can also use pf or ipfw to filter the services allowed on a given IP. On 2/21/12 11:48 AM, peter knezel wrote: Do ypu mean that only carp0 is defined on both servers and it has three different IPs? How is it possible to define them so they are set for ftp, tftp and scp separately for the defined IPs? Kind regards, Peter On 21/02/2012, Damien Fleuriot m...@my.gd wrote: To be honest, I'm not sure it's a good idea to use different *interfaces*. Why don't you set multiple IPs on a single carp interface instead ? On 21 Feb 2012, at 08:29, peter knezel peter.kne...@gmail.com wrote: Hello Damien, preemption is set on both systems, so when master server goes down or any CARP interface on master goes down, slave becomes master (but only on the CARP interface if only that went down). Can you have a look at my previous question??: if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? Thanks and kind regards, Peter On 16/02/2012, Damien Fleuriot m...@my.gd wrote: Preemption is used to ensure that, if a CARP interface goes down on host A, host B will then assume mastership for all interfaces. It prevents the nasty situation where you'd have, for example: Public IP: master on host A Private IP: master on host B servers behind firewalls hosts A and B: - traffic arrives on host A which creates a PF state - servers reply via their default gateway, the CARP IP now master on host B Host B doesn't have a state for the traffic, drops it. To enable preemption you need to run sysctl net.inet.carp.preempt=1 and add the corresponding line to your sysctls file in etc. On 2/15/12 7:04 PM, peter knezel wrote: Well, I am not fully familiar with CARP, but if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? BTW, what is CARP preemption and how is it possible to enable it? Kind regards, Peter On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd wrote: Sorry about the late reply, didn't see yours. What about enabling CARP preemption to ensure that when a carp interface goes down, the whole set does ? On 2/7/12 9:13 PM, peter knezel wrote: Hello Damien, I did read your example but cannot get idea from it. For three interfaces you have much more possibilities. Imagine you start the server from uuu state which is equal to net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig -a -u |grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2 /dev/null every 3)' Now you put down one carp interface - so system is in state : *state one:* (duu) || (udu) || (uud) which is same as !$net run script1.sh go to twoff now imagine, you put down any other carp interface: *state twoff: * (dud) || (ddu) || (udd) run script2.sh go to two *state two: * put all interfaces up run script3.sh go to state one it means, this is one of the possibilities system can behave (this situation does not describe all possible states - I have taken this special example.) Now if you want to put up after putting down one carp interface, you fail since it is in state twoff. Only of you put down second carp interface it goes to state two and if you put both up, it will go to state one. This is where my ifstated.conf fails to work. Kind regards, Peter Knezel On 7 February 2012 17:02, Damien Fleuriot m...@my.gd mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd wrote: On 2/7/12 3:36 PM, peter knezel wrote: Hello all, I would like to ask somebody to explain me how the ifstated works according to the following configuration file. I have three virtual carp interfaces carp0,carp1 and carp2. I try to understand the following setting: The
Re: From analysis of a simple ifstated.conf to more compex example
Thanks Damien for the example. In this case when I have only one carp interface, it is much easier to define the states in ifstated, isn't? It is either up or not and no other states are needed to check. Regards, Peter On 21/02/2012, Damien Fleuriot m...@my.gd wrote: Yes, I do mean you can have several IPs on a single CARP interface, see the example below: carp17: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 46.182.41.72 netmask 0x inet 46.182.41.76 netmask 0x inet 46.182.41.77 netmask 0x inet 46.182.41.78 netmask 0x inet 46.182.41.79 netmask 0x inet 46.182.41.80 netmask 0x inet 46.182.41.81 netmask 0x inet 46.182.41.82 netmask 0x inet 46.182.41.83 netmask 0x carp: MASTER vhid 117 advbase 1 advskew 100 See the rc.conf bit where I set the IPs: # WAN CARP ipv4_addrs_carp17=46.182.41.72/32 46.182.41.76/32 46.182.41.77/32 46.182.41.78/32 46.182.41.79/32 46.182.41.80/32 46.182.41.81/32 46.182.41.82/32 46.182.41.83/32 ifconfig_carp17=vhid 117 pass [removed] advskew 100 Regarding dedicating a given IP to a given service, you are supposed to do that in the service's configuration, when telling it which IP address to bind to. You can also use pf or ipfw to filter the services allowed on a given IP. On 2/21/12 11:48 AM, peter knezel wrote: Do ypu mean that only carp0 is defined on both servers and it has three different IPs? How is it possible to define them so they are set for ftp, tftp and scp separately for the defined IPs? Kind regards, Peter On 21/02/2012, Damien Fleuriot m...@my.gd wrote: To be honest, I'm not sure it's a good idea to use different *interfaces*. Why don't you set multiple IPs on a single carp interface instead ? On 21 Feb 2012, at 08:29, peter knezel peter.kne...@gmail.com wrote: Hello Damien, preemption is set on both systems, so when master server goes down or any CARP interface on master goes down, slave becomes master (but only on the CARP interface if only that went down). Can you have a look at my previous question??: if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? Thanks and kind regards, Peter On 16/02/2012, Damien Fleuriot m...@my.gd wrote: Preemption is used to ensure that, if a CARP interface goes down on host A, host B will then assume mastership for all interfaces. It prevents the nasty situation where you'd have, for example: Public IP: master on host A Private IP: master on host B servers behind firewalls hosts A and B: - traffic arrives on host A which creates a PF state - servers reply via their default gateway, the CARP IP now master on host B Host B doesn't have a state for the traffic, drops it. To enable preemption you need to run sysctl net.inet.carp.preempt=1 and add the corresponding line to your sysctls file in etc. On 2/15/12 7:04 PM, peter knezel wrote: Well, I am not fully familiar with CARP, but if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? BTW, what is CARP preemption and how is it possible to enable it? Kind regards, Peter On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd wrote: Sorry about the late reply, didn't see yours. What about enabling CARP preemption to ensure that when a carp interface goes down, the whole set does ? On 2/7/12 9:13 PM, peter knezel wrote: Hello Damien, I did read your example but cannot get idea from it. For three interfaces you have much more possibilities. Imagine you start the server from uuu state which is equal to net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig -a -u |grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2 /dev/null every 3)' Now you put down one carp interface - so system is in state : *state one:* (duu) || (udu) || (uud) which is same as !$net run script1.sh go to twoff now imagine, you put down any other carp interface: *state twoff: * (dud) || (ddu) || (udd) run script2.sh go to two *state two: * put all interfaces up run script3.sh go to state one it means, this is one of the possibilities system can behave (this situation does not describe all possible states - I have taken this special example.) Now if you want to put up after putting down one carp interface, you fail since it is in state twoff. Only of you put down second carp interface it goes to state two and if you put both up, it will go to state one. This is where my ifstated.conf fails to work. Kind regards, Peter Knezel On 7 February 2012 17:02, Damien Fleuriot m...@my.gd mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd wrote: On 2/7/12
Re: From analysis of a simple ifstated.conf to more compex example
Yes, that would enormously simplify your ifstated setup. I encourage you to try with a single interface and multiple IPs on it. Be careful to use /32 netmasks for your aliased IPs, people have run into trouble for using longer prefixes, like /24 for example. Also be careful when adding/removing IPs to the carp interfaces. If you don't have exactly the same IPs on both carp interfaces (server A and server B), then the hosts will consider them to be different CARP instances and they'll be MASTER on both firewalls. You don't want this, obviously. On 2/21/12 12:23 PM, peter knezel wrote: Thanks Damien for the example. In this case when I have only one carp interface, it is much easier to define the states in ifstated, isn't? It is either up or not and no other states are needed to check. Regards, Peter On 21/02/2012, Damien Fleuriot m...@my.gd wrote: Yes, I do mean you can have several IPs on a single CARP interface, see the example below: carp17: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 46.182.41.72 netmask 0x inet 46.182.41.76 netmask 0x inet 46.182.41.77 netmask 0x inet 46.182.41.78 netmask 0x inet 46.182.41.79 netmask 0x inet 46.182.41.80 netmask 0x inet 46.182.41.81 netmask 0x inet 46.182.41.82 netmask 0x inet 46.182.41.83 netmask 0x carp: MASTER vhid 117 advbase 1 advskew 100 See the rc.conf bit where I set the IPs: # WAN CARP ipv4_addrs_carp17=46.182.41.72/32 46.182.41.76/32 46.182.41.77/32 46.182.41.78/32 46.182.41.79/32 46.182.41.80/32 46.182.41.81/32 46.182.41.82/32 46.182.41.83/32 ifconfig_carp17=vhid 117 pass [removed] advskew 100 Regarding dedicating a given IP to a given service, you are supposed to do that in the service's configuration, when telling it which IP address to bind to. You can also use pf or ipfw to filter the services allowed on a given IP. On 2/21/12 11:48 AM, peter knezel wrote: Do ypu mean that only carp0 is defined on both servers and it has three different IPs? How is it possible to define them so they are set for ftp, tftp and scp separately for the defined IPs? Kind regards, Peter On 21/02/2012, Damien Fleuriot m...@my.gd wrote: To be honest, I'm not sure it's a good idea to use different *interfaces*. Why don't you set multiple IPs on a single carp interface instead ? On 21 Feb 2012, at 08:29, peter knezel peter.kne...@gmail.com wrote: Hello Damien, preemption is set on both systems, so when master server goes down or any CARP interface on master goes down, slave becomes master (but only on the CARP interface if only that went down). Can you have a look at my previous question??: if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? Thanks and kind regards, Peter On 16/02/2012, Damien Fleuriot m...@my.gd wrote: Preemption is used to ensure that, if a CARP interface goes down on host A, host B will then assume mastership for all interfaces. It prevents the nasty situation where you'd have, for example: Public IP: master on host A Private IP: master on host B servers behind firewalls hosts A and B: - traffic arrives on host A which creates a PF state - servers reply via their default gateway, the CARP IP now master on host B Host B doesn't have a state for the traffic, drops it. To enable preemption you need to run sysctl net.inet.carp.preempt=1 and add the corresponding line to your sysctls file in etc. On 2/15/12 7:04 PM, peter knezel wrote: Well, I am not fully familiar with CARP, but if the different carp interfaces are used for different purpose (ftp, tftp, scp), is it a good idea to put down all of them, if they are able to serve their purpose? BTW, what is CARP preemption and how is it possible to enable it? Kind regards, Peter On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd wrote: Sorry about the late reply, didn't see yours. What about enabling CARP preemption to ensure that when a carp interface goes down, the whole set does ? On 2/7/12 9:13 PM, peter knezel wrote: Hello Damien, I did read your example but cannot get idea from it. For three interfaces you have much more possibilities. Imagine you start the server from uuu state which is equal to net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig -a -u |grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2 /dev/null every 3)' Now you put down one carp interface - so system is in state : *state one:* (duu) || (udu) || (uud) which is same as !$net run script1.sh go to twoff now imagine, you put down any other carp interface: *state twoff: * (dud) || (ddu) || (udd) run script2.sh go to two *state two: * put all interfaces up run script3.sh go to state
Re: From analysis of a simple ifstated.conf to more compex example
Hello Damien,
preemption is set on both systems, so when master server goes down or
any CARP interface on master
goes down, slave becomes master (but only on the CARP interface if
only that went down).
Can you have a look at my previous question??:
if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
Thanks and kind regards,
Peter
On 16/02/2012, Damien Fleuriot m...@my.gd wrote:
Preemption is used to ensure that, if a CARP interface goes down on host
A, host B will then assume mastership for all interfaces.
It prevents the nasty situation where you'd have, for example:
Public IP: master on host A
Private IP: master on host B
servers behind firewalls hosts A and B:
- traffic arrives on host A which creates a PF state
- servers reply via their default gateway, the CARP IP now master on host B
Host B doesn't have a state for the traffic, drops it.
To enable preemption you need to run sysctl net.inet.carp.preempt=1 and
add the corresponding line to your sysctls file in etc.
On 2/15/12 7:04 PM, peter knezel wrote:
Well,
I am not fully familiar with CARP, but if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
BTW, what is CARP preemption and how is it possible to enable it?
Kind regards,
Peter
On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp
interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and
if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd
mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated
works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and
if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and
carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh
and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep
carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any
Re: From analysis of a simple ifstated.conf to more compex example
To be honest, I'm not sure it's a good idea to use different *interfaces*.
Why don't you set multiple IPs on a single carp interface instead ?
On 21 Feb 2012, at 08:29, peter knezel peter.kne...@gmail.com wrote:
Hello Damien,
preemption is set on both systems, so when master server goes down or
any CARP interface on master
goes down, slave becomes master (but only on the CARP interface if
only that went down).
Can you have a look at my previous question??:
if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
Thanks and kind regards,
Peter
On 16/02/2012, Damien Fleuriot m...@my.gd wrote:
Preemption is used to ensure that, if a CARP interface goes down on host
A, host B will then assume mastership for all interfaces.
It prevents the nasty situation where you'd have, for example:
Public IP: master on host A
Private IP: master on host B
servers behind firewalls hosts A and B:
- traffic arrives on host A which creates a PF state
- servers reply via their default gateway, the CARP IP now master on host B
Host B doesn't have a state for the traffic, drops it.
To enable preemption you need to run sysctl net.inet.carp.preempt=1 and
add the corresponding line to your sysctls file in etc.
On 2/15/12 7:04 PM, peter knezel wrote:
Well,
I am not fully familiar with CARP, but if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
BTW, what is CARP preemption and how is it possible to enable it?
Kind regards,
Peter
On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp
interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and
if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd
mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated
works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and
if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and
carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh
and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep
carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that
reacts when:
any one of the carp interfaces is down - followed by
another any
other carp interface down
I tried to define states:
duu =!carp0.link.up carp1.link.up carp2.link.up
udu =carp0.link.up !carp1.link.up carp2.link.up
uud =carp0.link.up carp1.link.up !carp2.link.up
ddu =!carp0.link.up !carp1.link.up
dud =!carp0.link.up !carp2.link.up
udd =!carp1.link.up
Re: From analysis of a simple ifstated.conf to more compex example
Preemption is used to ensure that, if a CARP interface goes down on host
A, host B will then assume mastership for all interfaces.
It prevents the nasty situation where you'd have, for example:
Public IP: master on host A
Private IP: master on host B
servers behind firewalls hosts A and B:
- traffic arrives on host A which creates a PF state
- servers reply via their default gateway, the CARP IP now master on host B
Host B doesn't have a state for the traffic, drops it.
To enable preemption you need to run sysctl net.inet.carp.preempt=1 and
add the corresponding line to your sysctls file in etc.
On 2/15/12 7:04 PM, peter knezel wrote:
Well,
I am not fully familiar with CARP, but if the different carp interfaces
are used for different purpose (ftp, tftp, scp), is it a good idea to
put down all of them, if they are able to serve their purpose?
BTW, what is CARP preemption and how is it possible to enable it?
Kind regards,
Peter
On 15 February 2012 18:25, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd
mailto:m...@my.gd mailto:m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated
works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and
if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and
carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh
and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep
carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that
reacts when:
any one of the carp interfaces is down - followed by
another any
other carp interface down
I tried to define states:
duu =!carp0.link.up carp1.link.up carp2.link.up
udu =carp0.link.up !carp1.link.up carp2.link.up
uud =carp0.link.up carp1.link.up !carp2.link.up
ddu =!carp0.link.up !carp1.link.up
Re: From analysis of a simple ifstated.conf to more compex example
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2 /dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that
reacts when:
any one of the carp interfaces is down - followed by another any
other carp interface down
I tried to define states:
duu =!carp0.link.up carp1.link.up carp2.link.up
udu =carp0.link.up !carp1.link.up carp2.link.up
uud =carp0.link.up carp1.link.up !carp2.link.up
ddu =!carp0.link.up !carp1.link.up
dud =!carp0.link.up !carp2.link.up
udd =!carp1.link.up !carp2.link.up
and used them but somehow I cannot incorporate all state changes and
include it in ifstated.conf.
Works fine here, did you not have any luck with the file I posted
earlier ?
___
freebsd-questions@freebsd.org mailto:freebsd-questions@freebsd.org
mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org
mailto:freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: From analysis of a simple ifstated.conf to more compex example
Well,
I am not fully familiar with CARP, but if the different carp interfaces are
used for different purpose (ftp, tftp, scp), is it a good idea to put down
all of them, if they are able to serve their purpose?
BTW, what is CARP preemption and how is it possible to enable it?
Kind regards,
Peter
On 15 February 2012 18:25, Damien Fleuriot m...@my.gd wrote:
Sorry about the late reply, didn't see yours.
What about enabling CARP preemption to ensure that when a carp interface
goes down, the whole set does ?
On 2/7/12 9:13 PM, peter knezel wrote:
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig
-a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you
fail since it is in state twoff.
Only of you put down second carp interface it goes to state two and if
you put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd mailto:m...@my.gd
wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and if
there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh and
set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3
ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that
reacts when:
any one of the carp interfaces is down - followed by another any
other carp interface down
I tried to define states:
duu =!carp0.link.up carp1.link.up carp2.link.up
udu =carp0.link.up !carp1.link.up carp2.link.up
uud =carp0.link.up carp1.link.up !carp2.link.up
ddu =!carp0.link.up !carp1.link.up
dud =!carp0.link.up !carp2.link.up
udd =!carp1.link.up !carp2.link.up
and used them but somehow I cannot incorporate all state changes
and
include it in ifstated.conf.
Works fine here, did you not have any luck with the file I posted
earlier ?
___
freebsd-questions@freebsd.org mailto:freebsd-questions@freebsd.org
mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org
mailto:freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: From analysis of a simple ifstated.conf to more compex example
Hello Damien,
I did read your example but cannot get idea from it.
For three interfaces you have much more possibilities.
Imagine you start the server from uuu state which is equal to
net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig -a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2 /dev/null
every 3)'
Now you put down one carp interface - so system is in state :
*state one:*
(duu) || (udu) || (uud) which is same as !$net
run script1.sh
go to twoff
now imagine, you put down any other carp interface:
*state twoff: *
(dud) || (ddu) || (udd)
run script2.sh
go to two
*state two: *
put all interfaces up
run script3.sh
go to state one
it means, this is one of the possibilities system can behave (this
situation does not describe all possible states - I have taken this
special example.)
Now if you want to put up after putting down one carp interface, you fail
since it is in state twoff.
Only of you put down second carp interface it goes to state two and if you
put both up, it will go to state one.
This is where my ifstated.conf fails to work.
Kind regards,
Peter Knezel
On 7 February 2012 17:02, Damien Fleuriot m...@my.gd wrote:
On 2/7/12 3:36 PM, peter knezel wrote:
Hello all,
I would like to ask somebody to explain me how the ifstated works
according to
the following configuration file.
I have three virtual carp interfaces carp0,carp1 and carp2.
I try to understand the following setting:
The server is in state one (all carp interfaces are up) and if there
is carp down of any:
one (carp0 or carp1 or carp2),
two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and carp2]),
three interfaces (carp 0 and carp1 and carp2), server
runs the script testdown.sh and put the server into state two.
If all carp interfaces are up, the server runs the testup.sh and set
the state to one.
That is my understanding.
Is it the way the system works?
Or am I wrong?
===
init-state one
net = '( ifconfig -a -u |grep carp0 /dev/null every 3 ifconfig
-a -u
|grep carp1 /dev/null every 3 ifconfig -a -u |grep carp2
/dev/null
every 3)'
state one {
if ( ! $net ) {
run /usr/local/testdown.sh
set-state two
}
}
state two {
if ( $net ) {
run /usr/local/testup.sh
set-state one
}
}
===
Is there any possibility to define and set ifstated.conf that reacts
when:
any one of the carp interfaces is down - followed by another any
other carp interface down
I tried to define states:
duu =!carp0.link.up carp1.link.up carp2.link.up
udu =carp0.link.up !carp1.link.up carp2.link.up
uud =carp0.link.up carp1.link.up !carp2.link.up
ddu =!carp0.link.up !carp1.link.up
dud =!carp0.link.up !carp2.link.up
udd =!carp1.link.up !carp2.link.up
and used them but somehow I cannot incorporate all state changes and
include it in ifstated.conf.
Works fine here, did you not have any luck with the file I posted earlier ?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
