1 |
Ramon van Alteren wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA1 |
4 |
> |
5 |
> Jeff Rooney wrote: |
6 |
> |
7 |
>> Both methods appear to work as I hoped. |
8 |
>> |
9 |
> |
10 |
> Good. |
11 |
> |
12 |
> |
13 |
>> Ramon: you where exactly right, I was following some documentation sent |
14 |
>> over with some load balancers that I am experimenting with. Unfortunatly |
15 |
>> their tech staff didn't have any real options for us other than blocking |
16 |
>> the arp responses via ebtables. |
17 |
>> |
18 |
> |
19 |
> Mmmm interesting tech support, out of curiosity what loadbalancers are |
20 |
> you using ? |
21 |
> |
22 |
Currently I am working with the load master series from Kemp |
23 |
Technologies. I am also going to be trying Coyote Point as well, we |
24 |
still haven't decided which route to take. |
25 |
> |
26 |
>> Not sure why I didn't think about using |
27 |
>> the dummy interface instead of the loopback...guess its just been that |
28 |
>> sort of day for me =) |
29 |
>> |
30 |
> |
31 |
> I have them too (those days), trying to ram the square block through the |
32 |
> round hole.... In some cases it even works :-) |
33 |
> |
34 |
> |
35 |
>> Thanks again for your help Ramon and RijilV. |
36 |
>> |
37 |
> |
38 |
> You're welcome. |
39 |
> Word of warning: If you lose the noarp option on one of the real-servers |
40 |
> you will see very weird erratic behaviour which can be hard to debug. |
41 |
> Depending on the load you push through the loadbalancer the realserver |
42 |
> which sends an arp will die immediately or slowly whilst generating |
43 |
> weird bugs in your app. |
44 |
> |
45 |
> Best way to check: login with ssh on the vip |
46 |
> |
47 |
Thanks for the heads up...I am actually probably still going to end up |
48 |
running ebtables to filter the outbound arp responses from the vip |
49 |
addresses just to be safe. |
50 |
|
51 |
Thanks again. |
52 |
-- |
53 |
Jeff |