Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1A9D0D0A4 for ; Thu, 9 Aug 2012 15:54:48 +0000 (UTC) Received: (qmail 77759 invoked by uid 500); 9 Aug 2012 15:54:47 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 77708 invoked by uid 500); 9 Aug 2012 15:54:47 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 77697 invoked by uid 99); 9 Aug 2012 15:54:47 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Aug 2012 15:54:47 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [72.51.28.127] (HELO webmail.bbits.ca) (72.51.28.127) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Aug 2012 15:54:41 +0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by webmail.bbits.ca (Postfix) with ESMTP id 5005D3F80C6 for ; Thu, 9 Aug 2012 08:54:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at bbits.ca Received: from webmail.bbits.ca ([127.0.0.1]) by localhost (webmail.bbits.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zGEZP2fZPzjx; Thu, 9 Aug 2012 08:54:18 -0700 (PDT) Received: from [192.168.1.66] (d50-98-121-108.bchsia.telus.net [50.98.121.108]) by webmail.bbits.ca (Postfix) with ESMTPSA id 628E23F80C3; Thu, 9 Aug 2012 08:54:18 -0700 (PDT) References: <0A739147-99A4-4382-A66B-3E03A45478C1@kelceydamage.com> <67EF18FDCA335F489B366120481AB6C5EE3BB5FE17@BANPMAILBOX01.citrite.net> In-Reply-To: <67EF18FDCA335F489B366120481AB6C5EE3BB5FE17@BANPMAILBOX01.citrite.net> Mime-Version: 1.0 (1.0) Content-Type: text/plain; charset=us-ascii Message-Id: Content-Transfer-Encoding: quoted-printable X-Mailer: iPhone Mail (9B206) From: "Kelceydamage@bbits" Subject: Re: Virtual Routers and ARP handling Date: Thu, 9 Aug 2012 08:54:18 -0700 To: "cloudstack-dev@incubator.apache.org" X-Virus-Checked: Checked by ClamAV on apache.org Not often at all. I simply set the unsolicited requests to 30s to prove out.= default is os default centos 6.2. All the IPs share the same MAC and the gateway should not be "moving". Again, no issues from a centos guest using it directly as a gateway. Issues o= nly when the VR is using it as a gateway. Sent from my iPhone On Aug 9, 2012, at 1:10 AM, Venkata SwamyBabu Budumuru wrote: > First question I have is : how often your gateway cluster results in unsol= icited ARP broadcast i.e. how quickly the gateway is moving ? >=20 > -----Original Message----- > From: Kelcey Damage [mailto:me@kelceydamage.com]=20 > Sent: Thursday, August 09, 2012 12:15 PM > To: cloudstack-dev@incubator.apache.org > Subject: Virtual Routers and ARP handling >=20 > Not sure if this is a bug, but I have found in testing the Virtual Routers= dump their arp cash almost every 5-10 seconds.=20 >=20 > This makes them loose connectivity if they live behind a perimeter firewal= l cluster running floating IPs for gateway addresses (for example: Conntrack= , CRM/Pacemaker, VRRP). Any vm using a shared network connection to the flo= ating gateway has no issues, but isolated networks requiring the VR to be an= initial gateway will loose connectivity as the Debian VR aggressively flush= es its ARP cache.=20 >=20 > You can even watch connections stop then start when the gateway cluster se= nds its unsolicited ARP broadcasts, and then within a few seconds, stop agai= n. >=20 > Can we look into this? >=20 > My setup is below >=20 > Gateway cluster running:=20 > 4 floating IPs on eth4 (Cloud public network gateways, 1 per zone, all VRs= point to these) > 36 floating IPs on eth0 (SNAT addresses into cloud) > 2 floating IPs on eth1 (Management Gateways) HB on eth2 (Cluster heartbeat= ) >=20 > *No issues connecting VMs directly to the gateway cluster with shared netw= orks(VLAN) >=20 > *connection issues when using isolated networks routed through VR to gatew= ay cluster >=20 > -kelcey >=20 > Sent from my iPhone >=20 >=20