[Csync2] csync2 cannot reach each other using second NIC
Nils Stöckmann
N.Stoeckmann at demetec.de
Wed Sep 5 17:40:03 CEST 2012
Am 05.09.2012 16:55, schrieb Art -kwaak- van Breemen:
> To describe it better: it's: host nodename(@address); Where you use
> the @address if nodename itself does not resolv to the right ip
> address. address can be an ip address, or a resolvable hostname.
now that's an interesting insight, thank you!
To try that, I changed the beginning of csync2.cfg to:
> nossl 172.31.* 172.31.*;
> nossl leihnix*h* leihnix*h*;
>
> group cfg_sync-etc {
> host leihnix6h1 at 172.31.1.16;
> host leihnix5h1 at 172.31.1.11;
and turned /etc/hosts back to:
> 172.31.1.11 leihnix5h1
> 172.31.1.16 leihnix6h1
>
> 127.0.0.1 localhost
>
> 192.168.1.11 leihnix5h1
> 192.168.1.16 leihnix6h1
Which results in the following error:
> SQL: SELECT filename, myname, force FROM dirty WHERE peername =
> '172.31.1.11' ORDER by filename ASC
> SQL Query finished.
> Connecting to host 172.31.1.11 (SSL) ...
> Local> SSL\n
> Peer> OK (activating_ssl).\n
> Establishing SSL connection failed.
> SQL: COMMIT TRANSACTION
although
- 1. I have disabled ssl using nossl directive in csync2.cfg
- 2. SSL worked using the default NIC.
What wonders me most is that the nossl directive is ignored.
Ignoring the certificate is most probably because the SSL certificate is
matched against the address, not against the hostname (which feels
somewhat senseless to me).
Any experience on how to make it work via IP or interface name?
If not, Lars' workaround isn't too bad :)
Regards
Nils Stöckmann
More information about the Csync2
mailing list