Re: Dead switch, a quick carp failover question
On 01/02/2006 03:31:10 AM, Marco Pfatschbacher wrote: Although it's rather hypothetical to have two broken switches at the same time, your assumptions are correct. The backup will not take over. It is rather hypothetical, but perhaps not as much as you might think. I have already, during periods of maintenance in a poorly laid out "computer room", kicked the power cord of a switch and unplugged it. Had that happened while I was otherwise re-routing cables a similar situation would have arisen. (It's the old problem of putting _people_ into the mix. :-) Actually I already have a diff that solves this issue. Thank you for the work. Karl <[EMAIL PROTECTED]> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
Re: Dead switch, a quick carp failover question
On Sun, Jan 01, 2006 at 10:52:43PM +, Karl O. Pinc wrote: > On 01/01/2006 03:09:03 PM, Marco Pfatschbacher wrote: > >On Sun, Jan 01, 2006 at 12:28:42AM +, Karl O. Pinc wrote: > >[...] > >> Suppose I have 2 firewalls, one failing over to the > >> other with carp. (net.inet.carp.preempt=1 on > >> both firewalls.) Each has 3 interfaces, internet, > >> lan, and dmz. The dmz has, say, a webserver. > >> Now to connect the 2 firewalls to the webserver > >> an additional switch/hub is required in the physical > >> topology. > >> > >[...] > >> If the dmz interfaces go down, then does this > >> not shut off all the carp interfaces on both > >> firewalls as a group, turning off the parts > >> of both firewalls that are still functioning? > >[...] > [...] > >In your scenario, both firewalls would chage their advskew to 240. > >But a takeover only happens if one has a lower advskew, not if they > >are equal. Therefore you should be just fine. > > So then what happens next when, say, the internet interface > goes down on just the master firewall? Even though the backup has > two working interfaces and the master only one, the advskew > everywhere is already at 240 and the backup will not > become the master. Right? (Seems like when > net.inet.carp.preempt=1 the advskew should keep going > up as more interfaces go down.) Although it's rather hypothetical to have two broken switches at the same time, your assumptions are correct. The backup will not take over. Actually I already have a diff that solves this issue. If you're following -current and like to test it, drop me a line. Marco
Re: Dead switch, a quick carp failover question
On 01/01/2006 03:09:03 PM, Marco Pfatschbacher wrote: On Sun, Jan 01, 2006 at 12:28:42AM +, Karl O. Pinc wrote: [...] > Suppose I have 2 firewalls, one failing over to the > other with carp. (net.inet.carp.preempt=1 on > both firewalls.) Each has 3 interfaces, internet, > lan, and dmz. The dmz has, say, a webserver. > Now to connect the 2 firewalls to the webserver > an additional switch/hub is required in the physical > topology. > [...] > If the dmz interfaces go down, then does this > not shut off all the carp interfaces on both > firewalls as a group, turning off the parts > of both firewalls that are still functioning? [...] [...] In your scenario, both firewalls would chage their advskew to 240. But a takeover only happens if one has a lower advskew, not if they are equal. Therefore you should be just fine. So then what happens next when, say, the internet interface goes down on just the master firewall? Even though the backup has two working interfaces and the master only one, the advskew everywhere is already at 240 and the backup will not become the master. Right? (Seems like when net.inet.carp.preempt=1 the advskew should keep going up as more interfaces go down.) Karl <[EMAIL PROTECTED]> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
Re: Dead switch, a quick carp failover question
On Sun, Jan 01, 2006 at 12:28:42AM +, Karl O. Pinc wrote: [...] > Suppose I have 2 firewalls, one failing over to the > other with carp. (net.inet.carp.preempt=1 on > both firewalls.) Each has 3 interfaces, internet, > lan, and dmz. The dmz has, say, a webserver. > Now to connect the 2 firewalls to the webserver > an additional switch/hub is required in the physical > topology. > [...] > If the dmz interfaces go down, then does this > not shut off all the carp interfaces on both > firewalls as a group, turning off the parts > of both firewalls that are still functioning? [...] link failures on any physical interface that is used together with carp lets all carp interfaces to change their advskew to 240. This way a backup host with net.inet.carp.preempt=1 and an advskew lower than 240 can preempt all of the faulty hosts carp interfaces. In your scenario, both firewalls would chage their advskew to 240. But a takeover only happens if one has a lower advskew, not if they are equal. Therefore you should be just fine. No need for ifstated. Marco
