keepalived problem

Graeme Fowler graeme at graemef.net
Mon Nov 27 15:08:02 GMT 2006 

Hi

Both of your messages wrapped horribly, so here's my attempt at 
unpicking them:

On 27/11/2006 14:28, Gert Vanoverloop wrote:
> Hello;  i'm having problems with pinging to other lan.  as a test :
> i want to use two ethernet links between two lans with two linux routers
> in between using vrrp for redundancy.  i used the configuration below.
> the failover works fine. the problem is: i can ping from one lan to the
> interfaces in the router. but i can't ping it from the other lan. and i
> cannot ping through the loadbalancer to other lan.  when i look into my
> arp table on a host pc i get the phisical mac address instead of a virtual
> mac address. is this normal?  the two lan and routers are all in the same 
> subnet.  hope you can help me.
> -----
> 1. On director 1
>                   vrrp_instance D1 {
>                      state MASTER
>                      interface eth0
>                      virtual_router_id 51
>                      priority 150
>                      advert_int 1
>                      authentication {
>                           auth_type AH
>                           auth_pass TEST
>                      }
>                      virtual_ipaddress {
>                           10.0.0.110
>                      }
>                   }
>                   vrrp_instance D2 {
>                      state BACKUP
>                      interface eth0
>                      virtual_router_id 52
>                      priority 100
>                      advert_int 1
>                      authentication {
>                           auth_type AH
>                           auth_pass TEST
>                      }
>                      virtual_ipaddress {
>                           10.0.0.111
>                      }
>                   }

> 2. On director 2
>                   vrrp_instance D1 {
>                      state BACKUP
>                      interface eth0
>                      virtual_router_id 51
>                      priority 100
>                      advert_int 1
>                      authentication {
>                           auth_type AH
>                           auth_pass TEST
>                      }
>                      virtual_ipaddress {
>                           10.0.0.110
>                      }
>                   }
>                   vrrp_instance D2 {
>                      state MASTER
>                      interface eth0
>                      virtual_router_id 52
>                      priority 150
>                      advert_int 1
>                      authentication {
>                           auth_type AH
>                           auth_pass TEST
>                      }
>                      virtual_ipaddress {
>                           10.0.0.111
>                      }
>                   } 

So that's the configs sorted out. Firstly I would recommend commenting 
out the authentication {} sections, unless you are completely sure that 
this is working (there's been lots of talk of broken AH mechanisms on 
the keepalived list in the last 18 months or so, which may be fixed but 
removing it simplifies things anyway).

Unfortunately, the config you give us isn't complete - what other IP 
addresses are hardwired onto the interfaces?

Also, if this is strictly a VRRP issue, you may want to discuss it on 
the keepalived list instead of the LVS list. I've cc'd that list to 
kickstart it.

Graeme

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list