From egarver at redhat.com Thu Mar 25 12:17:21 2021
Content-Type: multipart/mixed; boundary="===============0561002463093051369=="
MIME-Version: 1.0
From: Eric Garver <egarver at redhat.com>
To: firewalld-users at lists.fedorahosted.org
Subject: Re: How to forward the requests to another IP when a specific IP is
 unreachable?
Date: Thu, 25 Mar 2021 08:16:38 -0400
Message-ID: <YFx/JjsmMwi5v9O7@egarver.remote.csb>
In-Reply-To: 1257723645.217701.1616674340136@mail.yahoo.com

--===============0561002463093051369==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

On Thu, Mar 25, 2021 at 12:12:20PM +0000, Jason Long wrote:
> How about a Bash script that check that IP address if that IP was unreach=
able, then use Firewalld to do a forward!

Sure. I'm sure you could hack something up.

> On Thursday, March 25, 2021, 04:15:41 PM GMT+4:30, Eric Garver <egarver(a=
)redhat.com> wrote: =

> =

> =

> =

> =

> =

> On Thu, Mar 25, 2021 at 09:11:05AM -0000, Jason Long wrote:
> > Hello,
> > I have a test lab and its use VirtualBox with two VMs as below:
> > VM1 (node1): This VM has two NICs (NAT, Host-only Adapter)
> > VM2 (node2): This VM has one NIC (Host-only Adapter)
> > =

> > On VM1, I use the NAT interface for the port forwarding: "127.0.0.1:208=
0" on Host=C2=A0 FORWARDING TO 127.0.0.1:80 on Guest.
> > =

> > The IP addresses of my VMs are:
> > 192.168.56.7 node1
> > 192.168.56.8 node2
> > =

> > These nodes using the Pacemaker clustering and when node1 stopped, then=
 a floting IP address (192.168.56.9) replace it.
> > =

> > # pcs cluster stop node1
> > node1: Stopping Cluster (pacemaker)...
> > node1: Stopping Cluster (corosync)...
> > # pcs status
> > Error: error running crm_mon, is pacemaker running?
> >=C2=A0 Could not connect to the CIB: Transport endpoint is not connected
> >=C2=A0 crm_mon: Error: cluster is not available on this node
> > # curl http://192.168.56.9
> > <html>
> >=C2=A0 <body>My Test Site - node2</body>
> >=C2=A0 </html>
> > =

> > In normal state, when I browse "http://127.0.0.1:2080" on my host, then=
 it shows me "My Test Site - node1", but when I stopped node1 cluster and b=
rowse "http://127.0.0.1:2080" it doesn't show me "My Test Site - node2".
> > Can I use Firewalld to forward the requests to "http://192.168.56.9" wh=
en node1 stopped?
> =

> No. You can't use firewalld for that. I think you need a real load
> balance - something like haproxy.
>=20

--===============0561002463093051369==--