High-Availability IPs

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
11,593
Can someone explain this to me like I'm five? Our work configuration has me scratching my head. We've got two servers, both with the exact same IP. It's what we call our "HA IP", and as I understand it, the primary server uses it, and the secondary ignores it.

How is this not a duplicate IP violation? I mean, if an ARP request is sent out, shouldn't both servers respond and eff up a routing table? Is there something in the IP stack in the OS that just "shuts off" the interface unless a heartbeat fails?
 

ComputerBox34

[H]F Junkie
Joined
Nov 12, 2003
Messages
13,427
In traditional HSRP or VRRP each box has its own unique IP in the same L2 subnet with a VIP (virtual IP) shared between both of them. Using multicast and broadcast, they elect a leader and the VIP simply points to the IP of the box that is elected and fails over to the other IP if the first box disappears.

It's possible you are not seeing all of the settings that contain info about the IPs of the individual boxes. If not, they must be using some sort of protocol that relies solely on L2 to figure out which box should assume the IP. Can you tell what protocol they are using?
 

Cmustang87

Supreme [H]ardness
Joined
Oct 4, 2007
Messages
4,498
It's also important to note that since in a lot of HA configurations a VIP is used, the MAC address this VIP uses is also a virtual MAC both machines use. In the event of a failure, the VIP and the virtual MAC address are still available.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,831
Do the servers just have one NIC or two or more? If two+, could be the Public IP NIC is kept dormant by the standby server and the sync data is done via the second NIC. Can also assign multiple IPs to a single NIC, where the 'HA IP' is kept dormant until needed by the standby server and the data sync is done over the secondary IP. Lot of ways to do HA.
 
D

Deleted member 12106

Guest
Need to know more details about said server and infrastructure, but on the surface I say what you are describing is not possible.
 

Eickst

[H]ard|Gawd
Joined
Aug 24, 2005
Messages
1,884
Need to know more details about said server and infrastructure, but on the surface I say what you are describing is not possible.

It's pretty common actually. Most networking gear, load balancers, sql server clustering, on and on and etc etc use VIP's for standby/HA purposes.
 

ComputerBox34

[H]F Junkie
Joined
Nov 12, 2003
Messages
13,427
It's pretty common actually. Most networking gear, load balancers, sql server clustering, on and on and etc etc use VIP's for standby/HA purposes.
You are talking at a completely different level though - HSRP, VRRP, Load Balancers are all designed for this. What OP described seems to be something setup on the server/application level.
 

toast0

[H]ard|Gawd
Joined
Jan 26, 2010
Messages
1,801
Can someone explain this to me like I'm five? Our work configuration has me scratching my head. We've got two servers, both with the exact same IP. It's what we call our "HA IP", and as I understand it, the primary server uses it, and the secondary ignores it.

How is this not a duplicate IP violation? I mean, if an ARP request is sent out, shouldn't both servers respond and eff up a routing table? Is there something in the IP stack in the OS that just "shuts off" the interface unless a heartbeat fails?

Depending on how this is setup, one or both of the servers are likely setup _not_ to respond to ARP requests on this IP. This is pretty easy on FreeBSD, add the IP to localhost and it won't arp it, on Linux you can do the same thing, but you also have to fiddle with sysctls http://kb.linuxvirtualserver.org/wiki/Using_arp_announce/arp_ignore_to_disable_ARP . The two servers could negotiate to see which one should respond to arp, or arping could be handled at a nearby router, or if there's a load balancer in front, it will arp, and then forward incoming packets to the selected server(s) via their individual mac addresses (this would be a 'direct server return' load balancer, response packets to the client can go directly out, without touching the load balance; which saves a lot of work on the load balancer, if your network design allows it)
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
821
You are talking at a completely different level though - HSRP, VRRP, Load Balancers are all designed for this. What OP described seems to be something setup on the server/application level.
You must have read a different post because the OPs description in this thread is basic at best

the primary server uses it, and the secondary ignores it.
 

ComputerBox34

[H]F Junkie
Joined
Nov 12, 2003
Messages
13,427
You must have read a different post because the OPs description in this thread is basic at best
His post to me seems to indicate that the configuration is on the server OS level, not the network infrastructure level but I be mis-assuming.
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
821
His post to me seems to indicate that the configuration is on the server OS level, not the network infrastructure level but I be mis-assuming.

The server OS is exactly where one might configure VRRP. I'm guessing you've never configured VRRP on Solaris before huh?
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
20,617
Are they running windows? Windows clustering, which in turn will use virtual IPs for HA.
 
Top