On 1/19/21 6:48 AM, Alexander Zubkov wrote:
You can use VRRP or alike protocol on L2
VRRP (and HSRP) are traditionally / inherently an Active / Passive configuration for any given instance. Conversely, GLBP is Active / Active. So, VRRP (HSRP) isn't a direct comparison for GLBP.
Note: I'm eliding any fancy SDN breaking the rules and pretending to be a first hop redundancy protocol.
The Linux Virtual Server is akin to more traditional load balances and can be a SPOF in and of themselves.
I believe the IPTables "CLUSTERIP" is somewhat akin to MS-NLB in that multiple systems will have the cluster IP bound and will apply an algorithm to see which is answering the Active / Active IP for any given client. Perhaps this can be leveraged as part of a solution for what the OP is wanting.
I don't know how the routing protocols would work in such an Active / Active configuration. As I see it, an A/A configuration would effectively be akin to anycasting in that multiple systems would think and behave as if they were the given IP. Meaning that they would each have their own sessions and state, which would significantly differ from each other. E.g. A/A(1) would connect to peer B and A/A(2) would connect to peer C. Thus both B and C would think they are connected to A/A, though they would be different A/As. B and C would probably be okay with this in a stable state. But I don't know what's going to happen to an established connection when A/A transitions. I expect that B & C connections will end up falling apart and need to be re-established anew. There is also the issue of how do you exchange B & C state between A/A(1) and A/A(2)?
I suspect that CLUSTERIP is something worth exploring / thought experiment. I just don't know if it will pan out or not.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
