Re: carp ip loadbalancing bug ?
hi so this morning i did the next try after an update session from our network stuff ( they did an update out hp 2824 switches to the latest firmware ). result : with link0 link1 option no change ( 50% of the network ok the rest dont ) with link0 link1 link2 option they kills my connection to the second fw box an the connection to all host outside ... it is more worse than before. so what now ? holger -Urspr|ngliche Nachricht- Von: Marco Pfatschbacher <[EMAIL PROTECTED]> Gesendet: 04.11.07 15:46:22 An: [EMAIL PROTECTED] CC: misc@openbsd.org Betreff: Re: carp ip loadbalancing bug ? On Sun, Nov 04, 2007 at 01:17:19PM +0100, [EMAIL PROTECTED] wrote: > > but we check our switches ( HP 2824 ) and my networker says that we have old revision of firmware inside. > we will update this at monday and that we test it again. I don't think that's necessary. It's not a bug in the switch. > is the link2 option an replacement for link1 ? no, you need link0,link1,link2 Just like it's written in the manual... > holger > > Quoting from carp(4): > > Please note that activating stealth mode on a carp interface that has al- > ready been running might not work instantly. As a workaround the VHID > can be changed to a previously unused one, or just wait until the MAC > table entry in the switch times out. > > Some Layer-3 switches do port learning based on ARP packets. Therefore > the stealth mode cannot hide the virtual MAC address from these kind of > devices. In such cases, carp can be told to use a multicast MAC address > by additionally enabling the link2 flag. ^^ There's work in progress to make the configuration easier. However, sometimes I wonder why we bother to write manuals that no one reads.
Re: carp ip loadbalancing bug ?
On Sun, Nov 04, 2007 at 01:17:19PM +0100, [EMAIL PROTECTED] wrote: > > but we check our switches ( HP 2824 ) and my networker says that we have old > revision of firmware inside. > we will update this at monday and that we test it again. I don't think that's necessary. It's not a bug in the switch. > is the link2 option an replacement for link1 ? no, you need link0,link1,link2 Just like it's written in the manual... > holger > > Quoting from carp(4): > > Please note that activating stealth mode on a carp interface that has al- > ready been running might not work instantly. As a workaround the VHID > can be changed to a previously unused one, or just wait until the MAC > table entry in the switch times out. > > Some Layer-3 switches do port learning based on ARP packets. Therefore > the stealth mode cannot hide the virtual MAC address from these kind of > devices. In such cases, carp can be told to use a multicast MAC address > by additionally enabling the link2 flag. ^^ There's work in progress to make the configuration easier. However, sometimes I wonder why we bother to write manuals that no one reads.
Re: carp ip loadbalancing bug ?
-Urspr|ngliche Nachricht- Von: Marco Pfatschbacher <[EMAIL PROTECTED]> Gesendet: 04.11.07 11:49:03 An: [EMAIL PROTECTED] CC: misc@openbsd.org Betreff: Re: carp ip loadbalancing bug ? On Fri, Nov 02, 2007 at 09:53:46AM +0100, [EMAIL PROTECTED] wrote: > hi > > yes the em0 ist member of the /22 network and the carpdev opion ist an old setting from the start of this cluster > where i setup no ip on the interface. > > should i try this ip balancing whitout this option ? No, it's redundant to use carpdev in this case, but it doesn't matter. Do you see the traffic incoming on both machines? Maybe the link2 mode works better for you... hi ah ok i will try this , and yes there ist traffic on both machines but not from all clients ( 50% can reach there default gw and rest don4t ) but we check our switches ( HP 2824 ) and my networker says that we have old revision of firmware inside. we will update this at monday and that we test it again. is the link2 option an replacement for link1 ? holger Quoting from carp(4): Please note that activating stealth mode on a carp interface that has al- ready been running might not work instantly. As a workaround the VHID can be changed to a previously unused one, or just wait until the MAC table entry in the switch times out. Some Layer-3 switches do port learning based on ARP packets. Therefore the stealth mode cannot hide the virtual MAC address from these kind of devices. In such cases, carp can be told to use a multicast MAC address by additionally enabling the link2 flag.
Re: carp ip loadbalancing bug ?
On Fri, Nov 02, 2007 at 09:53:46AM +0100, [EMAIL PROTECTED] wrote: > hi > > yes the em0 ist member of the /22 network and the carpdev opion ist an old > setting from the start of this cluster > where i setup no ip on the interface. > > should i try this ip balancing whitout this option ? No, it's redundant to use carpdev in this case, but it doesn't matter. Do you see the traffic incoming on both machines? Maybe the link2 mode works better for you... Quoting from carp(4): Please note that activating stealth mode on a carp interface that has al- ready been running might not work instantly. As a workaround the VHID can be changed to a previously unused one, or just wait until the MAC table entry in the switch times out. Some Layer-3 switches do port learning based on ARP packets. Therefore the stealth mode cannot hide the virtual MAC address from these kind of devices. In such cases, carp can be told to use a multicast MAC address by additionally enabling the link2 flag.
Re: carp ip loadbalancing bug ?
-Urspr|ngliche Nachricht- Von: Marco Pfatschbacher <[EMAIL PROTECTED]> Gesendet: 31.10.07 20:10:51 An: holger glaess <[EMAIL PROTECTED]> CC: misc@openbsd.org Betreff: Re: carp ip loadbalancing bug ? On Wed, Oct 31, 2007 at 11:26:48AM +0100, holger glaess wrote: > hi > > i did the carp ip loadbalancing setup as describe at the man page. > > i did it on an full funktional carp cluster that means that carp an pf is ok. > > host A: > > inet 10.100.0.254 255.255.252.0 10.100.3.255 carpdev em0 vhid 25 pass office2world link0 link1 group lan_if > inet alias 10.100.1.253 255.255.252.0 NONE Your configuration looks sane. Currently I'm aware of one problem with ip balancing: It doesn't work for the 'carpdev' case. Is your em0 interface also part of the same /22 as carp? Marco hi yes the em0 ist member of the /22 network and the carpdev opion ist an old setting from the start of this cluster where i setup no ip on the interface. should i try this ip balancing whitout this option ? holger
Re: carp ip loadbalancing bug ?
On Wed, Oct 31, 2007 at 11:26:48AM +0100, holger glaess wrote: > hi > > i did the carp ip loadbalancing setup as describe at the man page. > > i did it on an full funktional carp cluster that means that carp an pf is ok. > > host A: > > inet 10.100.0.254 255.255.252.0 10.100.3.255 carpdev em0 vhid 25 pass > office2world link0 link1 group lan_if > inet alias 10.100.1.253 255.255.252.0 NONE Your configuration looks sane. Currently I'm aware of one problem with ip balancing: It doesn't work for the 'carpdev' case. Is your em0 interface also part of the same /22 as carp? Marco
Re: carp ip loadbalancing bug ?
holger glaess ??: hi i did the carp ip loadbalancing setup as describe at the man page. is there an known issue ? maybee that carp ip loadblancing have problems with /22 networks ? CARP loadbalancing by IP requires that your switch sends traffic to the common CARP IP to BOTH of your machines, otherwise it's not gonna work as assumed. ARP loadbalancing does not require this, but there's no other way to achieve this when you want to use IP loadbalancing.
