Hello, we are running a quite simple HA setup as border router, where
the HA logic controls internal and external IPs, the IPSec routes,
firewalling, and an http proxy.
Naturally the services like IPSec and proxy can only run on the machine
that owns the internal and external IP, so I grouped all these together
with the two IPs.
Now we had a hardware crash and the second machine tried to take over,
but did not succeed due to the fact that the IPSec start script returned
an error because the ipsec configration was broken.
Obviously through the grouping HA decided "no way to run this group" and
gave up totally.
However, this is clearly not the behavior one would want in such a case:
naturally I want the other services running even if there is a problem
with one of them.
Maybe grouping is the wrong concept, but then how do I force the
depenency on the internal and external IP ?
Hoping for a hint,
Jakob Curdes
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
