Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.
Hi, >> (1) start DRBD. >> node01 is "Primary" and node02 is "Secondary". >> (2) block the replication port on node02. >> # iptables -A INPUT -i bond0 -p tcp --dport 7790 -j DROP > > insufficient. > you have to block OUTPUT as well. Blocking both INPUT and OUTPUT goes to split brain, doesn't it? > DRBD has _two_ tcp sessions per device, > one end will have a "random high port", > the end the configured port. Are these two sessions for "data" and "meta" socket as you mentioned below? I think I want to simulate the blocking of "meta" socket. DRBD can not replicate the data if "data" socket is blocked and DRBD reopen the new socket if "meta" socket is blocked, Is that right? >> if so, which parameter handles the timing of restaring, connect-int in drbd.conf? > > man drbdsetup. > online: http://www.drbd.org/users-guide/re-drbdsetup.html It seems that connect-int have some effect, but I could not find the right parameter... > There is nothing that guarantees which node ends up with which end, > typically both have one high port, one configured, but that is > by no means necessary, it can just as well end up with > one node having both configured ports, the other both high ports. > >> the result is; >> >> * protocol B,C >> DRBD did nothing. > > You _by chance_ only blocked the "data" socket. > >> * protocol A >> It seems that DRBD restarted its threads. > > You _by chance_ happened to block the "meta" socket. > >> Q1, protocol A is only able to restart the threads, right? > > wrong question, no answer. > >> if so, which parameter handles the timing of restaring, connect-int in drbd.conf? > > man drbdsetup. > online: http://www.drbd.org/users-guide/re-drbdsetup.html > > >> Q2, Both of receiver and asender thread will restart with new PID? >> syslog said; >> >> Terminating asender thread >> Restarting receiver thread >> Starting asender thread (from drbd0_receiver [27363]) > > irrelevant. > >> --- netstat on node2--- >> >> # date; iptables -A INPUT -i bond1 -p tcp --dport 7790 -j DROP >> 15:36:48 JST > > I suggest to prepare it like this: > iptables -N simulbreak > for c in INPUT OUTPUT ; do > for d in sport dport ; do > iptables -I $c -p tcp --$d -j simulbreak > done > done > > then break it with "iptables -I simulbreak -j DROP", > heal it with "iptables -I simulbreak -j ACCEPT". > > -- > : Lars Ellenberg > : LINBIT | Your Way to High Availability > : DRBD/HA support and consulting http://www.linbit.com > > DRBD® and LINBIT® are registered trademarks of LINBIT, Austria. > __ > please don't Cc me, but send to list -- I'm subscribed > _______________________________________________ > drbd-user mailing list > drbd-user at lists.linbit.com > http://lists.linbit.com/mailman/listinfo/drbd-user >