On 11/3/2015 11:42 AM, Javier Terceiro López wrote: > On 11/03/2015 08:59 AM, Javier Terceiro López wrote: >>> Hello, >>> >>> I have a new installation with pacemake and shorewall. My system have many >>> nodes, in multi master mode and two diferent providers too (not balanced >>> providers). With pacemaker I decide where the interface is up and shorewall >>> is the firewall. It's working fine. Only a warning when shorewall starts: >>> --- >>> Adding Providers... >>> WARNING: Optional Interface bond0.0038 is not usable -- bond0_0038 not >>> Started >>> WARNING: Optional Interface bond0.0238 is not usable -- bond0_0238 not >>> Started >>> Preparing iptables-restore input... >>> --- >>> >>> When I want to balance any resource (interface with IP), I have a problem. >>> The routes and rules to work whit the interface is not load on server >>> (Interface bond0.0038 is not usable -- bond0_0038 not Started) and firewall >>> doesn't work! I need reload shorewall rules to work. >>> >>> Is it posible shorewall load rules and routes for not usable >>> interfaces?jajaja >>> > >> It depends on why the interface isn't usable. Is there a default route out >> of the interface? > > The interface is not usable because it doesn't exist on host. The interface > only exists on a unique host, not in all hosts. > I prove to up all interfaces on all hosts, without IP, and shorewall doesn't > work when interface has not IP. Pacemaker manages interfaces and IPs. I want > interfaces would be dynamic, and they are balanced on all cluster-hosts. >
Shorewall does not and will not activate an interface that doesn't exist or that does not have an IP address. If you install and configure Shorewall-init, it can react to interfaces going up or down. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
