0

I'm using a hot standby server for my postgres database. I've assigned a virtual ip address to the server. In case of a failure I'm switching the virtual ip from the master to the hot standby server. The problem is, that clients accessing the db, still have the old route to the master server in their ARP cache. The hot standby server is not reachable direcly. Is their a way to force the clients to clear their ARP cache?

markus
  • 1,050
  • 5
  • 18
  • 37

2 Answers2

1

Not every host / IP implementation would cache data from a gratuitous ARP (which you could send using arping).

You should be using a daemon which is not just using a virtual IP but also a virtual MAC address for this purpose. Heartbeat / UCARP / VGP are names of software projects that implement this kind of functionality.

the-wabbit
  • 40,319
  • 13
  • 105
  • 169
  • I’m monitoring the postgres db servers with nagios. If nagios detects a problem with postgres it’s calling the a shell script which switches ip addresses and makes the hot standby server tot he master server. I just added „arping -c 1 -S 192.168.1.136 192.168.1.1 „ to the script. If I do a permanent ping to the virtual ip 192.168.1.136 from another machine in the net work, ping is responding continuous now when do the switch. Before it took up to 60+ seconds before ping was answering again. In my test environment it seems to work now. Do I need to care about anything else? – markus Oct 21 '11 at 16:16
  • If all of your database server's communication partners are under your control, then you at least can ensure that a gratuitous ARP is honored for an ARP cache update on all hosts. As I mentioned, hosts, especially routers, [may have this disabled](http://www.cisco.com/en/US/docs/ios/ipaddr/command/reference/iad_arp.html#wp1043032), typically due to security reasons. – the-wabbit Oct 21 '11 at 18:17
0

If the list of IPs for the clients is tractable, you can have the new server ping them all once it has plumbed the virtual IP address. Each client's IP code should update its ARP table upon seeing the IP coming from a new MAC address.

You might be able to ping to a broadcast address -- I've never tried that in any context, let alone trying to tickle other system's to update ARP. But, that would eliminate the stand-by system even needing to know who to ping. You could also just have the stand-by system ping every address in it's local network once it's plumbed the virtual IP.

Craig Constantine
  • 759
  • 8
  • 22