[SOLVED] Configure fail-over for management interface

[simon_lefisch]

Hello everyone,

I am trying to configure a failover for the management interface and was wondering if someone could help me out. Below is how my configuration is now...

auto lo
iface lo inet loopback

auto eno1        # this interface is the mangement interface for Promox web GUI
iface eno1 inet static
        address 192.168.1.20/24
        gateway 192.168.1.1

iface eth0 inet manual

iface eth1 inet manual

iface ens3f0 inet manual

iface ens3f1 inet manual

auto eno2        # not used atm, would like this to be the failover for eno1
iface eno2 inet static
        address 192.168.1.21/24

iface eth3 inet manual

iface enp11s0f0 inet manual        # added to vmbr0, would eventually like to create an LACP port with port enp11s0f1 below

iface enp11s0f1 inet manual        # not used atm, would eventually like to create an LACP port with port enp11s0f0 above

iface eth2 inet manual

auto vmbr0        # bridge interface used for the VM network
iface vmbr0 inet static
        address 192.168.1.30/24
        bridge-ports enp11s0f0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

source /etc/network/interfaces.d/*

eno1 and eno2 are integrated NIC ports on the motherboard, and enp11s0f0 and enp11s0f1 is a PCIe card I have installed. So how would I create a failover for the management interface? Just create a bridge and add both ports? If so, I assume it would just failover if one cable was unplugged correct? TIA

 

[LnxBil]

Look into bonding, this is what you want and you would not need a failover IP for this.

 

[simon_lefisch]

Thanks for the reply @LnxBil.

I tried searching a bit more and found something similar to your suggestion. I would assume an active-backup bond would be the correct configuration to use?

 

[simon_lefisch]

@LnxBil I went ahead and configured the management interface based on the active-backup bond configuration and it looks to be working great! Thanks for providing the info, it is much appreciated.

Next I'll be configuring the VM network in a similar fashion.

 

[sw-omit]

AFAIK it is actually not advised to have the (primary) corosync-link on a failover-bond, as there is always some delay between it swapping to the other port (which could cause issues), and instead let Corosync itself do the switching.

That said though in a more general sense: Don't have multiple IP's in the same ranges setup, else it won't know which port to take for what traffic. Instead create separate network-ranges for separate tasks, so for example the 192.168.1.X/24 for the normal network (and corosync-backup), 192.168.2.X for the corosync network, either no IP or a 192.168.3.X for the bridge to your VM's (as a third corosync backup)

These networks don't need a default gateway, router or anything like that, just an IP and a subnet, as Proxmox doesn't need to reach internet through this port/network, just the default one

 

[simon_lefisch]

Hi @sw-omit,

Here is my configuration after creating the failover:

auto lo
iface lo inet loopback

# Added to bond0 below
auto eno1
iface eno1 inet manual

# Added to bond0 below
auto eno2
iface eno2 inet manual

# Bonded interface for Proxmox management (web GUI)
# Interface is setup as a failover, with eno1 being the primary
auto bond0
iface bond0 inet static
        bond-slaves eno1 eno2
        address 192.168.1.20/24
        gateway 192.168.1.1
        bond-miimom 100
        bond-mode active-backup
        bond-primary eno1

Again, this is just for the management interface of Proxmox. The VM network is a separate interface. If the above is not correct, can you provide a link or info on how it should be configured?

 

[sw-omit]

Ah, must have mis-read something or mixed it with something else. If this is a stand-alone Server, Bonds and the like are fine, it's just when you're joining multiple servers in a cluster that the previous message applies more.

The part about not using multiple IP's in the same range still applies though.