Re: [gentoo-server] Disable ARP

[Jeff Rooney <jtrooney@iyd.com>]

[-- Attachment #1: Type: text/plain, Size: 1634 bytes --]

Ramon van Alteren wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Jeff Rooney wrote:
>   
>> Both methods appear to work as I hoped.
>>     
>
> Good.
>
>   
>> Ramon: you where exactly right, I was following some documentation sent
>> over with some load balancers that I am experimenting with. Unfortunatly
>> their tech staff didn't have any real options for us other than blocking
>> the arp responses via ebtables. 
>>     
>
> Mmmm interesting tech support, out of curiosity what loadbalancers are
> you using ?
>   
Currently I am working with the load master series from Kemp 
Technologies. I am also going to be trying Coyote Point as well, we 
still haven't decided which route to take.
>   
>> Not sure why I didn't think about using
>> the dummy interface instead of the loopback...guess its just been that
>> sort of day for me =)
>>     
>
> I have them too (those days), trying to ram the square block through the
> round hole.... In some cases it even works :-)
>
>   
>> Thanks again for your help Ramon and RijilV.
>>     
>
> You're welcome.
> Word of warning: If you lose the noarp option on one of the real-servers
> you will see very weird erratic behaviour which can be hard to debug.
> Depending on the load you push through the loadbalancer the realserver
> which sends an arp will die immediately or slowly whilst generating
> weird bugs in your app.
>
> Best way to check: login with ssh on the vip
>   
Thanks for the heads up...I am actually probably still going to end up 
running ebtables to filter the outbound arp responses from the vip 
addresses just to be safe.

Thanks again.
--
Jeff

[-- Attachment #2: Type: text/html, Size: 2364 bytes --]