David Coulson <da...@davidcoulson.net> wrote: > Your configuration seems to have way too many moving parts and since you are > making routing changes when the nodes become primary it is difficult to > ensure that it will actually work based upon the monitoring you are doing > when it is passive. > > Not 100% sure what you're trying to accomplish, but when a config is this > complex it's usually not ideal.
I would concur with this observation. To the OP: You're trying to achieve two orthogonal types of availability: Server and network. Trying to do this on a single cluster is far too complex with the setup you've described. Assuming you can get it working at all, it sounds overly fragile. Assuming that you can't get ahold of your own statics, have your own ASN, and have the statics routed by more than one ISP, I'd suggest breaking it out into two pieces: (1) Deal with the network connectivity by a pair of highly-available firewalls (OpenBSD with carp et al works very well for this). You can listen for connections coming from both ISPs and route them to the Linux HA-cluster (you can configure things so that the return packets go out the correct ISP link). Depending on your situation you *may* be able to configure non-return outbound traffic to use both ISP links as well. (2) Build a more normal Linux HA-cluster NAT'd behind those firewalls. That way the Linux cluster has only one (redundant) default route and it's configuration, which is already complex, doesn't become unmanageable. I have this type of configuration active in a few locations and it works well. It also has the advantage that other non-HA resources on the network also benefit from the redundant firewalls / ISP links. If you insist on trying to do this with just the Linux-HA cluster, I don't have any suggestions as to how you should proceed. Devin _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org