Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I've trying to add a route to a host to force traffic out of a clustered IP address...
IE I have a cluster and the IP address moves from host to host on failure of a resource. The IP address is just a simple alias of an interface so for example... bond0:0 192.168.1.1 and bond0 192.168.1.10
What I want to do is force a program that starts up on the cluster hosts which sends packets out to a listening server to only send out of the cluster ip address.
I did a route add -host 172.22.2.2 gw 192.168.1.1
But this doesn't seem to work if i try to send a ping the packets still go out the wrong address, and more and above that for some reason the ping doesn't work at all. If i remove the route the ping will work again.
Any hints much appreciated.
PS - Ubuntu Hardy and can you do this kind of thing for local interfaces... i'm sure i've done this before?
I almost hate to reply to you because I don't want to ruin your Zero Reply thread, but routing is just that. You may already know this from your experimentation, but I'll explain just in case.
I send a letter from city A to city B. Sometimes it goes through city C. Sometimes city D. City C and D are different routes to the same destination but the letter still originates from City A and arrives in City B. That's routing. Routing tells you how to get there, not where it came from. Where it came from and where it is going is in the Internet Protocol headers.
Here are a few ideas you can look at:
1. Set up NAT, or Network Address Translation. You can use IP Packet Forwarding for this on the cluster box.
2. You could tunnel your commands through ssh like this:
ssh cluster "ping destination_hostname"
3. Set up iptables with redirect rules, probably in conjunction with the #1. iptables can be challenging to use without some tools to help you. I do it, but I'm not going to say I like it, it's a pain.
4. Use httpd and its proxy configuration to bounce your requests off the web server which resides on the cluster box.
5. Use a proxy server like squid on the cluster box and push your requests through that.
I'm sure there are ideas others can provide. I'd look at #1 first. Set up the cluster box as a router with NAT and IP Packet Forwarding. Use iptables only when necessary for your special needs. It sounds like you are looking for a NAT enabled Gateway Router. Linux does really well with this. Some distros are tailored for routing. Slackware has what you need built in but other router oriented distros are easier to set up.
I hope this helps. I'm thinking I don't fully understand what you are actually doing.
Thanks, nice reply. I've got some great knowledge of IP tables and have written a few custom firewalls in my time (i've got to grips with ye olde iptables commands) so this is certainly one method.
I understand what your saying about sending the letter, however I was hoping by adding a static route and saying send the message from this gateway, that it should work. However the route is actually meaning send the letter from this host to that gateway which is also on this host, and that is probably where the problem lies.
That is a shame a nice little route command i was hoping would have solved this problem for me.
Basically the clustered server has a application on it that will send some data to another server (call it: serverstatic) when its started, and being in a cluster I want it to look as though its always coming from the same machine. The problem is that when the app first starts because its not sending the data to the serverstatic machine from the clustered IP address, if the cluster fails over to the other machine then when it sends the data to the serverstatic machine, it un-recognised because its then coming from a different machine. Whereas if set-up how i want it to be, the data will be sent out through the clustered IP address and thus serverstatic would be none the wiser.
I hope that make things a bit clearer. Certainly IPtables is one idea!
So my take away from this is that a NAT enabled Gateway Router is not enough. Because the router would (or could) round-robin new requests to a different backend server, but the response would always end up coming from the machine that first serviced the request.
Diving a little deeper. Is this a Java App Server? If it is, there are facilities that can really help with clusters in Glassfish, for example. If it is a different application environment, I'm not sure I an help much.
One other thing to think about though... With Apache Httpd you and set up a proxy to another machine. The back end application can run on a different system, requests could just be proxied off to those instances. Perhaps there is a way to set up that proxy mechanism to work the way you are describing? I do this for Java, for example, serving up files that end in .jsp would be proxied off to a Tomcat instance on the back end someplace but the requests always still go through the same Httpd server. JSP's appear to be serviced seamlessly though Httpd.
I can give you my set up for that (although I don't use it anymore) if you are interested in using the proxy features of Httpd.
Thanks for the reply. No its not a Java app. The thing is that sometimes its the server that makes calls to the client machine. And thats the reason i need to get this working on the cluster IP address. So the server only calls the client that is Live at the time.
I've also tried this command... which works to a certain extent.
ip route add 172.22.2.2/32 via 192.168.98.254 dev bond0:0
The annoying this is that it doesn't set the source address as i would have expected to bond0:0 address. I've not yet tried the ip tables option i'm going to look at that hopefully tomorrow.