I just downloaded and installed Pound 2.1.7 and whilst it's a
very nice piece of software with some HA options for the
Backend servers (e.g. Alive option and so on), I can't understand
why the Listeners don't have similar HA options for them.

Example scenario I'm trying to construct with just two
server boxes (which I want to act as both front-end Pound
servers - one "active" and one "passive" because you can't
round-robin DNS them due to PHP sessions - and Web backend
servers for HA purposes):

Spread/Wackamole are configured to have one virtual IP that points
to one server (the "active" one) when it's up and moves to the
second server if the first one dies (and possibly back again if
the reverse scenario happens). This is a pretty bog-standard way of
implementing Spread/Wackamole on 2 servers - there's nothing
fancy in their config files.

I want one copy of pound to run on each server - one "active"
Listener and one "passive" Listener (but regularly checking
every few seconds to see if it needs to go "active") - both
servers are in both Pound servers' Backend server list of course.

In other words, I need the same HA code that is used to manage the
Pound Backend servers to apply to the Pound Listeners as well.
As it stands, if Pound can't bind to its Listeners, it just
immediately exits, which it will do on the "passive Listener
server" I mentioned above (because the failover from
Spread/Wackamole hasn't brought the IP over to that box yet).

I know this was discussed on the Pound mailing list about
2 years ago - see:

http://www.apsis.ch/pound/pound_list/archive/2004/2004-06/1086358597000

The response from Robert at that time - "Pound itself does not support
redundancy" - may be different now that the Backhand servers are
"backed off from" if they go down and rechecked regularly to see if
they've come back up. I'd just like the same thing to apply
with Pound's Listeners as well.

As it currently stands with Pound 2.1.7, I'm probably going to have
write my own daemon that monitors if Spread/Wackamole have brought the
virtual IP over to the current machine and then force a full restart
of Pound (with a few seconds of downtime...) to pick up that IP.
I'd rather that Pound could detect this IP appearing itself and do it
internally, than either have to write my own code to check for it or
use someone else's (Heartbeat or whatever). It's the final piece in
the HA jigsaw that Pound needs - it would make Spread+Wackamole+Pound
an easy and efficient way to provide HA Web serving (OK, assuming that
you also sync or share your Web filestore too with something else and
we haven't even covered the topic of HA MySQL/PostgreSQL/Oracle :-) ...).

So are there any future plans to implement HA for Pound's Listener
servers (could reuse the "Alive" global setting that you have for Backend
servers)? I can't believe the code would be impossible to write since
the concept is pretty well the same as the one that manages the
Backend servers' availability.

Richard K. Lloyd,           E-mail: rkl(at)connectinternetsolutions.com
Connect Internet Solutions,    WWW: http://www.connectinternetsolutions.com/
First Floor, Faraday House,
Liverpool Digital, 360 Edge Lane,
Liverpool,
Merseyside, UK. L7 9NJ

I think I would just use (assuming Linux) iptables and NAT to make sure
the virtual IP traffic always ended up at the physical IP on my box.
Then it doesn't matter if the IP is on an interface or not... assuming
Wackamole is going to take care of ARP, the traffic will flow to the
physical.

In that case, both pound machines would always be ready to service the
virtual IP.  And because it's based on DNAT, it wouldn't affect
logfiles.

Joseph Gooch
Sapphire Suite Product Manager
K12 Systems, Inc.
(866) 366-9540

[...]
[mailto:richard.lloyd(at)connectinternetsolutions.com][...]
...).[...]
Backend[...]
pound(at)apsis.ch.[...]

> I think I would just use (assuming Linux) iptables and NAT to make
sure[...]

I'll add my support for this sort of approach.  On OpenBSD/FreeBSD if 
you've got Pound listening on carp interfaces, it's a similar 
arrangement.  The ip is always on the carp device, and it manages its 
state without any interruption to pound.  From pound's perspective, one 
machine just happens to be really quiet.

Regards,[...]

Hi

In Linux the bold can also set /proc/sys/net/ipv4/ip_nonlocal_bind to 1:

# echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind

This will allow applications to bind() to non-local IP addresses.
It might also break some applications that expect bind to succeed only for 
IP addresses that are actually on the host. Probably this shouldn't be a 
problem on a dedicated load balancer.

I got this info from /usr/src/linux/Documentation/networking/ip-sysctl.txt 
on my laptop btw.

Rune

---
Rune Sætre <rune.saetre(at)netcom-gsm.no>
NetCom as
..

On Fri, 8 Dec 2006, Dave Steinberg wrote:
[...][...]

IT would be very nice to add state replication between the active and
passive instances.  It doesn't need to be fancy and doesn't need to worry
about race conditions (just do tie-breaking based on ordering of IP
addresses or random numbers).


On 12/8/06 8:25 AM, "Joe Gooch" <mrwizard(at)k12system.com> wrote:
[...]

Hi

Getting and setting the session table using poundctl would also be a good 
thing. It could be used to let sessions survive restarts and even upgrades 
of pound as well.

Rune

---
Rune Sætre <rune.saetre(at)netcom-gsm.no>
NetCom as
..

On Fri, 8 Dec 2006, Ted Dunning wrote:
[...][...][...]