[ale] Tricking your clients

Denny Chambers bugfix4u at bellsouth.net
Tue Apr 10 11:25:52 EDT 2001


IP Address Takeover seems to be fairly straight forward. The best way to
accompilsh this seems to be with a 3 IP address solution (This would be
for a two node failover). Each node has a unique IP address assigned to
it. The third IP address is the floating IP address. This floating IP is
first aliased by the primary server. Once a failure is detected the
secondary node then aliases the IP address. The trick is to then get the
clients to update their ARP cache with the new MAC address/IP address.
This is where the gratuiyous ARP comes in. You would need to get your
secondary node to send out an ARP response even though no ARP request
was made. When the clients see that the IP address is already in their
ARP cache and new ARP response are being sent they should update their
cache. This technique is also used in IP spoofing so some routers and
other equipement ignore the ARP response, however I believe alot of
router allow you to configure this option. The nice thing about using
the third IP address is that your primary server can boot back up on
it's own IP address not causing any IP address conflicts. Then with some
simple check the primary server can decide if it needs to re-aliase the
floating IP address or whether it will become the secondary sever now.

Denny 

Dan Mount wrote:
> 
> I'd be interested in what you find out about #2 and 3 (primarily #3).
> I'm doing the same investigation now. I currently accomplish this on
> Win2k with NLBS, but am looking for a Linux solution. So far I've been
> referred to the Advanced Routing HowTo, but haven't run across anyone
> doing this.....
> 
> I'll send you anything that I find.....
> 
> DM
> 
> -----Original Message-----
> From: Denny Chambers [mailto:bugfix4u at bellsouth.net]
> Sent: Tuesday, April 10, 2001 10:44 AM
> To: ale at ale.org
> Subject: [ale] Tricking your clients
> 
> I am doing some research for a mirroring/failover project. I am looking
> at different ways to get the clients to stop communicating with the
> primary server and start communication with the secondary server. There
> seems to be three major ways of doing this.
> 
> 1. DNS tricks (Dynamic DNS) - I am ruling this out for this project,
> because it is to slow in migrating clients over, we will not have access
> to client DNS, and it assumes that your client is referring to all of
> the machines by host name. This is more for web/ftp server failover.
> 
> 2. IP Address Takeover - This is the more popular way and some what more
> documented. This along with gratuitous ARP seems to be the best answer
> right now.
> 
> 3. MAC Address Takeover - This is the reason that I am writing this
> email. I have seen this technique mentioned in a couple of place, but
> not a lot of information is available. So has anyone done or doing this
> now? Can anyone provide some more detailed information on this topic
> (Pros / Cons)?
> 
> Thanks in advance,
> --
> Denny Chambers
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
> body.

-- 
Denny Chambers
Linux Java Engineer
Connex, Inc
Voice: 770-455-7653
Fax: 770-455-7325
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list