Return-Path: X-Original-To: apmail-cassandra-user-archive@www.apache.org Delivered-To: apmail-cassandra-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D52E610722 for ; Mon, 17 Jun 2013 18:59:38 +0000 (UTC) Received: (qmail 12914 invoked by uid 500); 17 Jun 2013 18:59:36 -0000 Delivered-To: apmail-cassandra-user-archive@cassandra.apache.org Received: (qmail 12889 invoked by uid 500); 17 Jun 2013 18:59:36 -0000 Mailing-List: contact user-help@cassandra.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@cassandra.apache.org Delivered-To: mailing list user@cassandra.apache.org Received: (qmail 12880 invoked by uid 99); 17 Jun 2013 18:59:36 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 17 Jun 2013 18:59:36 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of chris.burroughs@gmail.com designates 209.85.213.180 as permitted sender) Received: from [209.85.213.180] (HELO mail-ye0-f180.google.com) (209.85.213.180) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 17 Jun 2013 18:59:28 +0000 Received: by mail-ye0-f180.google.com with SMTP id r11so1025924yen.39 for ; Mon, 17 Jun 2013 11:59:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=wmegtlQVHC8tQ3grMyQtUlrHHQZj7MmvMRpCxvHFlPU=; b=UYi8PP6lAMznymR+gfGD65r4z8EYHs+LAUFoNiKmXhRNLxoxviMtsdBJQOvZnHzRQ9 /joaeNd8HiOtQDAMtFCg9FszlgEK4+8WiipCCdpbVpqQEO+6qK/5bdiQL2SbNteXZkPR 3XGFz2zihHzsDlSFyiuPFRVMl2zhis8qnxKs2mCoE2hPeNuTk2QRsH7KoDfcaZ5eVnk0 kcga2O7fGO/wqWs5v1hUmxbmPbGTeafO5YuCeDozN854ilsuBGyII3pDVNe4W3qhzdDH Vj/a1uyy5FHmg2Xqxuge5mgROGHaAudMrbSWPSFHj4E2T/Zaw1ZxVOWp1a9BLke9EizR hTNg== X-Received: by 10.236.160.3 with SMTP id t3mr8794966yhk.19.1371495548026; Mon, 17 Jun 2013 11:59:08 -0700 (PDT) Received: from [10.2.1.141] ([8.31.169.254]) by mx.google.com with ESMTPSA id f19sm26103326yhj.3.2013.06.17.11.59.06 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 17 Jun 2013 11:59:07 -0700 (PDT) Message-ID: <51BF5C79.7020905@gmail.com> Date: Mon, 17 Jun 2013 14:59:05 -0400 From: Chris Burroughs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130510 Thunderbird/17.0.6 MIME-Version: 1.0 To: user@cassandra.apache.org Subject: multi-dc clusters with 'local' ips and no vpn Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Cassandra makes the totally reasonable assumption that the entire cluster is in one routable address space. We unfortunately had a situation where: * nodes can talk to each other in the same dc on an internal address, but not talk to each other over their external 1:1 NAT address. * nodes can talk to nodes in the other dc over the external address, but there is no usable shared internal address space they can talk over In case anyone else finds themselves in the same situation we have what we think is a working solution in pre-production. CASSANDRA-5630 handles the "reconnect trick" to prefer the local ip when in the same DC. And some iptables rules allow the local nodes to do the initial gossiping with each other before that switch. for each node in same dc: 'iptables -t nat -A OUTPUT -j DNAT -p tcp --dst %s --dport 7000 -o eth0 --to-destination %s' % (ext_ip, local_ip)