[Linux-HA] Linksys Port Forwarding Failover Issue

Darren Hoch darren.hoch at litemail.org
Mon Oct 15 07:26:15 MDT 2007


Thanks. This is EXACTLY what I was looking for.


Raoul Bhatia [IPAX] wrote:
> dear darren,
> i do not know about the Linksys BEFW11S4 routers but i (and others) have 
> head good experiences with the followin (wlan) routers, flashed with 
> openwrt or dd-wrt, which basically is linux with admin interfaces.
> - linksys wrt64gl
> - Buffalo WHR-G54S or WHR-HP-G54
> - Asus WL-HDD or WL-500gP
> i guess that there will be other routers without wlan functionallity 
> working with openwrt and dd-wrt too, but i only got to know those 
> stated above.
> as they are running on linux 2.4.30 or so and include iptables, iproute, 
> etc. they should be a good choice for your environment.
> cheers,
> raoul
> On Sun, 14 Oct 2007 15:26:47 -0700, Darren Hoch <darren.hoch at litemail.org>
> wrote:
>> Hello List,
>> Short question:
>> Can any of you recommend a commodity (Linksys, Netgear, etc) with
>> reliable port forwarding (ARP cache updating) that supports heartbeat
>> failovers?
>> Long question:
>> I have a standard 2 node Heartbeat 2.1.2/DRBD (v1, not CRM) cluster
>> running behind a Linksys BEFW11S4 router. It is not my equipment choice
>> by any means, but it is what I was tasked to work with. I am used to
>> working with much more expensive networking equipment that seems to
>> adhere to RFCs. The two nodes (ha1/ha2) have static private addresses
>> ( with a shared IP of in the haresources. The
>> Linksys is configured with a static public IP address and has port
>> forwarding enabled for ports 80 and 25 to
>> The cluster setup works flawlessly (as usual). I can access the ha1 web
>> server via the Internet using port forwarding on the linksys router.
>> What I noticed is that when I conduct a failover with hb_standby , the
>> website is unavailable. I have confirmed the following:
>> 1) The ha2 node has successfully acquired all the resources (DRBD
>> filesystem, IP and start httpd).
>> 2) I can access the website on the shared IP from another web browser on
>> another host via the 10.1.1.X network, confirming the failover.
>> 3) When I fail back to ha1, the website is available again from the
>> outside world.
>> 4) I have the latest firmware on the router (as of yesterday).
>> This leads me to believe that the Linksys is not updating its ARP
>> cache/Port forwarder on failover with the ha2 MAC address for
>> I have confirmed that Heartbeat is sending the ARP on ha2 in the
> ha-debug:
>> IPaddr[3525]:   2007/10/14_16:57:24 DEBUG: Sending Gratuitous Arp for
>> on eth0:0 [eth0]
>> I can also confirm via tcpdump (there were multiple ARP packets):
>> 17:16:19.125292 arp who-has tell
>> 17:16:19.377485 arp reply is-at 00:90:27:f6:0e:d8 (oui Unknown)
>> <snip>
>> And confirmed the MAC on ha2:
>> # ifconfig eth0:0
>> eth0:0    Link encap:Ethernet  HWaddr 00:90:27:F6:0E:D8
>>              inet addr:  Bcast:  Mask:
>> Unless I am missing something here, I assume I need a more intelligent
>> router. The catch is that it has to be a commodity one (under $100).
>> Thanks,
>> Darren
>> _______________________________________________
>> Linux-HA mailing list
>> Linux-HA at lists.linux-ha.org
>> http://lists.linux-ha.org/mailman/listinfo/linux-ha
>> See also: http://linux-ha.org/ReportingProblems

More information about the Linux-HA mailing list