[Pacemaker] HA Cluster Connected over VPN
Dejan Muhamedagic
dejanmm at fastmail.fm
Tue Jan 24 22:55:57 UTC 2012
On Tue, Jan 24, 2012 at 09:51:49PM +0100, Arnold Krille wrote:
> On Tuesday 24 January 2012 09:47:18 M Siddiqui wrote:
> > I have a situation where two cluster nodes are connected over the VPN; each
> > node
> > is configured with two interfaces to provide ring redundancy for corosync:
> > NODE1:
> > eth1: 192.168.1.111/24
> > eth2: 192.168.1.112/24
> > NODE2:
> > eth1: 192.168.1.113/24
> > eth2: 192.168.1.114/24
> > Since two nodes are geographically distributed and connected over the VPN,
> > configuring each interface in a different subnet is not an option here.
> > Now corosync got confused due to same subnet; how we can handle this
> > situation?
>
> Lets answer your questions with some questions:
>
> - Why two interfaces in the same subnet? If these interfaces are connected to
> the same switch, bonding gives you more advantages. And using two
> communication rings for corosync will give you nothing if that network fails.
> - Is that one vpn-connection between these machines? If yes, why do you want
> to use two communication-rings when both cross the same single-point-of-
> failure-vpn?
>
> Using the same subnet for two communication-rings will disturb corosync as it
> uses multicasts for communication. And that is best done with one multicast-
> channel per subnet.
Newer corosync (at least since 1.4.x, perhaps earlier) can do
udpu instead of multicast. I'd suggest to use that. Ask on the
corosync-discuss list about how to tune for your network.
Thanks,
Dejan
> Have fun,
>
> Arnold
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org
More information about the Pacemaker
mailing list