[Linux-HA] Linksys Port Forwarding Failover Issue

Raoul Raoul
Mon Oct 15 01:45:12 MDT 2007


dear darren,

i do not know about the Linksys BEFW11S4 routers but i (and others) have 
head good experiences with the followin (wlan) routers, flashed with 
openwrt or dd-wrt, which basically is linux with admin interfaces.

- linksys wrt64gl
- Buffalo WHR-G54S or WHR-HP-G54
- Asus WL-HDD or WL-500gP

i guess that there will be other routers without wlan functionallity 
working with openwrt and dd-wrt too, but i only got to know those 
stated above.

as they are running on linux 2.4.30 or so and include iptables, iproute, 
etc. they should be a good choice for your environment.

cheers,
raoul

On Sun, 14 Oct 2007 15:26:47 -0700, Darren Hoch <darren.hoch at litemail.org>
wrote:
> Hello List,
> 
> Short question:
> 
> Can any of you recommend a commodity (Linksys, Netgear, etc) with
> reliable port forwarding (ARP cache updating) that supports heartbeat
> failovers?
> 
> Long question:
> 
> I have a standard 2 node Heartbeat 2.1.2/DRBD (v1, not CRM) cluster
> running behind a Linksys BEFW11S4 router. It is not my equipment choice
> by any means, but it is what I was tasked to work with. I am used to
> working with much more expensive networking equipment that seems to
> adhere to RFCs. The two nodes (ha1/ha2) have static private addresses
> (10.1.1.3/4) with a shared IP of 10.1.1.5 in the haresources. The
> Linksys is configured with a static public IP address and has port
> forwarding enabled for ports 80 and 25 to 10.1.1.5.
> 
> The cluster setup works flawlessly (as usual). I can access the ha1 web
> server via the Internet using port forwarding on the linksys router.
> What I noticed is that when I conduct a failover with hb_standby , the
> website is unavailable. I have confirmed the following:
> 
> 1) The ha2 node has successfully acquired all the resources (DRBD
> filesystem, IP and start httpd).
> 2) I can access the website on the shared IP from another web browser on
> another host via the 10.1.1.X network, confirming the failover.
> 3) When I fail back to ha1, the website is available again from the
> outside world.
> 4) I have the latest firmware on the router (as of yesterday).
> 
> This leads me to believe that the Linksys is not updating its ARP
> cache/Port forwarder on failover with the ha2 MAC address for 10.1.1.5.
> I have confirmed that Heartbeat is sending the ARP on ha2 in the
ha-debug:
> 
> IPaddr[3525]:   2007/10/14_16:57:24 DEBUG: Sending Gratuitous Arp for
> 10.1.1.5 on eth0:0 [eth0]
> 
> I can also confirm via tcpdump (there were multiple ARP packets):
> 
> 17:16:19.125292 arp who-has 10.1.1.5 tell 10.1.1.5
> 17:16:19.377485 arp reply 10.1.1.5 is-at 00:90:27:f6:0e:d8 (oui Unknown)
> 
> <snip>
> 
> And confirmed the MAC on ha2:
> 
> # ifconfig eth0:0
> eth0:0    Link encap:Ethernet  HWaddr 00:90:27:F6:0E:D8
>              inet addr:10.1.1.5  Bcast:10.1.1.255  Mask:255.255.255.0
> 
> Unless I am missing something here, I assume I need a more intelligent
> router. The catch is that it has to be a commodity one (under $100).
> 
> Thanks,
> 
> Darren
> 
> 
> 
> _______________________________________________
> Linux-HA mailing list
> Linux-HA at lists.linux-ha.org
> http://lists.linux-ha.org/mailman/listinfo/linux-ha
> See also: http://linux-ha.org/ReportingProblems
-- 
____________________________________________________________________
DI (FH) Raoul Bhatia M.Sc.          email.          r.bhatia at ipax.at
Technischer Leiter

IPAX - Aloy Bhatia Hava OEG         web.          http://www.ipax.at
Barawitzkagasse 10/2/2/11           email.            office at ipax.at
1190 Wien                           tel.               +43 1 3670030
FN 277995t HG Wien                  fax.            +43 1 3670030 15
____________________________________________________________________




More information about the Linux-HA mailing list