From analysis of a simple ifstated.conf to more compex example

Damien Fleuriot ml at my.gd
Tue Feb 21 07:43:49 UTC 2012 

To be honest, I'm not sure it's a good idea to use different *interfaces*.

Why don't you set multiple IPs on a single carp interface instead ?

On 21 Feb 2012, at 08:29, peter knezel <peter.knezel at gmail.com> wrote:

> Hello Damien,
> 
> preemption is set on both systems, so when master server goes down or
> any CARP interface on master
> goes down, slave becomes master (but only on the CARP interface if
> only that went down).
> 
> Can you have a look at my previous question??:
> if the different carp interfaces
> are used for different purpose (ftp, tftp, scp), is it a good idea to
> put down all of them, if they are able to serve their purpose?
> 
> 
> Thanks and kind regards,
> 
> Peter
> 
> On 16/02/2012, Damien Fleuriot <ml at my.gd> wrote:
>> Preemption is used to ensure that, if a CARP interface goes down on host
>> A, host B will then assume mastership for all interfaces.
>> 
>> It prevents the nasty situation where you'd have, for example:
>> 
>> Public IP: master on host A
>> Private IP: master on host B
>> 
>> servers behind firewalls hosts A and B:
>> - traffic arrives on host A which creates a PF state
>> - servers reply via their default gateway, the CARP IP now master on host B
>> 
>> Host B doesn't have a state for the traffic, drops it.
>> 
>> 
>> To enable preemption you need to run sysctl net.inet.carp.preempt=1 and
>> add the corresponding line to your sysctls file in etc.
>> 
>> 
>> On 2/15/12 7:04 PM, peter knezel wrote:
>>> Well,
>>> 
>>> I am not fully familiar with CARP, but if the different carp interfaces
>>> are used for different purpose (ftp, tftp, scp), is it a good idea to
>>> put down all of them, if they are able to serve their purpose?
>>> 
>>> BTW, what is  CARP preemption and how is it possible to enable it?
>>> 
>>> Kind regards,
>>> 
>>> Peter
>>> 
>>> On 15 February 2012 18:25, Damien Fleuriot <ml at my.gd <mailto:ml at my.gd>>
>>> wrote:
>>> 
>>>    Sorry about the late reply, didn't see yours.
>>> 
>>>    What about enabling CARP preemption to ensure that when a carp
>>> interface
>>>    goes down, the whole set does ?
>>> 
>>> 
>>>    On 2/7/12 9:13 PM, peter knezel wrote:
>>>> Hello Damien,
>>>> 
>>>> I did read your example but cannot get idea from it.
>>>> For three interfaces you have much more possibilities.
>>>> 
>>>> Imagine you start the server from uuu state which is equal to
>>>> net = '( "ifconfig -a -u |grep carp0 > /dev/null" every 3 &&
>>>    "ifconfig -a -u
>>>> |grep carp1 > /dev/null" every 3 && "ifconfig -a -u |grep carp2 >
>>>    /dev/null"
>>>> every 3)'
>>>> 
>>>> Now you put down one carp interface - so system is in state :
>>>> *state one:*
>>>> (duu) || (udu) || (uud) <----which is same as !$net
>>>> run script1.sh
>>>> go to twoff
>>>> 
>>>> now imagine, you put down any other carp interface:
>>>> *state twoff: *
>>>> (dud) || (ddu) || (udd)
>>>> run script2.sh
>>>> go to two
>>>> 
>>>> *state two: *
>>>> put all interfaces up
>>>> run script3.sh
>>>> go to state one
>>>> 
>>>> it means, this is one of the possibilities system can behave (this
>>>> situation does not describe all possible states - I have taken this
>>>> special example.)
>>>> 
>>>> Now if you want to put up after putting down one carp interface, you
>>>> fail since it is in state twoff.
>>>> Only of you put down second carp interface it goes to state two and
>>> if
>>>> you put both up, it will go to state one.
>>>> 
>>>> This is where my ifstated.conf fails to work.
>>>> 
>>>> Kind regards,
>>>> 
>>>> Peter Knezel
>>>> 
>>>> 
>>>> On 7 February 2012 17:02, Damien Fleuriot <ml at my.gd
>>>    <mailto:ml at my.gd> <mailto:ml at my.gd <mailto:ml at my.gd>>>
>>>> wrote:
>>>> 
>>>>    On 2/7/12 3:36 PM, peter knezel wrote:
>>>>> Hello all,
>>>>> 
>>>>> I would like to ask somebody to explain me how the ifstated
>>>    works
>>>>    according to
>>>>> the following configuration file.
>>>>> I have three virtual carp interfaces carp0,carp1 and carp2.
>>>>> 
>>>>> I try to understand the following setting:
>>>>> The server is in state one (all carp interfaces are up) and
>>>    if there
>>>>> is carp down of any:
>>>>> one (carp0 or carp1 or carp2),
>>>>> two ([carp0 and carp1] or [carp0 and carp2] or [carp1 and
>>>    carp2]),
>>>>> three interfaces (carp 0 and carp1 and carp2), server
>>>>> runs the script testdown.sh and put the server into state two.
>>>>> If all carp interfaces are up, the server runs the testup.sh
>>>    and set
>>>>> the state to one.
>>>>> 
>>>> 
>>>>    That is my understanding.
>>>> 
>>>> 
>>>>> Is it the way the system works?
>>>>> Or am I wrong?
>>>>> 
>>>>> ===
>>>>> init-state one
>>>>> 
>>>>> net = '( "ifconfig -a -u |grep carp0 > /dev/null" every 3 &&
>>>>    "ifconfig -a -u
>>>>> |grep carp1 > /dev/null" every 3 && "ifconfig -a -u |grep
>>>    carp2 >
>>>>    /dev/null"
>>>>> every 3)'
>>>>> 
>>>>> state one {
>>>>>       if ( ! $net ) {
>>>>>               run "/usr/local/testdown.sh"
>>>>>               set-state two
>>>>>       }
>>>>> }
>>>>> 
>>>>> state two {
>>>>>       if ( $net ) {
>>>>>               run "/usr/local/testup.sh"
>>>>>               set-state one
>>>>>       }
>>>>> }
>>>>> ===
>>>>> 
>>>>> Is there any possibility to define and set ifstated.conf that
>>>>    reacts when:
>>>>> 
>>>>> any one of the carp interfaces is down - followed by
>>>    another any
>>>>> other carp interface down
>>>>> 
>>>>> 
>>>>> I tried to define states:
>>>>> 
>>>>> duu ="!carp0.link.up && carp1.link.up && carp2.link.up"
>>>>> udu ="carp0.link.up && !carp1.link.up && carp2.link.up"
>>>>> uud ="carp0.link.up && carp1.link.up && !carp2.link.up"
>>>>> ddu ="!carp0.link.up && !carp1.link.up"
>>>>> dud ="!carp0.link.up && !carp2.link.up"
>>>>> udd ="!carp1.link.up && !carp2.link.up"
>>>>> 
>>>>> and used them but somehow I cannot incorporate all state
>>>    changes and
>>>>> include it in ifstated.conf.
>>>>> 
>>>> 
>>>> 
>>>>    Works fine here, did you not have any luck with the file I
>>> posted
>>>>    earlier ?
>>>>    _______________________________________________
>>>>    freebsd-questions at freebsd.org
>>>    <mailto:freebsd-questions at freebsd.org>
>>>    <mailto:freebsd-questions at freebsd.org
>>>    <mailto:freebsd-questions at freebsd.org>>
>>>>    mailing list
>>>>    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>>>    To unsubscribe, send any mail to
>>>>    "freebsd-questions-unsubscribe at freebsd.org
>>>    <mailto:freebsd-questions-unsubscribe at freebsd.org>
>>>>    <mailto:freebsd-questions-unsubscribe at freebsd.org
>>>    <mailto:freebsd-questions-unsubscribe at freebsd.org>>"
>>>> 
>>>> 
>>> 
>>> 
>>

More information about the freebsd-questions mailing list