[SOLVED] Configure fail-over for management interface

S

simon_lefisch

Member
Jun 20, 2022
27
1
8
Hello everyone,

I am trying to configure a failover for the management interface and was wondering if someone could help me out. Below is how my configuration is now...


Code: 
auto lo
iface lo inet loopback

auto eno1        # this interface is the mangement interface for Promox web GUI
iface eno1 inet static
        address 192.168.1.20/24
        gateway 192.168.1.1

iface eth0 inet manual

iface eth1 inet manual

iface ens3f0 inet manual

iface ens3f1 inet manual

auto eno2        # not used atm, would like this to be the failover for eno1
iface eno2 inet static
        address 192.168.1.21/24

iface eth3 inet manual

iface enp11s0f0 inet manual        # added to vmbr0, would eventually like to create an LACP port with port enp11s0f1 below

iface enp11s0f1 inet manual        # not used atm, would eventually like to create an LACP port with port enp11s0f0 above

iface eth2 inet manual

auto vmbr0        # bridge interface used for the VM network
iface vmbr0 inet static
        address 192.168.1.30/24
        bridge-ports enp11s0f0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

source /etc/network/interfaces.d/*

eno1 and eno2 are integrated NIC ports on the motherboard, and enp11s0f0 and enp11s0f1 is a PCIe card I have installed. So how would I create a failover for the management interface? Just create a bridge and add both ports? If so, I assume it would just failover if one cable was unplugged correct? TIA
 
Thanks for the reply @LnxBil.

I tried searching a bit more and found something similar to your suggestion. I would assume an active-backup bond would be the correct configuration to use?
 
@LnxBil I went ahead and configured the management interface based on the active-backup bond configuration and it looks to be working great! Thanks for providing the info, it is much appreciated.

Next I'll be configuring the VM network in a similar fashion.
 
AFAIK it is actually not advised to have the (primary) corosync-link on a failover-bond, as there is always some delay between it swapping to the other port (which could cause issues), and instead let Corosync itself do the switching.

That said though in a more general sense: Don't have multiple IP's in the same ranges setup, else it won't know which port to take for what traffic. Instead create separate network-ranges for separate tasks, so for example the 192.168.1.X/24 for the normal network (and corosync-backup), 192.168.2.X for the corosync network, either no IP or a 192.168.3.X for the bridge to your VM's (as a third corosync backup)

These networks don't need a default gateway, router or anything like that, just an IP and a subnet, as Proxmox doesn't need to reach internet through this port/network, just the default one
 
Hi @sw-omit,

Here is my configuration after creating the failover:

Code: 
auto lo
iface lo inet loopback

# Added to bond0 below
auto eno1
iface eno1 inet manual

# Added to bond0 below
auto eno2
iface eno2 inet manual

# Bonded interface for Proxmox management (web GUI)
# Interface is setup as a failover, with eno1 being the primary
auto bond0
iface bond0 inet static
        bond-slaves eno1 eno2
        address 192.168.1.20/24
        gateway 192.168.1.1
        bond-miimom 100
        bond-mode active-backup
        bond-primary eno1

Again, this is just for the management interface of Proxmox. The VM network is a separate interface. If the above is not correct, can you provide a link or info on how it should be configured?
 
Ah, must have mis-read something or mixed it with something else. If this is a stand-alone Server, Bonds and the like are fine, it's just when you're joining multiple servers in a cluster that the previous message applies more.

The part about not using multiple IP's in the same range still applies though.
 
You must log in or register to reply here.
Top Bottom