From hack3rcon at yahoo.com Thu Mar 25 12:12:31 2021
Content-Type: multipart/mixed; boundary="===============5806235121870003269=="
MIME-Version: 1.0
From: Jason Long <hack3rcon at yahoo.com>
To: firewalld-users at lists.fedorahosted.org
Subject: Re: How to forward the requests to another IP when a specific IP is
 unreachable?
Date: Thu, 25 Mar 2021 12:12:20 +0000
Message-ID: <1257723645.217701.1616674340136@mail.yahoo.com>
In-Reply-To: YFx34CCFUN0SmQTj@egarver.remote.csb

--===============5806235121870003269==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

How about a Bash script that check that IP address if that IP was unreachab=
le, then use Firewalld to do a forward!






On Thursday, March 25, 2021, 04:15:41 PM GMT+4:30, Eric Garver <egarver(a)r=
edhat.com> wrote: =






On Thu, Mar 25, 2021 at 09:11:05AM -0000, Jason Long wrote:
> Hello,
> I have a test lab and its use VirtualBox with two VMs as below:
> VM1 (node1): This VM has two NICs (NAT, Host-only Adapter)
> VM2 (node2): This VM has one NIC (Host-only Adapter)
> =

> On VM1, I use the NAT interface for the port forwarding: "127.0.0.1:2080"=
 on Host=C2=A0 FORWARDING TO 127.0.0.1:80 on Guest.
> =

> The IP addresses of my VMs are:
> 192.168.56.7 node1
> 192.168.56.8 node2
> =

> These nodes using the Pacemaker clustering and when node1 stopped, then a=
 floting IP address (192.168.56.9) replace it.
> =

> # pcs cluster stop node1
> node1: Stopping Cluster (pacemaker)...
> node1: Stopping Cluster (corosync)...
> # pcs status
> Error: error running crm_mon, is pacemaker running?
>=C2=A0 Could not connect to the CIB: Transport endpoint is not connected
>=C2=A0 crm_mon: Error: cluster is not available on this node
> # curl http://192.168.56.9
> <html>
>=C2=A0 <body>My Test Site - node2</body>
>=C2=A0 </html>
> =

> In normal state, when I browse "http://127.0.0.1:2080" on my host, then i=
t shows me "My Test Site - node1", but when I stopped node1 cluster and bro=
wse "http://127.0.0.1:2080" it doesn't show me "My Test Site - node2".
> Can I use Firewalld to forward the requests to "http://192.168.56.9" when=
 node1 stopped?

No. You can't use firewalld for that. I think you need a real load
balance - something like haproxy.

--===============5806235121870003269==--