Hi, On Mon, Jan 23, 2012 at 08:05:34PM +0000, Reid, Mike wrote: > FYI, > > > The solution turned out to be related to IPTABLES rules that were added > using this approach. > By adding a custom IPTables "CLUSTERIP" chain, the firewall started > letting everything through :) > > Unfortunately, it seems that this approach is somewhat experimental and
What is experimental? The CLUSTERIP chain? Or how it is being used by the RA? > not very stable, How not stable? Thanks, Dejan > so while I finally found my solution, I will be going > back to using individual IPaddr2 Primitives for the time being. > > Thanks, > > Mike > > >Dejan, > > > >Yes, thank you. I realized I was missing "unique_clone_address" in the > >config, which made _most_ of the difference. > > > >However, now I'm seeing some weirdness with regards to ARP -- In my setup, > >I currently have three elastic IPs configured (effectively a small sample > >of my intended IP Range), which all show up as Started, are visible via > >"ip adds show", but only the to-pmost IP in the range is able to be > >pinged?? It appears as if everything is working, I just can't use each of > >the individual IP addresses. I even show all the CLUSTERIP IPTables rules, > >etc. > > > >I'm looking for some recommendations on figuring this out, because as far > >as I can tell it's all working as intended, however the IPs cannot be > >used. In the #linux-ha IRC channel, it was recommended I look into ARP > >issues. > > > >NOTE: I'm running Ubuntu 10.10 / Pacemaker 1.0.9 > > > >FWIW, all of the IP Addresses are Public IPs (against eth0 device) valid > >(confirmed subnet/gateway, etc), since using individual IPaddr2 primitive > >rules work for all of them. It's just when I attempt consolidating the CIB > >configuration to leverage setup of the entire IP Range that it does not > >work as intended. Could this be a bug or side effect of my version? I even > >ensure "libnet1-dev" was installed and re-compile cluster resource agents, > >with no luck. > > > > > >Any help would be very much appreciated. > > > >Best, > >- Mike > > > >On 1/17/12 8:59 PM, "pacemaker-requ...@oss.clusterlabs.org" > ><pacemaker-requ...@oss.clusterlabs.org> wrote: > > > >>$ crm ra info IPaddr2 | grep unique_clone_address > >> > >>Does that help? > >> > >>Thanks, > >> > >>Dejan > > > _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
