Hello,
i'm trying to configure a Vyatta OFR on a Xen virtual machine, configured
with 10 ethernet interfaces, some of them tagged.
When I configure VRRP on one of them (only one), everything is ok :
- I see the vrrp process,
- I can ping the VRRP IP
- "show vrrp" output shows the VVRP interface, and "ip addr" on linux shows
also the right IP addresses.
This works ok for standard eth interfaces and also for tagged ones.
Here is the conf of some of them :
ethernet eth1 {
hw-id: 00:16:3E:2A:22:13
address 10.1.1.252 {
prefix-length: 24
}
vrrp {
virtual-address: 10.1.1.251
priority: 150
}
ethernet eth5 {
hw-id: 00:16:3E:4A:FD:4B
vif 101 {
address 10.2.101.2 {
prefix-length: 24
}
vrrp {
vrrp-group: 101
virtual-address: 10.2.101.1
priority: 150
}
}
But when I'm trying to configure several ones (eth1, eth5, eth6, eth7) with
VRRP, VRRP starts only on 2 of them, even after reboot, and it looks like
the vrrp process is not started. One example :
Vyatta Conf
[EMAIL PROTECTED]> show configuration
protocols {
static {
route 0.0.0.0/0 {
next-hop: xxx.xxx.xxx.xxx
}
}
}
policy {
}
interfaces {
loopback lo {
}
ethernet eth0 {
hw-id: 00:16:3E:5C:AE:13
address 193.33.79.10 {
prefix-length: 24
}
}
ethernet eth1 {
hw-id: 00:16:3E:2A:22:13
address 10.1.1.252 {
prefix-length: 24
}
vrrp {
virtual-address: 10.1.1.251
priority: 150
}
}
ethernet eth2 {
hw-id: 00:16:3E:10:7A:CD
}
ethernet eth3 {
hw-id: 00:16:3E:0E:F6:9B
}
ethernet eth4 {
hw-id: 00:16:3E:4F:69:1E
}
ethernet eth5 {
hw-id: 00:16:3E:4A:FD:4B
vif 101 {
address 10.2.101.2 {
prefix-length: 24
}
vrrp {
vrrp-group: 101
virtual-address: 10.2.101.1
priority: 150
}
}
}
ethernet eth6 {
hw-id: 00:16:3E:65:DE:08
vif 102 {
address 10.2.102.2 {
prefix-length: 24
}
vrrp {
vrrp-group: 102
virtual-address: 10.2.102.1
priority: 150
}
}
}
ethernet eth7 {
hw-id: 00:16:3E:71:4C:10
vif 103 {
address 10.2.103.2 {
prefix-length: 24
}
vrrp {
vrrp-group: 103
virtual-address: 10.2.103.1
priority: 150
}
}
}
firewall {
}
service {
http {
}
ssh {
}
}
system {
host-name: "sv-inf-tst-fw-01"
domain-name: "hostics.fr"
name-server 10.1.1.202
name-server 10.1.1.201
ntp-server "10.1.1.202"
ntp-server "10.1.1.201"
login {
user root {
authentication {
encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
}
}
user vyatta {
authentication {
encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
}
}
}
package {
repository community {
component: "main"
url: "http://archive.vyatta.com/vyatta";
}
}
}
rtrmgr {
config-directory: "/opt/vyatta/etc/config"
}
ps -ef | grep vrrp output :
root 2585 1 0 12:03 ? 00:00:00 /opt/vyatta/sbin/vrrpd -i
eth1 -v 1 -p 150 -d 1 10.1.1.251
root 2590 1 0 12:03 ? 00:00:00 /opt/vyatta/sbin/vrrpd -i
eth5.101 -v 101 -p 150 -d 1 10.2.101.1
show vrrp output
Physical interface: eth1, Address: 10.1.1.251
Interface state: up, Group: 1, State: master
Priority: 150, Advertisement interval: 1s, Authentication type: none
Preempt: yes, VIP count: 1, VIP: 10.1.1.251
Advertisement timer: 1575s, Master router: 10.1.1.252
Virtual MAC: 00:00:5E:00:01:01
Physical interface: eth5.101, Address: 10.2.101.1
Interface state: up, Group: 101, State: master
Priority: 150, Advertisement interval: 1s, Authentication type: none
Preempt: yes, VIP count: 1, VIP: 10.2.101.1
Advertisement timer: 1575s, Master router: 10.2.101.2
Virtual MAC: 00:00:5E:00:01:65
vrrpd log in /var/log/messages
Sep 27 12:03:10 vyatta vrrpd: vrrpd version 0.4 starting...
Sep 27 12:03:10 vyatta vrrpd: VRRP ID 1 on eth1: we are now a backup router.
Sep 27 12:03:10 vyatta vrrpd: vrrpd version 0.4 starting...
Sep 27 12:03:10 vyatta vrrpd: VRRP ID 101 on eth5.101: we are now a backup
router.
Sep 27 12:03:14 vyatta vrrpd: [ 2007/09/27 12:03:14 WARNING vrrpd LIBXORP ]
4 seconds between calls to EventLoop::run
Sep 27 12:03:14 vyatta vrrpd: [ 2007/09/27 12:03:14 WARNING vrrpd LIBXORP ]
4 seconds between calls to EventLoop::run
Sep 27 12:03:14 vyatta vrrpd: VRRP ID 1 on eth1: we are now the master
router.
Sep 27 12:03:14 vyatta vrrpd: VRRP ID 101 on eth5.101: we are now the master
router.
Questions :
- is my conf right (I read that vyatta allows only 1 VRRP IP per physical
interface, what I did) ?
- do i need a different vrrp-group on each interface (Newbie question !) ?
- can someone help me resolve this problem, as it looks like some parts of
the conf is ignored ?
Thanks a lot !
_______________________________________________
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
