📜 ⬆️ ⬇️

Failsafe IP address with ucarp

Task


It is required to ensure the operability of a specific IP address (gateway, important server, etc.) when communication with the device to which this address originally belongs is lost using backup devices.

The article will use Debian Linux, the CARP protocol, and the ucarp utility for this purpose.

Operating principle



Protocols and terms



Linux / Unix Solutions




Test system configuration



Installing ucarp on R1 and R2


apt-get install ucarp

Documentation


In Debian, setting up and launching ucarp is not done directly, but with the help of additional parameters in the standard system settings file / etc / network / interfaces , it is recommended that you first read not “man ucarp” (although this is also not superfluous) and /usr/share/doc/ucarp/README.Debian .
')
This approach has both pros and cons. On the one hand, the setting becomes more visual. On the other hand, if on one interface it is required to support several independent virtual IPs, then for all but the first one, ucarp will have to be started manually.

Tuning to R1


auto eth0
iface eth0 inet static
address 10.255.0.11
netmask 255.255.255.0
ucarp-vid 1
ucarp-vip 10.0.0.1
ucarp-password qwerty1
ucarp-advskew 10

iface eth0:ucarp inet static
address 10.0.0.0.1
netmask 255.255.0.0

iface eth1 inet static
address 10.255.1.11
netmask 255.255.255.0
ucarp-vid 2
ucarp-vip 1.2.3.4
ucarp-password qwerty2
ucarp-advskew 10

iface eth1:ucarp inet static
address 1.2.3.4
netmask 255.255.255.248
gateway 1.2.3.1


Setup on R2


auto eth0
iface eth0 inet static
address 10.255.0.12
netmask 255.255.255.0
ucarp-vid 1
ucarp-vip 10.0.0.1
ucarp-password qwerty1
ucarp-advskew 20

iface eth0:ucarp inet static
address 10.0.0.1
netmask 255.255.0.0

iface eth1 inet static
address 10.255.1.12
netmask 255.255.255.0
ucarp-vid 2
ucarp-vip 1.2.3.4
ucarp-password qwerty2
ucarp-advskew 20

iface eth1:ucarp inet static
address 1.2.3.4
netmask 255.255.255.248
gateway 1.2.3.1


Explanations



The procedure for electing a master of several candidates



Check


  1. On R1 and R2: /etc/init.d/networking restart .
  2. After a few seconds, we run on both " ip a " and see that eth0: ucarp = 10.0.0.1 and eth1: ucarp = 1.2.3.4 are added to R2.
  3. " ip r " shows the route "default via 1.2.3.1" on R2.
  4. Perform "ps axww | grep ucarp "on R1 and R2, see two instances of" / usr / sbin / ucarp -i eth ... "
  5. On the test workstation, run "ping 8.8.8.8" (on Windows, with the " -t " key).
  6. On R2 (with access to the physical console!): /Etc/init.d/networking stop . Ping at the workstation will miss 3-4 responses and resume.
  7. “Ip a” and “ip r” will show that the route and IP addresses disappeared on R2 and appeared on R1.
  8. " arp 10.0.0.1 " on the workstation will show that the gateway's MAC address has changed.

Source: https://habr.com/ru/post/137476/


All Articles