High-Availability IPs

[TeeJayHoward]

Can someone explain this to me like I'm five? Our work configuration has me scratching my head. We've got two servers, both with the exact same IP. It's what we call our "HA IP", and as I understand it, the primary server uses it, and the secondary ignores it.

How is this not a duplicate IP violation? I mean, if an ARP request is sent out, shouldn't both servers respond and eff up a routing table? Is there something in the IP stack in the OS that just "shuts off" the interface unless a heartbeat fails?

 

[ComputerBox34]

In traditional HSRP or VRRP each box has its own unique IP in the same L2 subnet with a VIP (virtual IP) shared between both of them. Using multicast and broadcast, they elect a leader and the VIP simply points to the IP of the box that is elected and fails over to the other IP if the first box disappears.

It's possible you are not seeing all of the settings that contain info about the IPs of the individual boxes. If not, they must be using some sort of protocol that relies solely on L2 to figure out which box should assume the IP. Can you tell what protocol they are using?

 

[Cmustang87]

It's also important to note that since in a lot of HA configurations a VIP is used, the MAC address this VIP uses is also a virtual MAC both machines use. In the event of a failure, the VIP and the virtual MAC address are still available.

 

[Dead Parrot]

Do the servers just have one NIC or two or more? If two+, could be the Public IP NIC is kept dormant by the standby server and the sync data is done via the second NIC. Can also assign multiple IPs to a single NIC, where the 'HA IP' is kept dormant until needed by the standby server and the data sync is done over the secondary IP. Lot of ways to do HA.

 

[Deleted member 12106]

Need to know more details about said server and infrastructure, but on the surface I say what you are describing is not possible.

 

[Eickst]

Need to know more details about said server and infrastructure, but on the surface I say what you are describing is not possible.

It's pretty common actually. Most networking gear, load balancers, sql server clustering, on and on and etc etc use VIP's for standby/HA purposes.

 

[ComputerBox34]

It's pretty common actually. Most networking gear, load balancers, sql server clustering, on and on and etc etc use VIP's for standby/HA purposes.

You are talking at a completely different level though - HSRP, VRRP, Load Balancers are all designed for this. What OP described seems to be something setup on the server/application level.

 

[toast0]

Can someone explain this to me like I'm five? Our work configuration has me scratching my head. We've got two servers, both with the exact same IP. It's what we call our "HA IP", and as I understand it, the primary server uses it, and the secondary ignores it.

How is this not a duplicate IP violation? I mean, if an ARP request is sent out, shouldn't both servers respond and eff up a routing table? Is there something in the IP stack in the OS that just "shuts off" the interface unless a heartbeat fails?

Depending on how this is setup, one or both of the servers are likely setup _not_ to respond to ARP requests on this IP. This is pretty easy on FreeBSD, add the IP to localhost and it won't arp it, on Linux you can do the same thing, but you also have to fiddle with sysctls http://kb.linuxvirtualserver.org/wiki/Using_arp_announce/arp_ignore_to_disable_ARP . The two servers could negotiate to see which one should respond to arp, or arping could be handled at a nearby router, or if there's a load balancer in front, it will arp, and then forward incoming packets to the selected server(s) via their individual mac addresses (this would be a 'direct server return' load balancer, response packets to the client can go directly out, without touching the load balance; which saves a lot of work on the load balancer, if your network design allows it)

 

[Nicklebon]

You are talking at a completely different level though - HSRP, VRRP, Load Balancers are all designed for this. What OP described seems to be something setup on the server/application level.

You must have read a different post because the OPs description in this thread is basic at best

the primary server uses it, and the secondary ignores it.

 

[ComputerBox34]

You must have read a different post because the OPs description in this thread is basic at best

His post to me seems to indicate that the configuration is on the server OS level, not the network infrastructure level but I be mis-assuming.

 

[Nicklebon]

His post to me seems to indicate that the configuration is on the server OS level, not the network infrastructure level but I be mis-assuming.

The server OS is exactly where one might configure VRRP. I'm guessing you've never configured VRRP on Solaris before huh?

 

[MrGuvernment]

Are they running windows? Windows clustering, which in turn will use virtual IPs for HA.