[Pacemaker] Setting up routing for a virtual ip
Stephan-Frank Henry
Frank.Henry at gmx.net
Fri Sep 3 15:17:13 UTC 2010
-------- Original-Nachricht --------
> Datum: Thu, 02 Sep 2010 19:08:00 +0200
> Von: "Stephan-Frank Henry" <Frank dot Henry at gmx dot net>
> An: The Pacemaker cluster resource manager <pacemaker at oss.clusterlabs.org>
> Betreff: Re: [Pacemaker] Setting up routing for a virtual ip
> -------- Original-Nachricht --------
> > Datum: Thu, 02 Sep 2010 11:40:13 +0200
> > Von: "Stephan-Frank Henry" <Frank dot Henry at gmx dot net>
> > An: pacemaker at oss.clusterlabs.org
> > Betreff: [Pacemaker] Setting up routing for a virtual ip
>
> > Hello everyone,
> >
> > I am currently stuck trying to set up routing for a configured virtual
> ip
> > to the static ip on the same host.
> >
> > static ip: 150.158.1.2
> > (I have two nics in use, but this is the important one)
> > virtual ip: 1.2.3.4
> > nic: eth0
> >
> > versions:
> > Debian Lenny 2.6.33.3 x86_64
> > corosync : 1.2.1-1
> > libheartbeat2 : 3.0.3-2
> >
> > Here are the relevant parts:
> > <primitive id="ip_resource" class="ocf" type="IPaddr2"
> > provider="heartbeat">
> > <instance_attributes id="virtual-ip-attribs">
> > <attributes>
> > <nvpair id="virtual-ip-addr" name="ip" value="1.2.3.4"/>
> > <nvpair id="virtual-ip-addr-nic" name="nic" value="eth0"/>
> > <nvpair id="virtual-ip-addr-netmask" name="cidr_netmask"
> > value="22"/>
> > </attributes>
> > </instance_attributes>
> > <operations>
> > <op id="virtual-ip-monitor-10s" interval="10s" name="monitor"/>
> > </operations>
> > </primitive>
> > <primitive id="ip_gateway" class="ocf" type="Route"
> provider="heartbeat">
> > <instance_attributes id="route-ip-attribs">
> > <attributes>
> > <nvpair id="gateway-ip-source" name="source" value="1.2.3.4"/>
> > <nvpair id="gateway-ip-gateway" name="gateway"
> value="150.158.1.2"/>
> > <nvpair id="gateway-ip-destination" name="destination"
> > value="0.0.0.0/0"/>
> > <nvpair id="gateway-ip-device" name="device" value="eth0"/>
> > </attributes>
> > </instance_attributes>
> > <operations>
> > <op id="gateway-ip-monitor-10s" timeout="20s" interval="10s"
> > name="monitor"/>
> > </operations>
> > </primitive>
> >
> > But when I run it, it prints out messages like:
> > Route[25503]: ERROR: ip_gateway Failed to add network route: to
> 0.0.0.0/0
> > via 150.158.1.2 src 1.2.3.5
> > WARN: unpack_rsc_op: Processing failed op ip_gateway_start_0 on
> nodealpha:
> > unknown error (1)
> >
> > I have tried it with variations (f.i. leaving out the device) but
> without
> > success.
> >
> > If I remove the routing config, it works fine.
> >
> > What am I missing?
> >
> > Could it be related to the fact that I do not see a virtual interface
> via
> > ifconfig (-a)?
> >
> > thanks
> >
> > Frank
>
> Self-update :D
>
> I have updated the settings and now am only using IPaddr instead of the *2
> version and now at least I can see the virtual ip.
>
> I also commented out the device (dunno if I should put in eth0 or eth0:0)
> and changed the virtual ip to 150.158.1.5
>
> now I am getting this error
>
> crmd: [20637]: info: do_lrm_rsc_op: Performing
> key=35:1:0:d010917f-1f67-415a-b02b-97c784c1974f op=ip_gateway_start_0 )
> lrmd: [20634]: info: rsc:ip_gateway:15: start
> crmd: [20637]: info: te_rsc_command: Initiating action 35: start
> ip_gateway_start_0 on nodealpha (local)
> crmd: [20637]: info: process_lrm_event: LRM operation
> ip_resource_monitor_10000 (call=14, rc=0, cib-update=41, confirmed=false) ok
> lrmd: [20634]: info: RA output: (ip_gateway:start:stderr) RTNETLINK
> answers: File exists
> crmd: [20637]: info: match_graph_event: Action ip_resource_monitor_10000
> (34) confirmed on nodealpha (rc=0)
> Route[21137]: ERROR: ip_gateway Failed to add network route: to 0.0.0.0/0
> via 150.158.1.2
> crmd: [20637]: info: process_lrm_event: LRM operation ip_gateway_start_0
> (call=15, rc=1, cib-update=42, confirmed=true) unknown error
>
> Anyone?
>
> BTW: I'm not a network expert, so please highlight any issues.
>
> thanks
>
> Frank
Oookay, so it looks like one of the issues is my near complete lack of knowledge of networking.
>From one of our resident networking guys it seems as though I need iptables to solve this issue.
Something like
iptables -t nat -A PREROUTING -p tcp -i eth0 -d 150.158.1.5 -j DNAT --to 150.158.1.2
iptables -A FORWARD -p tcp -i eth0 -d 150.158.1.5 -j ACCEPT
Is there any way to natively embed this into the resource management or do I need to have my own scripts?
I checked the files but I could not really find anything useful.
thanks
frank
--
GMX DSL SOMMER-SPECIAL: Surf & Phone Flat 16.000 für nur 19,99 Euro/mtl.!*
http://portal.gmx.net/de/go/dsl
More information about the Pacemaker
mailing list