0

i have a setup:

basic network

Orange - is availability zones(AZ). in each AZ there is by 2 subnets:

  • 10.0.1.0/27 & 10.0.0.0/27
  • 10.0.1.32/27 & 10.0.0.32/27

And i'm trying to set up VRRP (it like round thing in the middle), but i can't.

so question is - is it possible to add somehow virtual ip address to 10.0.0.3, something like ifconfig eth0:0 192.168.1.1/24 and be able switch it to 10.0.0.45 when server is down?

I found solution with Elastic IPs, but... in that case traffic is expensive and it external... which is not good.

so... is it possible?

Psychozoic
  • 273
  • 2
  • 4
  • 13
  • You might get more answers if your question explained in a bit more detail what your problem is and exactly what you're trying to achieve, rather than just asking about the solution you have in mind. Also, it's better to explain things fully than rely on abbreviations - I have no idea what VRRP is, but if you explain what you're trying to achieve I might be able to help. – Tim Apr 13 '19 at 04:57

1 Answers1

1

This is not possible as described.

In AWS, a scenario like this would be configured using an Elastic Load Balancer, configured for "internal" use.

Alternately -- but highly not recommended -- you can hack this by assigning an IP address entirely outside the range of the VPC CIDR block (e.g. if the VPC is 10.0.0.0/16, you could use something like 172.21.1.1, but you cannot use anything in 10.0.x.x) as a secondary IP on the Ethernet interface of both of the instances. Do this inside the instance only -- not in the AWS console.

Next, disable IP Source/Destination Check on the instances and you can then specify one instance (by Instance ID) as a route target for that IP in all of the route tables for the VPC.

All other machines inside the VPC can reach that IP address, but nothing outside -- such as VPN or Direct Connect or anything on the other side of a VPC peering connection -- will be able to reach it.

This is probably a terrible idea, but it is a valid configuration.

Michael - sqlbot
  • 21,988
  • 1
  • 57
  • 81
  • Thanks! so, am i getting it right, that i can't use VRRP in different availability zones? because in that case route table will always point to specified instance, and to force it - i'll need implement API requests, that will edit routing table every time 1 server gets down? – Psychozoic Apr 15 '19 at 07:14
  • 1
    That is correct. – Michael - sqlbot Apr 15 '19 at 13:11