1

We're trying to setup two HA services:

  • Explicit forwarding proxy using Squid (port 8080)
  • SMTP relay to Office365 using Postfix

For both setups we have 2 VM's with a default Debian 7 install, and I've configured keepalived with a vip on all machines:

Primary (10.5.74.10):

vrrp_instance VRRP1 {
  state BACKUP
  interface eth0
  virtual_router_id 1
  priority 200
  nopreempt
  advert_int 1
  virtual_ipaddress {
    10.5.74.12/24 dev eth0
  }
}

Secondary (10.5.74.11):

vrrp_instance VRRP1 {
  state BACKUP
  interface eth0
  virtual_router_id 1
  priority 100
  nopreempt
  advert_int 1
  virtual_ipaddress {
    10.5.74.12/24 dev eth0
  }
}

I'm seeing the floating IP (10.5.74.12) on the master host in its configured addresses. Now I was expecting I could use the squid functionality by making a proxied request via 10.5.74.12 on port 8080, but this doesn't seem to work (timeout)... I have tried configuring the vip in the Squid config directly and such, but I don't see any requests coming in!

I'm expecting the result to be the same when I'm setting up postfix, so I'd like to solve this now. Anybody has any ideas?

Thanks in advance!

Hello_World
  • 11
  • 2

1 Answers1

1

Can you ssh to the 10.5.74.12? If keepalivd is working correctly, it should be possible to ssh to .12 and thus login to the Master node (probably the .10 node).

Also make sure that the variable net.ipv4.ip_forward in /etc/sysctl.conf is set to the following: net.ipv4.ip_nonlocal_bind=1

If it's still not working you can take a look which address squid binds to(netstat -tulpen), is it 0.0.0.0 or 10.5.74.10?

Olaf Elzinga
  • 11
  • 2
  • ssh does not work, the `net.ipv4.ip_forward` and `net.ipv4.ip_nonlocal_bind` variables are both set to '1'. When looking to the ports with netstat, I'm seeing 0.0.0.0:8080 as local address. – Hello_World Oct 03 '18 at 15:39