Vrrp/CARP/ucarp Problems

Mon Mar 26 20:14:23 UTC 2007

Hi All

I was wondering if I could get some advice from those of you who have
successfully implemented ip address failover systems such as carp and
freevrrpd.

I am trying to set up a high availability web loadbalancer using a pair
of freebsd 6.2 boxes. I have tried a number of ways to perform failover
but always seem to be hitting a problem.

UCARP
Pro's:This would be my ideal solution as the startup/shutdown scripts
enable me to stop and start my applications and add aliases to adaptors
easily.
Cons: When the backup box is rebooted it always comes up advertising
itself as the master then after a few seconds reverts to backup,
although I was under the impression it was supposed to wait and listen
for advertisements(it doesnt seem to). The backup boxes initial
gratuitous arp as a master is sufficient to poison any traffic from the
local router to the shared ip address. Only solution was to use arp-sk
to send gratuitous arps every few secs, however, arp-sk was a bit flakey
and it was a bodge.

CARP
Pro's: stable and built into the kernel. Could enable acive/active arp
load sharing at a later point.
Cons: There is a Freebsd bug (I've seen it discussed on the lists) where
the creation and destroyal of a carp interface causes a kernel panic.
Also, there is no support for start/stop scripts.

Freevrrpd
Pros: Mac address changing removes some of the arp timeout
issues/gratuitous arp problems and it supports start/stop scripts
Cons: I'm finding that upon rebooting the backup unit it correctly
starts as a backup, then three seconds later syslogs that it is the
master and changes its mac address accordingly. although a sniff of the
network traffic indicates it is sending the right advertisements(lower
priority), it never goes into backup mode again.

So, what am I doing wrong? Are these common problems, or something that
appears specific to my hosts/switches? are there more suitable options?
The loadbalancers are all single homed and I have tried a mixture of xl,
bge and fxp cards.  

Any help/suggestions much appreciated, also, any links to a perl based
gratuitous arp util would be great!

Many thanks

Ross 

PS - Apologies if you see multiple copies of this message, I seem to be
having trouble getting mails onto the list.

All correspondence, attachments and agreements remain strictly subject to fully executed contract. (c) GCap Media plc 2006. All rights remain reserved. This e-mail (and any attachments) contains information which may be confidential, subject to intellectual property protection and may be legally privileged and protected from disclosure and unauthorised use. It is intended solely for the use of the individual(s) or entity to whom it is addressed and others specifically authorised to receive it. If you are not the intended recipient of this e-mail or any parts of it please telephone 020 7054 8000 immediately upon receipt. No other person is authorised to copy, adapt, forward, disclose, distribute or retain this e-mail in any form without prior specific permission in writing from an authorised representative of GCap Media plc. We will not accept liability for any claims arising as a result of the use of the internet to transmit information by or to GCap Media plc.

GCap Media plc. Registered address: 30 Leicester Square, London WC2H 7LA.  Registered in England & Wales with No. 923454