James Carlson wrote:
Sangeeta Misra writes:
Can you kindly explain what specific problem you want to solve by
running VRRP on Solaris? Assuming that you want it for high availibility
of server-type application, why would you choose VRRP over Solaris'
Clustering solution?
If it's for application support rather than for routing, it's worth
noting that VRRP doesn't actually solve that problem.
If you obey RFC 3768 correctly, when a new master is promoted, it must
*NOT* respond to any packets directed to the Virtual IP Address nor
use the address for the source of packets it sends, because it is not
the configured IP address owner. This makes VRRP useless for
applications, and useful only for forwarding. (And really only for
certain classes of manually-configured routes at that.)
Section 6.4.3:
- MUST NOT accept packets addressed to the IP address(es) associated
with the virtual router if it is not the IP address owner.
The fact that "VRRP" appears to solve this problem on Linux is more of
a bug than a feature, I think.
I agree that getting good information about the intended application
would help greatly here.
One concern about implementing VRRP (rfc 3768) is the risk of
infringing on Cisco's patent. Refer to IETF IPR disclosures about VRRP at:
https://datatracker.ietf.org/public/ipr_search.cgi?option=wg_search&wg_search=vrrp
The impact of this is unclear to me at this point.
Have you looked at Freebsd's VRRP implementation, freevrrpd?:
http://www.freebsd.org/cgi/pds.cgi?ports/net/freevrrpd
Also have you considered CARP (Common Address Redundancy),OpenBSD's
patent-free alternative to VRRP? See:
o http://www.openbsd.org/faq/faq6.html#CARP
o CARP section at:
http://www.countersiege.com/doc/pfsync-carp
For userland implementation of CARP protocol see: http://www.ucarp.org
Also looks like both fedora and debian provide ucarp:
http://ftp.freshrpms.net/pub/freshrpms/fedora/linux/1/ucarp/
http://packages.debian.org/unstable/net/ucarp
Sangeeta
_______________________________________________
networking-discuss mailing list
[email protected]
