Hi Graeme, > Are you 100% sure the firewall rules or a network > misconfiguration aren't getting in the way? > > The most common flaw that causes this is a rule or route on > the nominal master preventing it sending announcements, so > the slave keeps transitioning. > > It's either that, or your system clocks are out of sync with > each other. > > Graeme
We have rules on both firewalls looking like this, which I think should be enough? # accept VRRP sync data $IPTABLES -A INPUT -s $CLASS_A -d 224.0.0.18 -p 112 -j ACCEPT $IPTABLES -A INPUT -s $CLASS_B -d 224.0.0.18 -p 112 -j ACCEPT $IPTABLES -A INPUT -s $CLASS_C -d 224.0.0.18 -p 112 -j ACCEPT $IPTABLES -A INPUT -s $VRRP_BACKUPIP -d 224.0.0.18 -p 112 -j ACCEPT Both servers are syncing clocks with a NTP server so this should not be the culprit. I also noticed that it was only the vrrp instances (vips) bound to a certain nic that transitioned to master on the backup node. Could it be a buggy driver or faulty hw? The nic is an onboard via velocity gigabit card. We have three nics in each firewall and the other two are Intel cards. Nicklas _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
