Rex
22-06-10, 09:00
Hi everybody.
Let me provide you a little bit more informations about our warning emails of IP's.
Why we send it ?
ARP flooding due of faulty configurations on server do too many 'NOISE' in the network.
So we try to advise everybody about the bad configurations.
You can find 3 cases of errors and here are the solutions:
1) You are using an failover ip WITHOUT an virtual mac as an simple ALIAS:
Use the good configuration for your Failover IP: http://help.ovh.co.uk/IpAlias
important is that you use the good netmask and the right broadcast !
1a) your IP's are an BLOC RIPE NOT SPLITTED:
use the netmask and broadcast that you have received in the email for the allocation of the bloc.
1b) if your IP's are issue from an bloc ripeand if the bloc ripe is SPLITTED and if you NOT use an virtual mac:
the rules are the same as for an normal failover ip !! ( see case 1 )
Notice
An simple failover has not to use an GATEWAY. The ip is routed over the physical IP.
2) you use an failover ip WITH an virtual mac:
so you must ensure that the GATEWAY for the IP is the REAL gateway of your server.
Example:
if the IP of your server is : 91.121.xxx.129 the gateway of your server is 91.121.xxx.254
An failover WITH virtual mac on this host: 91.121.xxx.129 must use:
- 91.121.xxx.254 as gateway
- the assigned mac as mac for the virtual interface
3) you use an failover WITHOUT an virtual mac ON an VIRTUAL MACHINE throught 'NAT'
So your IP must NOT use the default gateway of server ( ip.ser.ver.254 ) BUT the physical IP of your eth0 !!
So the gateway for an IP failover in mode NAT is ip.of.your.server
VRACK customers has not to use the explanations here. They have their OWN guides. http://help.ovh.co.uk/vrack !!
In vrack a lot of configurations and errors can be possible. This are too many cases for explain here but you always welcome to ask us !
---
Some FAQ:
Why I receive an alerte for bad configuration when my IP works. ?
An IP can work and can have bad configuration. The IP works but not in the CLEAN way.
server1.ovh.net: 2 failovers with bad configuration
server2.ovh.net: 2 failovers with bad configuration
Sometimes server1.ovh.net ( or one of his failovers ) try to talk with an failover on server2.ovh.net.
Bad configuration do that this not work ( error ARP becaus the router can not update his ARP table ) .
We have ARP who has in our SLA. This is not normal and so we sent an email.
5 minutes later the server1.ovh.net talk directly to server2.ovh.net and the ARP table is updated. Than the error ARP disappears. But not your bad configuration and than after I time, is happen again.
So is important to fix this errors.
How can I see wath is happen?
Using tcpdump and guides for each configuration can help.
First check if the configuration of your usage is as explained in the guide.
Then check in tcpdump what's wrong.
I hope my little message can help you to understand that we have a lot of possibility of errors and that we not can provide 1 solution for everybody.
Cheers,
Angie
Let me provide you a little bit more informations about our warning emails of IP's.
Why we send it ?
ARP flooding due of faulty configurations on server do too many 'NOISE' in the network.
So we try to advise everybody about the bad configurations.
You can find 3 cases of errors and here are the solutions:
1) You are using an failover ip WITHOUT an virtual mac as an simple ALIAS:
Use the good configuration for your Failover IP: http://help.ovh.co.uk/IpAlias
important is that you use the good netmask and the right broadcast !
1a) your IP's are an BLOC RIPE NOT SPLITTED:
use the netmask and broadcast that you have received in the email for the allocation of the bloc.
1b) if your IP's are issue from an bloc ripeand if the bloc ripe is SPLITTED and if you NOT use an virtual mac:
the rules are the same as for an normal failover ip !! ( see case 1 )
Notice
An simple failover has not to use an GATEWAY. The ip is routed over the physical IP.
2) you use an failover ip WITH an virtual mac:
so you must ensure that the GATEWAY for the IP is the REAL gateway of your server.
Example:
if the IP of your server is : 91.121.xxx.129 the gateway of your server is 91.121.xxx.254
An failover WITH virtual mac on this host: 91.121.xxx.129 must use:
- 91.121.xxx.254 as gateway
- the assigned mac as mac for the virtual interface
3) you use an failover WITHOUT an virtual mac ON an VIRTUAL MACHINE throught 'NAT'
So your IP must NOT use the default gateway of server ( ip.ser.ver.254 ) BUT the physical IP of your eth0 !!
So the gateway for an IP failover in mode NAT is ip.of.your.server
VRACK customers has not to use the explanations here. They have their OWN guides. http://help.ovh.co.uk/vrack !!
In vrack a lot of configurations and errors can be possible. This are too many cases for explain here but you always welcome to ask us !
---
Some FAQ:
Why I receive an alerte for bad configuration when my IP works. ?
An IP can work and can have bad configuration. The IP works but not in the CLEAN way.
server1.ovh.net: 2 failovers with bad configuration
server2.ovh.net: 2 failovers with bad configuration
Sometimes server1.ovh.net ( or one of his failovers ) try to talk with an failover on server2.ovh.net.
Bad configuration do that this not work ( error ARP becaus the router can not update his ARP table ) .
We have ARP who has in our SLA. This is not normal and so we sent an email.
5 minutes later the server1.ovh.net talk directly to server2.ovh.net and the ARP table is updated. Than the error ARP disappears. But not your bad configuration and than after I time, is happen again.
So is important to fix this errors.
How can I see wath is happen?
Using tcpdump and guides for each configuration can help.
First check if the configuration of your usage is as explained in the guide.
Then check in tcpdump what's wrong.
I hope my little message can help you to understand that we have a lot of possibility of errors and that we not can provide 1 solution for everybody.
Cheers,
Angie