Please login or register. June 23, 2017, 10:10:05 AM

Author Topic: Question about PowerHA and NFS export in RG  (Read 5909 times)

0 Members and 1 Guest are viewing this topic.

OdO

  • Full Member
  • ***
  • Posts: 17
  • Karma: +0/-0
Question about PowerHA and NFS export in RG
« on: July 18, 2012, 02:01:41 PM »
printf ("Hello World!\n");

I export NFS filesystem from PowerHA Resource Group on IP service.
I trying to mount the file system on the client (from other sub network) but the firewall blocks the NFS response packet from server because the NFS server replies using the persistent ip address. After, NFS traffic use IP service address.
How can I force NFS traffic to Service IP address

AIX Client IP: 192.168.30.2
node2 Persistent IP: 10.26.180.75
node2 Service IP: 10.26.180.55

Below tcpdump trace:
07:26:42.350032 IP 192.168.30.2.702 > 10.26.180.55.sunrpc: UDP, length 56
07:26:42.350556 IP 10.26.180.75.sunrpc > 192.168.30.2.702: UDP, length 28
07:26:42.359192 IP 192.168.30.2.702 > 10.26.180.55.48389: S 144548453:144548453(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1343017240 0>
07:26:42.359548 IP 10.26.180.55.48389 > 192.168.30.2.702: S 606666927:606666927(0) ack 144548454 win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 1950202575 1343017240>
07:26:42.359739 IP 192.168.30.2.702 > 10.26.180.55.48389: . ack 1 win 32761 <nop,nop,timestamp 1343017240 1950202575>
07:26:42.359783 IP 192.168.30.2.702 > 10.26.180.55.48389: P 1:45(44) ack 1 win 32761 <nop,nop,timestamp 1343017240 1950202575>
07:26:42.360047 IP 10.26.180.55.48389 > 192.168.30.2.702: . ack 1 win 65522 <nop,nop,timestamp 1950202575 1343017240>
07:26:42.360797 IP 10.26.180.55.48389 > 192.168.30.2.702: P 1:29(28) ack 45 win 65522 <nop,nop,timestamp 1950202575 1343017240>

Regards,
Odo  ;D

 


Michael

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +0/-0
Re: Question about PowerHA and NFS export in RG
« Reply #1 on: July 19, 2012, 04:44:27 PM »
I assume you do not have the export in /etc/exports; only in the HACMP RG description.

If I recall correctly - persistent IP addresses and service IP addresses should not be in the same IP net/subnet. It has been a while since I have done a presentation/installation of PowerHA/SystemMirror - but I believe when using IP aliasing, which is common now, the persistent and service addresses need to be in different IP networks so that the correct interface responds when service IP address is on one interface and persistent IP address is on another.

Assuming a netmask of 255.255.255.0 your addresses 10.26.180.75 and 10.26.180.55 are in the same 10.26.180.* subnet.

OdO

  • Full Member
  • ***
  • Posts: 17
  • Karma: +0/-0
Re: Question about PowerHA and NFS export in RG
« Reply #2 on: July 20, 2012, 01:11:43 PM »
Hi Mickael,

I use only /usr/es/sbin/cluster/etc/exports
/nfsexp  -sec=sys,rw,access=part1,root=part1

On an aliased network, a persistent label may be placed on the same subnet as the aliased service label, or it may be configured on an entirely different subnet. However, it must be placed on a different subnet than all boot IP labels on the network.

http://pic.dhe.ibm.com/infocenter/aix/v7r1/topic/com.ibm.aix.hacmp.admngd/ha_admin_config_persist_iplabels.htm

I come back if I found news.
Thank's

Michael

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +0/-0
Re: Question about PowerHA and NFS export in RG
« Reply #3 on: August 04, 2012, 03:31:00 AM »
Quote
a persistent label may be placed on the same subnet as the aliased service label

Yes, and NFS has always suffered from aliases in the same subnet, as it is the IP stack (layer three) that inserts the return IP address, not the application layer.

I recommend "trying" having a persistent address in a different IP (sub)-net.