Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Daniel_Kavan
Advisor

multihome VIP clusterXL

Hi, 

Has anyone tried to multihome a VIP in clusterXL?  It would be temporary.  We're moving a DMZ network from one firewall to another, otherwise have to change default routes & reboot 20 linux servers.   

0 Kudos
7 Replies
PhoneBoy
Admin
Admin

You mean use multiple subnets on the same physical interface with ClusterXL?
Pretty sure this is NOT supported.

0 Kudos
Daniel_Kavan
Advisor

Same subnet different IPs

The current VIP is 192.168.10.22 and I want it to also listen on 192.168.10.26 temporarily.

0 Kudos
PhoneBoy
Admin
Admin

Pretty sure that's not supported either (multiple VIPs on the same subnet).
That said, you could probably get the same effect by setting up a static ARP for .26 to give the same MAC as .22, so the packets are received by the relevant gateway. 

Daniel_Kavan
Advisor

Maybe we will try that.   I guess even if it doesn't survive a reboot, I could add it back.  Also, you'd only be able to put that on one of the cluster members I assume, so that may be a complication.

0 Kudos
Bob_Zimmerman
Authority
Authority

As long as you don't need the cluster to send traffic from the VIP, you can just add a proxy ARP statement for it. Be sure to add it on both members. That will cause the active member to reply to ARP requests for the IP in question using the same mechanism which causes the active member to reply to ARP requests for the VIP. As long as ARP gets the traffic to the member, you should be fine.

Proxy ARP entries in clish survive reboot as long as you run 'save config'.

Daniel_Kavan
Advisor

eth2 .25 cluster member A

eth2 .24 cluster member B

.26 is the new VIP and .22 is the IP on the old hardware. 

 

So, just to be clear I could add a proxy ARP for .22 in the web ui on each member.

IPv4 Address 192.168.10.22

Interface name eth2 or I can choose MAC and use the same MAC on the respective cluster member.

Real IP on member A will be 192.168.10.25, .24 on B

0 Kudos
Bob_Zimmerman
Authority
Authority

I would add it on the command line, but yes. That's fundamentally how the inbound leg of a ClusterXL VIP works in the first place.

As long as you don't need to negotiate dynamic routing with both IPs, it will work.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events