04-26-2017 02:33 AM
Hello,
I try to deploy 2 vWSA in HA mod in VMWARE,
I have :
2 vWSA which make proxy correctly independantly
Failover group right configured
1 vSwitch in VMWARE
2 groups of ports (1 for the M1, 1 for the P1)
I can ping the virtual IP but, both vWSA are in Master mode, so the proxy don't work.
I don't know how to resolve it, i'have try all promiscious mode, forged transmit and MAC modification (in all combinaison of accept/reject).
Any idea?
Regards,
04-26-2017 03:32 AM
Please see the below link and see if you have deployed everything properly else it won't work:-
04-27-2017 12:16 AM
I think there is 0 information about HA and VMWARE ESXI.
Do i miss something?
The problem is for the HA :
The NIC must have promiscious mode in accept to work properly. (Send packet on 224.0.0.18 and receive it)
The NIC must have forged trasmit in reject to be reachable. (Virtual IP can be ping)
But when this two mode are configure like that, NIC can send packets to 224.0.0.18, can be reachable BUT can receive packet from 224.0.0.18 so no one enter in backup stance and the vritual IP can't do is job of web proxy.
__________________________________
I had try a fresh install with only the IP configuration
The problem is still present
Appliance Version: S100V
OS: Async 9.0.1-161 (test with build 162 same issue)
05-03-2017 05:55 AM
Please look at the below, especially focusing on the Net.ReversePathFwdCheckPromisc section as this sounds like what you are hitting.
Complete these steps in order to resolve this issue and stop the loop of multicast packets that are sent in the VMware environment:
Complete these steps in order to modify the Net.ReversePathFwdCheckPromisc option:
The interfaces that are in Promiscuous mode must now be set, or turned off and then back on. This is completed on a per-host basis.
Complete these steps in order to set the interfaces:
05-03-2017 02:46 AM
Hello,
I have found an issue, with a vSwitch with 2 physical interface, HA can't work
But with 1 physical int in a vSwitch, it works fine,
vSwitch mode :
promiscuous: reject
mac adress: accept
Forged: accept
Group of port :
promiscuous: accept
mac adress: accept
Forged: accept
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide