[LinuxFailSafe] Re-Macing

[Lars Marowsky-Bree]

On 2002-10-15T08:52:44,
   Jan Wegner <jan.wegner@dataprocess.de> said:

> I hope the community can help me.

> I've got two Linux Proxies running on SuSE Linux 7.2. Both machines are
> working between two firewalls (Sun Checkpoint one). If I change the high
> available ip-adress between the machines, the new owner of the ip-adress
> can't work. The problem is that the firewalls don't refresh their arp-cache
> as fast as I need. So I want to move the macadress with the ipadress. 

> How can I do that? How can failsafe do ReMacing?

FailSafe sends out so-called unsolicited ARP updates. Configure the firewall
to acknowledge these in observance of the RFCs.

You could also write a resource type script to setup the MAC correctly via
"ifconfig ... hwaddr ...", but that isn't recommended. It has other problems.

The most obvious one being that in this case, the IP addresses already bound
to the interface change their MAC, so you'd need to send ARP updates for them
instead. This only shifts the problem away; MAC address takeover works only in
_strict_ active/passive configurations (ie, every interface is only used by
one service and not used for cluster communications); this is too limitting to
support cleanly.


Sincerely,
    Lars Marowsky-Brée <lmb@suse.de>

-- 
Principal Squirrel
Research and Development, SuSE Linux AG
 
``Immortality is an adequate definition of high availability for me.''
	--- Gregory F. Pfister