Press "Enter" to skip to content

Direct Server Return Example with Two Single Legged Nodes and VRRP-HA

The Network Setup

Network Setup DSR HA
Network Setup DSR HA

This example is similar to the single legged DSR example, but shows the following more advanced techniques:

  • Dual node HA setup with session table synchronization,
  • Dual port setup which associates ports 80 and 443 to the same session,
  • Health check with external http.monitor script,
  • Session creation based on system load feedback retrieved with the BalanceNG agent “bngagent”.

The configuration files in this example are complete and are meant to be a reference ready for production use.

Establishing the Loopback Aliases

Use the following commands to establish the Loopback-alias on the Targets:

Linux

ifconfig lo:0 <IP-address> netmask 255.255.255.255 -arp up

Solaris

ifconfig lo0:1 plumb
 ifconfig lo0:1 <IP-address> netmask 255.255.255.255 up

Additionally it is necessary to disable invalid ARP replies on Linux as follows:

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

If the target is a Windows system, please follow the steps in the FAQ.

Starting bngagent on both Targets

The BalanceNG feedback agent has to be started on reboot on both targets listening on port 439 like this:

# /usr/local/bin/bngagent 439

The Configuration Files

The default parameter settings of “vrrppreempt” and “sessionssync” are unchanged in order to enable session table synchronization together with a master priority not equal to 255.

The server definition contains two ports 80 and 443, which declares connections to either of them to be related to the same session. If two ports are specified in a server, the target definitions of the associated targets must not contain any specific port or protocol settings.

Node 1

// configuration taken Fri Apr 26 14:21:21 2013
// BalanceNG 3.446 (created 2013/04/26)
hostname master
remark "DSR configuration with dual node HA and session synchronisation"
modules vrrp,arp,ping,hc,master,slb,tnat,nat,rt
interface 1 {
 name eth0
 access raw
} 
register interface 1
enable interface 1
vrrp {
 vrid 9
 priority 200
 network 1
} 
network 1 {
 name "local network"
 addr 172.16.1.0
 mask 255.255.255.0
 real 172.16.1.252
 virt 172.16.1.253
 interface 1
} 
register network 1
enable network 1
server 1 {
 ipaddr 172.16.1.10
 ports 80,443
 protocol tcp
 method agent
 targets 1,2
} 
register servers 1
enable server 1
target 1 {
 ipaddr 172.16.1.100
 agent 439,2,5
 script "/usr/lib/mon/mon.d/http.monitor -p $port$ -u /index.html $ipaddr$",2,7
 dsr enable
} 
target 2 {
 ipaddr 172.16.1.101
 agent 439,2,5
 script "/usr/lib/mon/mon.d/http.monitor -p $port$ -u /index.html $ipaddr$",2,7
 dsr enable
} 
register targets 1,2
enable targets 1,2
// end of configuration

Node 2

// configuration taken Fri Apr 26 14:21:22 2013
// BalanceNG 3.446 (created 2013/04/26)
hostname backup
remark "DSR configuration with dual node HA and session synchronisation"
modules vrrp,arp,ping,hc,master,slb,tnat,nat,rt
interface 1 {
 name eth0
 access raw
} 
register interface 1
enable interface 1
vrrp {
 vrid 9
 priority 100
 network 1
} 
network 1 {
 name "local network"
 addr 172.16.1.0
 mask 255.255.255.0
 real 172.16.1.251
 virt 172.16.1.253
 interface 1
} 
register network 1
enable network 1
server 1 {
 ipaddr 172.16.1.10
 ports 80,443
 protocol tcp
 method agent
 targets 1,2
} 
register servers 1
enable server 1
target 1 {
 ipaddr 172.16.1.100
 agent 439,2,5
 script "/usr/lib/mon/mon.d/http.monitor -p $port$ -u /index.html $ipaddr$",2,7
 dsr enable
} 
target 2 {
 ipaddr 172.16.1.101
 agent 439,2,5
 script "/usr/lib/mon/mon.d/http.monitor -p $port$ -u /index.html $ipaddr$",2,7
 dsr enable
} 
register targets 1,2
enable targets 1,2
// end of configuration