<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi Aaron,<br>
<br>
thanks for the advice, I have set up OpenVPN between nodes and am
looking to set it up like you suggested using that to avoid the
whole NAT thing. Also - this way I can have a single IP for the
tunnel and use my local subnet for DRBD.<br>
<br>
That raises a new question, how to configure <b>/etc/network/interfaces</b>?
Obviously I need the external IP on eth0 and I'm using KVM so I'm
using a bridged interface for the VMs. I have currently 5
resources I want to sync from my 2 node cluster through this
stacked resource. Can I perhaps get a peek at <b>/etc/network/interfaces</b>
from your node that is off-site and behind the VPN?<br>
<br>
With the tunnel active I have the following listed as active :<br>
<br>
<blockquote><tt>root@kvm-srv-03:~# ifconfig</tt><br>
<tt>eth0 Link encap:Ethernet HWaddr 84:2b:2b:40:1b:2f</tt><br>
<tt> inet addr:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx
Mask:255.255.255.252</tt><br>
<tt> inet6 addr: fe80::862b:2bff:fe40:1b2f/64
Scope:Link</tt><br>
<tt> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</tt><br>
<tt> RX packets:650589 errors:0 dropped:0 overruns:0
frame:0</tt><br>
<tt> TX packets:43 errors:0 dropped:0 overruns:0
carrier:0</tt><br>
<tt> collisions:0 txqueuelen:1000</tt><br>
<tt> RX bytes:42452974 (40.4 MiB) TX bytes:7327 (7.1
KiB)</tt><br>
<tt> Interrupt:16 Memory:da000000-da012800</tt><br>
<br>
<tt>eth1 Link encap:Ethernet HWaddr 84:2b:2b:40:1b:30</tt><br>
<tt> inet addr:yyy.yyy.yyy.yyy Bcast:yyy.yyy.yyy.yyy
Mask:255.255.255.0</tt><br>
<tt> inet6 addr: fe80::862b:2bff:fe40:1b30/64
Scope:Link</tt><br>
<tt> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</tt><br>
<tt> RX packets:649179 errors:0 dropped:0 overruns:0
frame:0</tt><br>
<tt> TX packets:2322 errors:0 dropped:0 overruns:0
carrier:0</tt><br>
<tt> collisions:0 txqueuelen:1000</tt><br>
<tt> RX bytes:42322482 (40.3 MiB) TX bytes:325348
(317.7 KiB)</tt><br>
<tt> Interrupt:17 Memory:dc000000-dc012800</tt><br>
<br>
<tt>lo Link encap:Local Loopback</tt><br>
<tt> inet addr:127.0.0.1 Mask:255.0.0.0</tt><br>
<tt> inet6 addr: ::1/128 Scope:Host</tt><br>
<tt> UP LOOPBACK RUNNING MTU:16436 Metric:1</tt><br>
<tt> RX packets:123 errors:0 dropped:0 overruns:0
frame:0</tt><br>
<tt> TX packets:123 errors:0 dropped:0 overruns:0
carrier:0</tt><br>
<tt> collisions:0 txqueuelen:0</tt><br>
<tt> RX bytes:8626 (8.4 KiB) TX bytes:8626 (8.4 KiB)</tt><br>
<br>
<tt>tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00</tt><br>
<tt> inet addr:172.16.0.41 P-t-P:172.16.0.42
Mask:255.255.255.255</tt><br>
<tt> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500
Metric:1</tt><br>
<tt> RX packets:11 errors:0 dropped:0 overruns:0
frame:0</tt><br>
<tt> TX packets:11 errors:0 dropped:0 overruns:0
carrier:0</tt><br>
<tt> collisions:0 txqueuelen:100</tt><br>
<tt> RX bytes:924 (924.0 B) TX bytes:924 (924.0 B)</tt><br>
</blockquote>
<br>
on my local nodes <b>/etc/network/interfaces</b> looks like this:<br>
<br>
<blockquote><tt>root@kvm-srv-01:~# cat /etc/network/interfaces</tt><br>
<tt># The loopback network interface</tt><br>
<tt>auto lo</tt><br>
<tt>iface lo inet loopback</tt><br>
<br>
<tt># The primary network interface</tt><br>
<tt>auto eth0</tt><br>
<tt>iface eth0 inet manual</tt><br>
<br>
<tt># Network bridge</tt><br>
<tt>auto br0</tt><br>
<tt>iface br0 inet static</tt><br>
<tt>address 192.168.0.30</tt><br>
<tt>network 192.168.0.0</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<tt>broadcast 192.168.0.255</tt><br>
<tt>gateway 192.168.0.254</tt><br>
<tt>bridge_ports eth0</tt><br>
<tt>bridge_stp off</tt><br>
<tt>bridge_fd 0</tt><br>
<tt>bridge_maxwait 0</tt><br>
<br>
<tt># The secondary network interface used for DRBD resource
replication</tt><br>
<tt>auto eth1</tt><br>
<tt>allow-hotplug eth1</tt><br>
<tt>iface eth1 inet static</tt><br>
<tt>address 192.168.2.31</tt><br>
<tt>network 192.168.2.0</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<tt>broadcast 192.168.2.255</tt><br>
<br>
<tt>auto eth1:0</tt><br>
<tt>allow-hotplug eth1:0</tt><br>
<tt>iface eth1:0 inet static</tt><br>
<tt>address 192.168.2.41</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<br>
<tt>auto eth1:1</tt><br>
<tt>allow-hotplug eth1:1</tt><br>
<tt>iface eth1:1 inet static</tt><br>
<tt>address 192.168.2.51</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<br>
<tt>auto eth1:2</tt><br>
<tt>allow-hotplug eth1:2</tt><br>
<tt>iface eth1:2 inet static</tt><br>
<tt>address 192.168.2.61</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<br>
<tt>auto eth1:3</tt><br>
<tt>allow-hotplug eth1:3</tt><br>
<tt>iface eth1:3 inet static</tt><br>
<tt>address 192.168.2.71</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<br>
<tt># The tertiary network interface - DMZ</tt><br>
<tt>auto eth2</tt><br>
<tt>iface eth2 inet manual</tt><br>
<br>
<tt># Network bridge - DMZ</tt><br>
<tt>auto br2</tt><br>
<tt>iface br2 inet static</tt><br>
<tt>address 192.168.4.30</tt><br>
<tt>network 192.168.4.0</tt><br>
<tt>netmask 255.255.255.0</tt><br>
<tt>broadcast 192.168.4.255</tt><br>
<tt># static routing</tt><br>
<tt>post-up route add -net 0.0.0.0 gw 192.168.4.254</tt><br>
<tt>pre-down route del -net 0.0.0.0 gw 192.168.4.254</tt><br>
<tt>dns-nameservers 64.59.160.13 64.59.160.15</tt><br>
<tt>bridge_ports eth2</tt><br>
<tt>bridge_stp off</tt><br>
<tt>bridge_fd 0</tt><br>
<tt>bridge_maxwait 0</tt><br>
</blockquote>
on the remote node I still have only my 2 external IPs configured
from the basic Debian set up. :<br>
<blockquote><tt>root@kvm-srv-03:~# cat /etc/network/interfaces</tt><br>
<tt># This file describes the network interfaces available on
your system</tt><br>
<tt># and how to activate them. For more information, see
interfaces(5).</tt><br>
<br>
<tt># The loopback network interface</tt><br>
<tt>auto lo</tt><br>
<tt>iface lo inet loopback</tt><br>
<br>
<tt># The primary network interface</tt><br>
<tt>allow-hotplug eth0</tt><br>
<tt>iface eth0 inet static</tt><br>
<tt> address xxx.xxx.xxx.xxx</tt><br>
<tt> netmask 255.255.255.252</tt><br>
<tt> gateway xxx.xxx.xxx.xxx</tt><br>
<tt> dns-nameservers 64.59.160.15 64.59.161.69</tt><br>
<br>
<tt># The DRBD network interface</tt><br>
<tt>allow-hotplug eth1</tt><br>
<tt>iface eth1 inet static</tt><br>
<tt> address yyy.yyy.yyy.yyy</tt><br>
<tt> netmask 255.255.255.0</tt><br>
<tt> gateway yyy.yyy.yyy.yyy</tt><br>
<tt> dns-nameservers 64.59.160.15 64.59.161.69</tt><br>
</blockquote>
So I'm not at all sure how to alias the IPs through the tunnel at
kvm-srv-03 as I did directly on eth1 on kvm-srv-01.<br>
<br>
Am I making any sense here? I think I'm confusing myself...<br>
<br>
<div class="moz-signature">
<div style="font-family:Arial;font-size:12px">
<p><strong>Paul O’Rorke</strong><br>
Tracker Software Products<br>
<a href="mailto:paul.ororke@tracker-software.com">paul@tracker-software.com</a><br>
</p>
<p> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++<br>
PLEASE NOTE : - If you are sending files for us to look at
or assist with <br>
these must ALWAYS be wrapped in either a ZIP/RAR or 7z FILE
<br>
or they will be removed by our Firewall/Virus management
software. <br>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++<br>
<br>
**Certified by Microsoft** <br>
"Works with Vista" <br>
PDF-XChange & SDK, Image-XChange<br>
PDF-Tools & SDK, TIFF-XChange & SDK. <br>
<br>
Support: <br>
<a href="http://tracker-software.com/support/">http://tracker-software.com/support/</a>
<br>
or <br>
<a href="http://www.tracker-software.com/forum/index.php">http://www.tracker-software.com/forum/index.php</a>
</p>
<p> Download latest Releases <br>
<a href="http://www.tracker-software.com/downloads/">http://www.tracker-software.com/downloads/</a>
<br>
</p>
</div>
</div>
On 9/27/2013 10:26 AM, Aaron Johnson wrote:<br>
</div>
<blockquote cite="mid:5245BFC8.9000203@ajserver.com" type="cite">
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
Paul,<br>
<br>
That config looks right, however you will want to use a VIP
address instead of the IP address of just 1 node. This IP will
move between the 2 local nodes to whichever node is active,
otherwise if when the node with the IP in the local resource is
down you will not get updates to the stacked offsite node.<br>
<br>
Also be aware of private vs. public IP space and how the IPs may
appear when NAT comes into play and which IPs need to appear where
in the config. I avoid this by having my 2 locations connected by
VPN so all addresses are direct, no NAT.<br>
<br>
Aaron<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 9/26/2013 4:06 PM, Paul O'Rorke
wrote:<br>
</div>
<blockquote cite="mid:5244AFE9.30701@tracker-software.com"
type="cite">
<meta content="text/html; charset=UTF-8"
http-equiv="Content-Type">
<div class="moz-cite-prefix">Thanks for that Aaron,<br>
<br>
I'm looking at this page <a moz-do-not-send="true"
href="http://www.drbd.org/users-guide/s-three-nodes.html">http://www.drbd.org/users-guide/s-three-nodes.html</a>
and not quite sure I understand how to merge this with my
current config. Currently I have 5 resources using Protocol C
on my 2 node local cluster. <br>
<br>
For the sake of this set up I will consider the set up one of
these resources with a third node using a stacked resource and
protocol A then hopefully once that is working I can apply
this to the other resources.<br>
<br>
In the example provided it appears that I need to define all
three resources in the one .res file. I have the following 2
config files:<br>
<br>
<b>/etc/drbd.d/global_common.conf</b><br>
global {<br>
usage-count yes;<br>
}<br>
common {<br>
protocol C;<br>
}<br>
<br>
and <br>
<br>
<b>/etc/drbd.d/restored.res</b><br>
resource restored {<br>
device /dev/drbd2;<br>
disk /dev/VirtualMachines/restored;<br>
meta-disk internal;<br>
on kvm-srv-01 {<br>
address 192.168.2.41:7789;<br>
}<br>
on kvm-srv-02 {<br>
address 192.168.2.42:7789;<br>
}<br>
}<br>
<br>
<br>
can I just tack something like this onto the end of <b>/etc/drbd.d/restored.res</b>?<br>
<br>
<pre class="programlisting">resource restored-U {
net {
protocol A;
}
stacked-on-top-of restored {
device /dev/drbd10;
address 192.168.3.41:7788;
}
on buckingham {
device /dev/drbd10;
disk /dev/hda6;
address <fixed IP at backup node>:7788; # Public IP of the backup node
meta-disk internal;
}
}</pre>
<br>
I am also wondering, since I have a spare NIC on my local
nodes, would I be better to use that to connect to my off site
resource or use the LAN connected NIC? In the example above I
used a different subnet for the off site and called the off
site machine 'buckingham'.<br>
<br>
I hope my question makes sense, still finding my feet here.<br>
<br>
Please and thanks<br>
<div class="moz-signature">
<div style="font-family:Arial;font-size:12px">
<p><strong>Paul O’Rorke</strong><br>
Tracker Software Products<br>
<a moz-do-not-send="true"
href="mailto:paul.ororke@tracker-software.com">paul@tracker-software.com</a></p>
</div>
</div>
On 9/25/2013 2:21 PM, Aaron Johnson wrote:<br>
</div>
<blockquote
cite="mid:48224317-CFBC-4E65-91EC-2C301194AC7D@ajserver.com"
type="cite">
<pre wrap="">Yes you can add the stacked resource later, I have done this same thing several times now by making the the device slightly larger first and using internal metadata.
Also I have a DR site using protocol C and pull-ahead enabled without using DRBD proxy. The main site and DR site are connected via cable modem connections (10Mbit up/ 20 down both sides). The only thing I have troubles with is if I need to add a large amount of data (50+ GB), which in my case is fairly rare (daily norm is ~2GB), then it can take days or weeks to sync up fully again. Also I used truck-based updates for the initial setup of ~1TB to avoid having to pull all that over the internet link.
Thanks,
AJ
</pre>
<blockquote type="cite">
<pre wrap="">On Sep 25, 2013, at 7:54 AM, Lionel Sausin <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:ls@numerigraphe.com"><ls@numerigraphe.com></a> wrote:
Le 25/09/2013 08:10, <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:roberto.fastec@gmail.com">roberto.fastec@gmail.com</a> a écrit :
</pre>
<blockquote type="cite">
<pre wrap="">The purpose you are talking about, sounds more as the purpose DRBD Proxy has been developed for
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.linbit.com/en/products-and-services/drbd-proxy">www.linbit.com/en/products-and-services/drbd-proxy</a>
</pre>
</blockquote>
<pre wrap="">Yes and no, my understanding is that DRBD-proxy lets your production cluster run faster than the connection speed by acting like a write cache.
But if I'm not mistaken you still need a stacked configuration for 3 node setups until v9.0 is released.
Someone please correct me if that's wrong of course.
Lionel Sausin
_______________________________________________
drbd-user mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:drbd-user@lists.linbit.com">drbd-user@lists.linbit.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.linbit.com/mailman/listinfo/drbd-user">http://lists.linbit.com/mailman/listinfo/drbd-user</a>
</pre>
</blockquote>
<pre wrap="">_______________________________________________
drbd-user mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:drbd-user@lists.linbit.com">drbd-user@lists.linbit.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.linbit.com/mailman/listinfo/drbd-user">http://lists.linbit.com/mailman/listinfo/drbd-user</a>
</pre>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>