Re: Speaking about pure fail over - what about pen itself ? from Dominic Marks on 2006-03-28 (stdin)

From: Dominic Marks <dom_at_helenmarks.co.uk>
Date: Mon, 27 Mar 2006 23:03:24 +0100

Ricardo Stella wrote:
>
> Dominic Marks wrote:
>> Ulric Eriksson wrote:
>>> On Mon, 27 Mar 2006 fernando_at_fernandoibanez.com wrote:
>>>
>>>>> I'm only looking at two boxes, except that they will also balance
>>>>> other
>>>>> services located elsewhere. Should the separate interfaces that pen
>>>>> listens to (not the shared one), be real or can they be virtual ?
>>>>> Also, if going with independent LB boxes (such as the original
>>>>> example),
>>>>> do they need to be powerful boxes ? TIA...
>>>> A simple and cheap way to do failover for pen would be using
>>>> failover at the DNS level - with a service like
>>>> Zone Edit (http://zoneedit.com/)
>>>>
>>>> ZoneEdit can test if the server is up and if it is not, it can point
>>>> your domain to a different IP possibly on a different network.
>>> I'm positive that can't work. The old address will be cached on
>>> several levels throughout the Internet and there is no way to clear
>>> all those caches from a central point. If they charge money for the
>>> service, it's a hoax. Otherwise it's just silly.
>>>
>>> Multicast in Linux isn't very reliable (or I'm simply incompetent),
>>> så the vrrp solution isn't as good as it seems. The easiest solution
>>> is to point the domain to two addresses, one for each pen instance.
>>>
>>> Actually, the easiest solution is to install pen on a single server
>>> and forget about it, at least as long as the hardware is reliable.
>>>
>>> Ulric
>> You could also use CARP, free and cross platform. Available on
>> OpenBSD, FreeBSD, NetBSD, Linux (http://www.ucarp.org/project/ucarp).
>> Probably will also make it into MacOS X at some point.
>>
>> Cheers,
>> Dom
>
> Is it pretty much the same as VRRP ? Are there any implementation
> notes/faq/etc online anywhere ? Would it work as the cheapskate example ?

It has some features VRRP lacks, particularly relating to security. In
my experience it works very well at providing fail-over capabilities and
it is pretty easy to use. One thing it does not do well is load
balancing, that is where pen comes in.

http://www.openbsd.org/cgi-bin/man.cgi?query=carp

http://www.openbsd.org/faq/pf/carp.html

Both of these links have practical examples.

As for cheapskate, I don't know what you mean. If anything CARP is
better than VRRP.

> TIA...
>

HTH,
Dom
Received on Tue Mar 28 2006 - 00:03:38 CEST

This archive was generated by hypermail 2.2.0 : Tue Mar 28 2006 - 00:03:38 CEST