Differences

This shows you the differences between two versions of the page.

--- ha:keepalived [2023/07/18 18:09] – [Keepalived] veera
+++ ha:keepalived [2023/07/18 18:40] (current) – [2. Configure keepalived on both MASTER and SLAVE] veera
@@ Line 24: / Line 24: @@
-==== 1. Install Trisul Network Analytics on both HA DR nodes. ====
+==== 2. Configure keepalived on both MASTER and SLAVE ====
+Follow instructions in [[admin:keepalived|Configure keepalived]]
+Ensure the PRIORITY of MASTER is atleast 50 higher than the priority specified in the SLAVE node.
+==== 3. Use IPTABLES on MASTER ====
+During normal operation both nodes will be in active-active mode. The NETFLOW sent to the MASTER node will be mirrored to the SLAVE node using IPTABLES rule. You can also use the [[https://github.com/trisulnsm/netflow-shim-tunnel|netflow-shim-tunnel]] to accomplish this
 iptables DNAT rule
-<code>
-dnf install iptables iptables-services
-</code>
 <code>
-iptables -t nat -A PREROUTING -p udp -m udp --dport 2055 -j DNAT --to-destination 10.10.100.116
+iptables -t nat -A PREROUTING \
+    -p udp -m udp --dport 2055 -j DNAT \
+        --to-destination 10.10.100.116
 systemctl start iptables
@@ Line 43: / Line 53: @@
 </code>
-Make it persistent
+Make it persistent using the iptables-services package
+<code>
+dnf install iptables iptables-services
+</code>
 <code>
 iptables-save > /etc/sysconfig/iptables
 </code>
+To list the NAT rule
+<code>
+iptables -t nat -v -L -n --line-number
+</code>
+To delete (for testing)
+<code>
+iptables -t nat -D PREROUTING 1
+</code>