0

Suppose I have two routers configured in master/slave configuration.

They look something like this (addresses are not real ones)

123.123.123.10  <===> [eth0] Router 1 (10.1.1.2) [eth1] ===> +----------+
                                                             | 10.1.1.1 | ===> LAN
172.123.123.10  <===> [eth0] Router 2 (10.1.1.3) [eth1] ===> +----------+

The 10.1.1.1 is the default route for the Network (10.1.1.0). What's slightly different in this config to other's I've seen is that I don't have an external virtual IP. Also, the 10.1.1.1 addresses are in real life, public IP's (not private ones shown here). This is more of a router setup than a firewall setup so I'm not using NAT here.

Now the issue that I'm having is that I can't see any way to configure UCARP or VRRP to monitor both eth0 & eth1 and fail over to the backup router should either of them go down. What I'm seeing is that if Router1 is the master and I unplug eth0 on router1, it doesn't fail over to router 2. However, it will if instead I unplug eth1 of router 1.
In VRRP I see there is a cluster group, but it seems that for this to work you need to have virtual ip's or vrrp instances rather than actual interfaces assigned to it.

I hope my explanation is clear. How do I get around this?

hookenz
  • 14,472
  • 23
  • 88
  • 143
  • If the link is lost, the route out the interface should be lost too. It should be possible to make VRRP track a particular route so that if a router has no direct route to a particular destination, it does not claim the VRRP IP. (What VRRP program are you using?) But you shouldn't need to do this anyway. If router 1 has no direct route, it should use router 2's route anyway -- even with static routing. – David Schwartz Nov 14 '12 at 04:29
  • Thanks. I might try VRRP (keepalived) again. UCARP certainly isn't working as I would like in this situation. – hookenz Nov 15 '12 at 00:18
  • UCARP should also have an option to track the status of an interface or route. What program are you using? – David Schwartz Nov 15 '12 at 00:19
  • ucarp under ubuntu 12.04 server. – hookenz Nov 15 '12 at 01:58
  • I notice vrrp has an option track_interface which looks to be what I want. The only issue I'm having with that is now is that vrrp isn't bringing up the virtual IP and no errors are shown in the logs. – hookenz Nov 15 '12 at 01:58
  • ok I fixed that, it was a config typo. by the way ucarp has support for long mac addresses i.e. infiniband. do you know if keepalive has that feature? – hookenz Nov 15 '12 at 02:52

1 Answers1

0

To answer my own question. I eventually found the answer buried in a little documented config file. (Pity the keepalived documention is so out of date, yet the product is still be developed and works very well)

vrrp_instance default {
  virtual_router_id 1
  interface eth2
  priority 50
  track_interface {
    eth0
    eth1
  }
  virtual_ip_address P
    10.1.1.1/24 brd 10.1.1.255 dev bond0 label bond0:vrrp
  }

  #... other config ...
}

The key here is the track_interface. It says that keepalived will monitor the link state of eth0 and eth1 when deciding to fallback. It'll move the node into the fault state.

hookenz
  • 14,472
  • 23
  • 88
  • 143