On 03/15/13 11:21, Alessio wrote:
So... all works as espected?
No.
If I try to ping the VIP from the server that is in the backup state, I
can't reach such IP owned by the master server.
Is such behavior by design? The VRRP implementation expects that the
backup node cannot reach the VIP owned by the master one?
That doesn't surprise me much. I believe that's due to RFC 5798 section
6.4.2:
6.4.2. Backup
The purpose of the {Backup} state is to monitor the availability and
state of the Master router.
(300) While in this state, a VRRP router MUST do the following:
[...]
(340) - MUST NOT accept packets addressed to the IPvX address(es)
associated with the virtual router.
Accepting those packets for delivery on the Backup could easily lead (at
least) to a forwarding loop, so it's a Bad Thing. Granted, a system
could (somehow) accept and deliver them from local sources while
refusing to forward them when they arrive from external sources, but
that's far harder to accomplish. Outbound packets to a single address
tend to look the same.
Interestingly, there is something unusual in what you described, and
that's this:
If I shutdown the Server01, the other one become the master, and I can
continue to ping the VIP.
I don't believe that should work with normal VRRP. Section 6.4.3:
6.4.3. Master
[...]
(650) - MUST accept packets addressed to the IPvX address(es)
associated with the virtual router if it is the IPvX address owner
or if Accept_Mode is True. Otherwise, MUST NOT accept these
packets.
The default is supposed to be Accept_Mode == False, which is really the
right sort of behavior for a router. It sounds as if the system is
behaving as though Accept_Mode defaults to True.
--
James Carlson 42.703N 71.076W carls...@workingcode.com
___
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
