Re: CARP health check ?

2012-01-13 Thread rik
Just an idea, but you might consider giving private ip to the phydev and using nrpe plugin for nagios so you'll be able to ping them from the inside and report everything to your external nagios monitor Alex On Fri, Jan 13, 2012 at 5:12 AM, PP;Q Q P(P8P?P8QP8P= chipits...@gmail.com wrote:

Re: CARP health check ?

2012-01-12 Thread Justin Jereza
I think ifstated is what you want to use. -- Composed on a phone. On Jan 13, 2012 2:07 AM, PP;Q Q P(P8P?P8QP8P= chipits...@gmail.com wrote: Hello! I'm running OpenBSD with CARP (and because of CARP), 10 servers in total. Some of them preemt=1, some with preemt=0 I'd like to know that

Re: CARP health check ?

2012-01-12 Thread Илья Шипицин
well, I need to make question more certain. we are using nagios for monitoring and it is running on separate server. we do not want to monitor server from inside. we want to run run something via ssh and see whether carp peer is dead or not. probably we do not want to determine that we are carp

Re: CARP health check ?

2012-01-12 Thread Justin Jereza
I would still consider using ifstated to signal to the network monitor the state of the interface. An alternative that may be better though is to use SNMP. -- Composed on a phone.

Re: CARP health check ?

2012-01-12 Thread Simon Perreault
On 01/12/2012 01:18 PM, PP;Q Q P(P8P?P8QP8P= wrote: we are using nagios for monitoring and it is running on separate server. we do not want to monitor server from inside. we want to run run something via ssh and see whether carp peer is dead or not. Give each server it's unique IP address.

Re: CARP health check ?

2012-01-12 Thread Илья Шипицин
well, it's usually not possible. we use OpenBSD, because it supports carpdev option (FreeBSD does not support it) most of our carp clusters run on single address. no spare IP space. we could do ssh and ping carp peer (some trouble with preemption), but we do not want to stick with certain IP

Re: CARP health check ?

2012-01-12 Thread Simon Perreault
On 01/12/2012 01:49 PM, PP;Q Q P(P8P?P8QP8P= wrote: most of our carp clusters run on single address. no spare IP space. That's the root of the problem. Use IPv6 for the non-carp addresses? RFC 1918? rdr on some ports? Otherwise, you'll have to invent a hackish and fragile solution...

Re: CARP health check ?

2012-01-12 Thread Илья Шипицин
RFC1918 addreeses are not routable. there's no problem for carp peers to ping each other, I just cannot ping both of them from Internet (where nagios is located) the problem is to specify each peer's address in nagios config, I do not want to depend on 10.0.0.2 for cluster1 peer and so on.

Re: CARP health check ?

2012-01-12 Thread Nick Holland
ok, let's try this idea... Your systems have ONE external address, but they can have as many internal addresses as desired, right? SO...let's say you have two CARP'd firewalls, FW1 and FW2. They share external address of x.x.x.x. FW1: FW2: Externalx.x.x.x

Re: CARP health check ?

2012-01-12 Thread Илья Шипицин
sounds nice. I came to somewhat similar. Just ssh to external address and ping both carp peers (via internal addresses), if there're less than 2 answers, we are in trouble. your idea is also good. 2012/1/13 Nick Holland n...@holland-consulting.net ok, let's try this idea... Your systems