From: "Dmitry Golubev" <dmitrijs@mt.lv>
To: lartc@vger.kernel.org
Subject: Re: Re: [LARTC] VRRPD (rfc2338)
Date: Thu, 12 Dec 2002 14:44:01 +0000 [thread overview]
Message-ID: <marc-lartc-103970435030477@msgid-missing> (raw)
Hello,
But as far as I know, there is no VRRP implementations that fully comply
with rfc2338 as it requires multiple MAC addresses for the one poor linux
box's interface. Maybe, someone can suggest a working solution of this
problem?
I have seen one idea, but haven't tested it yet (hope someone can try it out):
To bridge the physical iface with TAP on which the vrrpd (or keepalived) is
running. In that case we could make the VRRP-router that fully comply with RFC.
For more info see: http://www.math.leidenuniv.nl/pipermail/bridge/2002-June/002021.html
BR, Dmitry
==== At 2002-12-11, 03:56:00 you wrote: ===
>The daemon at http://www.keepalived.org/ is the VRRPd implementation
>that's supposed to be the best. It's actually part of the Linux Virtual
>Server project (layer 4 load balancer), but the author claims you should
>be able to use it as a pure VRRP daemon -- although when I've read the
>doc, I couldn't figure out how. (But don't be discouraged by my
>impatience. :) It's supposed to be the most mature and ready-for-production.
>
>There's also Jerome Etienne's reference implementation (don't have a
>URL, but it's easy to Google). However, I've heard from more than place
>that this is too proof-of-concept and perhaps not production-worthy.
>Here's a link to a paper about running VRRPd as the hotspare protocol
>for linux firewalls (uses Jerome Etienne's implementation):
>http://www.gnusec.com/resource/security/docs/HAFirewallLinux-VRRP.pdf.
>
>BTW, keep in mind that if you intend to use VRRP in an environment with
>Cisco routers, you'll need to do some work on them too. Cisco routers do
>not accept multicast MAC addresses as legit ARP replies by default.
>Unfortunately, the VRRP RFC and all implementations use multicast MACs.
>What that means is that you'll need to either 1) turn the switch on the
>Cisco routers that makes them accept multicast MAC ARP replies (good),
>or 2) put a static ARP entry in the Cisco routers for the VRRP multicast
>MACs (better).
>
>Hope that helps.
>
>-S
>
>
>Anton Tinchev wrote:
>
>>Can someone point me for good VRRPD (rfc2338) implementation on linux.
>>Some stable and live project
>>Thanks
>>
>>_______________________________________________
>>LARTC mailing list / LARTC@mailman.ds9a.nl
>>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>>
>>
>
>_______________________________________________
>LARTC mailing list / LARTC@mailman.ds9a.nl
>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next reply other threads:[~2002-12-12 14:44 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-12 14:44 Dmitry Golubev [this message]
2002-12-13 18:35 ` Re: [LARTC] VRRPD (rfc2338) Dmitry Golubev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103970435030477@msgid-missing \
--to=dmitrijs@mt.lv \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.