similar to: tinc with ha firewall

Hi Saverio, I found conflict: 172.16.1.10 00:50:56:1b:ba:5e VMware, Inc. 172.16.1.10 00:50:56:2b:12:e6 VMware, Inc. (DUP: 2) 172.16.1.10 00:50:56:2b:12:e6 VMware, Inc. (DUP: 3) 172.16.1.10 00:50:56:2b:12:e6 VMware, Inc. (DUP: 4) 172.16.1.10 00:50:56:2b:12:e6 VMware, Inc. (DUP: 5) So my assumptions were wrong ! :D Probably Virtual

This is what I want to avoid :D I want an active Tinc virtual interface active with ip identical of the other firewall, without ip conflict on the same network. Do you know if Tun type virtual interface on one host can have same ip address of another host in the same network without ip conflict ? ie if a tun virtual interface can work active without transmitting on real network ? or if such a

This is a vpn for Disater Recovery sites, so it is not necessary to have a seamless failover, strictly speaking. Encryption instead is mandatory. Testing we found that on Keepalived failover remote Tinc take few seconds to reset the connection and correctly re-connect to the new active firewall (probably new firewall resetting the connection + PingTimeout + some seconds to reconnect). This is

Hi, I have HA firewalls configuration (keepalived) on one site. Each firewall has its own IP and a Virtual IP (VIP) that keepalived activate on one of the firewall (active/passive HA configuration). I think I can set all two firewalls with same configuration, generating key pairs on one firewall and copying that to the second, so the remote host can see always one of the other firewall as the

I think it should work at least for TUN virtual interface as TUn works at IP level. This is a sample configuration. firewall1 lan = 172.16.1.11/19 (ALWAYS ACTIVE) - "Physical Network Interface" - system config as ifcfg-... 172.16.1.10/19 (VIP Keepalived Make active) - Active/Passive configuration with firewall2 firewall1 vpndr1

I tested a little more... tincd does not create virtual interface device correctly on CentOS 7, I don't know where tincd stop, probably on " System call `getaddrinfo' failed: Name or service not known" I sent you before. Keepalived return that error I shown on every ip command but this is not a problem now, I'll see this as soon as possible. If I execute these commands tun

I have 2 firewall in HA with keepalived. Can I use active the same tinc configuration on 2 firewalls ? using tun Interface with same ip on all 2 nodes is a problem ? tun device advertise itself on the network having an IP/MAC pairs (ARP) or the IP is only used by the system internally for routing so using the same configuration is right ? so one firewall be active, the other is passive. With this

Executing: ip tuntap add vpndrif mode tun return Keepalived errors show when tincd start: Jan 22 23:41:19 Keepalived_vrrp[1999]: Netlink: filter function error Jan 22 23:41:19 Keepalived_healthcheckers[1998]: Netlink: filter function error Jan 22 23:41:19 systemd-sysctl[23246]: Overwriting earlier assignment of kernel/shmmax in file '/etc/sysctl.d/99-sysctl.conf'. Jan 22 23:41:19

No parameters using DNS. - tinc.conf content Name = sito1 AddressFamily = ipv4 BindToAddress = <IPPUB>:665 BindToInterface = int Device=/dev/net/tun Interface = vpndrif Mode = router PingInterval = 60 PingTimeout = 5 ProcessPriority = normal - host/sito1 content Address = <IPPUB>:665 Subnet = <IPLOCAL>/<NETMASK> Port = 655 -----BEGIN RSA PUBLIC KEY----- ... -----END

Hi I have two server directors in ring and 5 dovecot servers (2.2.36) IP for IMAP and POP3 is a VIP (keepalived) What is the best solutions to get realy HA for 5 dovecot servers ? Maby corosync+pacemeker ? But this solution is too problematic and hardcore Why I need HA ? Doveadmin is too lazy and doveadm director does not know that one machine broke down and still sends traffic

Hi System debian 8.11 and dovecot-2.2.36.4 My webmail is roundcube with imapproxy. I have one problem. My dovecot servers is are in a cluster with keepalived like: dovecot1----VIP-IP--------dovecot2 All works fine I have a problem with imapproxy when a server dovecot1 had a problem (kernel panic sic!) Keepalived works perfecty and moved VIP to dovecot2 - all works fine for normal users but

> On 08/04/2020 16:11 Maciej Milaszewski <maciej.milaszewski at iq.pl> wrote: > > > Hi > System debian 8.11 and dovecot-2.2.36.4 My webmail is roundcube with > imapproxy. > > I have one problem. > > My dovecot servers is are in a cluster with keepalived like: > > dovecot1----VIP-IP--------dovecot2 > > All works fine > > I have a problem

Hello, I am working on setting up an Active/Passive Samba cluster on Ubuntu 14.04 using Samba 4.1.6. Samba will be sharing an NFS mount so that it can be accessible to CIFS clients. Thus, the server setup is as follows: -- cifs0 -- / \ / \ NFS_Server VIP --- CIFS clients \ / \ /

On 02/25/2018 08:29 PM, TomK wrote: > Hey Guy's, > > A success story instead of a question. > > With your help, managed to get the HA component working with HAPROXY and > keepalived to build a fairly resilient NFS v4 VM cluster.? ( Used > Gluster, NFS Ganesha v2.60, HAPROXY, keepalived w/ selinux enabled ) > > If someone needs or it could help your work, please PM

Em 29-09-2015 15:03, Gordon Messmer escreveu: > On 09/29/2015 09:14 AM, Tim Dunphy wrote: >> And if I do an ifconfig command I see no evidence of an eth1 existing. > > "ifconfig -a" will show you all of your interfaces. Maybe there is a confusion here. Sounds like Tim thought keepalived would create that eth1, like a tunnel interface, but it won't. You have to

Hey Guy's, A success story instead of a question. With your help, managed to get the HA component working with HAPROXY and keepalived to build a fairly resilient NFS v4 VM cluster. ( Used Gluster, NFS Ganesha v2.60, HAPROXY, keepalived w/ selinux enabled ) If someone needs or it could help your work, please PM me for the written up post or I could just post here if the lists allow it.

I would like to see the steps for reference, can you provide a link or just post them on mail list? On Mon, Feb 26, 2018 at 4:29 AM, TomK <tomkcpr at mdevsys.com> wrote: > Hey Guy's, > > A success story instead of a question. > > With your help, managed to get the HA component working with HAPROXY and > keepalived to build a fairly resilient NFS v4 VM cluster. ( Used

Hi, list, I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA. My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness),

On 11.4.2019 11.44, luckydog xf via dovecot wrote: > Hi, list, > > ? ? ?I'm going to deploy postfix?+ dovecot?+ CephFS( as Mail Storage). > Basically I want to use two servers for them, which? is kind of HA. > ? > ? ? My idea is that using keepalived or Pacemaker to host a VIP, which > could fail over the other server once one is down. And I'll use > Haproxy or

has anyone expereience with setting this up or better yet documented this procedure?? I have gotten samba to talk to my ldap 2.0x server but it will not allow me to use the net command to modify group mappings. I am including a dump of my samba log at debug level 10 when I issue these commands and the general section of my smb.conf file. --- commands issued [root@bast samba]# bin/net