[an error occurred while processing this directive]

HP OpenVMS Systems Documentation
Content starts here HP TCP/IP Services for OpenVMS

HP TCP/IP Services for OpenVMS
Management
Previous Contents Index

4.4.3 Extending Routing

To use extended routing, define pseudointerfaces. A pseudointerface is a data structure that extends routing. Like an interface, the name of an internet pseudointerface is three alphabetic characters, followed by the pseudointerface unit number in the range of 0 through 255.

The first two characters are the same as the two characters in the internet interface name (interface type and interface class). See Section 2.3.1 for more information about interface names.

The third character identifies the controller letter that corresponds to the OpenVMS hardware controller.

For example, for an OpenVMS Alpha system with two Ethernet controllers, EZA0 and EZB0, you can define the following internet interfaces and pseudointerfaces:

  • Internet interfaces:
    • ZE0
    • ZE1
  • Internet pseudointerfaces, each with its own IP address, network mask, and broadcast mask:
    • SEA
    • SEA0
    • SEA1
      .
      .
      .
    • SEA254
    • SEB255

To extend routing, follow these steps:

  1. Define the pseudointerfaces using the SET INTERFACE and SET CONFIGURATION INTERFACE commands: 


    TCPIP> SET NOINTERFACE interface

TCPIP> SET INTERFACE interface /HOST=host -
_TCPIP> /NETWORK_MASK=mask /BROADCAST_MASK=b_mask

TCPIP> SET CONFIGURATION INTERFACE interface /HOST=host -
_TCPIP> /NETWORK_MASK=mask /BROADCAST_MASK=b_mask

    For example, to specify the pseudointerface FFA0 on host KESTREL, with network mask 255.255.0.0 and broadcast mask to 128.30.0.0, enter: 


    TCPIP> SET NOINTERFACE FFA0

TCPIP> SET INTERFACE FFA0 /HOST=KESTREL /NETWORK_MASK=255.255.0.0 -
_TCPIP> /BROADCAST_MASK=128.30.0.0
  2. Enter the same information into the configuration database to set up the interfaces at startup. For example: 


    TCPIP> SET CONFIGURATION INTERFACE FFA0 /HOST=KESTREL -
_TCPIP> /NETWORK_MASK=255.255.0.0 /BROADCAST_MASK=128.30.0.0

    To display information about the network interfaces, use the SHOW INTERFACE command. To remove the interface from the configuration database, use the SET CONFIGURATION NOINTERFACE command.

4.4.4 Interface Routes

If you have a configuration in which multiple networks share the same physical LAN, you can communicate directly with hosts in other networks without the need of a pseudointerface for each network.

You can use a broadcast address to designate an interface route, also called a metric 0 route.

To create interface routes, follow these steps:

  1. As the gateway for the route, enter either one of the host's own addresses or the broadcast address associated with an interface.
    TCP/IP Services recognizes this route as an interface route.
  2. Configure the hosts in the other network to recognize that your network is present on their LAN.

For example, network 99.0.0.0 is on the same cable as network 192.199.199.0. On host 99.1.2.3, specify network 192.199.199.0 as directly reachable: 


TCPIP> SET ROUTE 192.199.199.0 /NETWORK /GATEWAY=99.1.2.3

On the hosts in network 192.199.199.0, enter: 


TCPIP> SET ROUTE 99.0.0.0 /NETWORK /GATEWAY=192.199.199.255

4.4.5 Manually Configuring a Hardware Address

Network hosts require manual configuration of a hardware address for a remote IP address under the following conditions:

  • The remote host does not support the Address Resolution Protocol (ARP). You need static mapping of IP addresses to hardware addresses.
  • The remote host is running ARP, but a change was made to the internet interface on that host.
    To notify your system about the change, flush the address mapping tables. Use the SET NOARP command to do this.

For example, to map the Ethernet address AA-02-04-05-06-07 of host ROOK, add the hardware address to the ARP table by entering the following command: 


TCPIP> SET ARP AA-02-04-05-06-07 ROOK

Chapter 5
Configuring and Managing failSAFE IP

failSAFE IP is an optional service provided by TCP/IP Services to allow IP addresses to fail over when interfaces cease functioning on a system where multiple interfaces have been configured. When the same IP address is configured on multiple interfaces, network connections can be maintained when:

  • The network interface card (NIC) fails.
  • A cable is disconnected or broken.
  • A switch for a port fails.
  • The node or the TCP/IP Services software is shut down.

This chapter reviews key concepts and describes:

5.1 Key Concepts

The failSAFE service monitors an interface and takes appropriate action upon detecting interface failure or recovery. failSAFE IP provides IP address redundancy by requiring the same IP address to be configured on multiple interfaces. Only one instance of each IP address is active at any time; the other duplicate IP addresses are in standby mode.

Standby IP addresses can be configured on multiple interfaces within the same node or across an OpenVMS Cluster. The interfaces are monitored by the failSAFE IP service. When an interface fails, each active IP address on the failed interface is removed and the standby IP address becomes active. If an address is not preconfigured with a standby, then the address is removed from the failed interface until it recovers.

Static routes on the failed interface are also removed and are configured on any interface where their network is reachable.

When an interface recovers, it can request that its IP addresses be returned to it when the interface is configured as the home interface for one or more addresses. When the home interface recovers, it requests that the current holder of the address give it up. (For more information about home interfaces, see Section 5.2.3.)

The current holder of an address does not release an address if this action will result in dropped connections, or if the current holder is also designated as a home interface for that address.

Management intervention can be taken to force the removal of an address.

5.2 Configuring failSAFE IP

Configuring failSAFE IP requires two steps:

  1. Assign the same IP address to multiple interfaces. Only one instance of that address is active; all other instances are in standby mode. For simple configurations, use the TCPIP$CONFIG Core Interface menu to assign an IP address to multiple interfaces. Alternatively, use the ifconfig utility, which provides a greater degree of management control. For more information, see Section 5.2.1.
  2. Use the TCPIP$CONFIG.COM command procedure to enable the failSAFE IP service, which monitors the health of interfaces and takes appropriate action when it detects interface failure or recovery. This service is available from the Optional Components menu.

5.2.1 Configuring failSAFE IP Manually

A failSAFE IP address can be configured by using the TCPIP$CONFIG.COM command procedure, or manually by using the TCP/IP management command SET INTERFACE.

For instance, to create an IP address of 10.10.10.1 on interface IE0 and a standby alias address on interface IE1 (pseudointerface IEB0), use the following commands: 


$ TCPIP
TCPIP> SET INTERFACE IE0/HOST=10.10.10.1
TCPIP> SET INTERFACE IEB0/HOST=10.10.10.1

Alternatively, you can use the ifconfig utility to configure an interface manually. For example: 


$ ifconfig ie0 10.10.10.1
$ ifconfig ie1 alias 10.10.10.1

To view the standby addresses, use the ifconfig utility. For example: 


$ ifconfig -a
IE0: flags=c43<UP,BROADCAST,RUNNING,MULTICAST,SIMPLEX>
   *inet 10.10.10.1 netmask ff000000 broadcast 10.255.255.255
IE1: flags=c03<UP,BROADCAST,MULTICAST,SIMPLEX>
     failSAFE IP Addresses:
        inet 10.10.10.1 netmask ff000000 broadcast 10.255.255.255 (on HUFFLE IE0)

In this example, interface IE1 displays a failSAFE IP address that is active on node HUFFLE, interface IE0.

Note
In an OpenVMS Cluster, an IP address with active connections cannot be reassigned to another node in the cluster. Therefore, you should always configure a standby interface on the same node as the home interface.

DNS-controlled primary addresses should be placed under the control of the BIND/DNS load broker to make sure that the DNS alias continues to be available.

The ifconfig utility provides greater control of failSAFE IP addresses. Table 5-1 describes the ifconfig options that support failSAFE IP.

Table 5-1 ifconfig Options for failSAFE IP
Option Description
[ - ] fail Forces an interface to fail. You can recover the interface using the -fail command.
[ - ] home Forces an alias address to be created with a home interface. This option is used used when creating IP addresses. By default, all primary IP addresses are created with a home interface.
[ - ] fs Creates an address that is not managed by failSAFE IP. All IP addresses are created as failSAFE addresses by default, except for addresses assigned to the loopback interface LO0 (for instance, the local host address 127.0.0.1).

5.2.2 Modifying the failSAFE IP Configuration Parameters

By default, the failSAFE IP service monitors all TCP/IP interfaces on a system, periodically polling each interface using default polling intervals. You can override the defaults by editing the configuration file. To change the name or location of the configuration file, define the logical name TCPIP$FAILSAFE. By default, the configuration file name and location are: 


SYS$SYSDEVICE:[TCPIP$FSAFE]TCPIP$FAILSAFE.CONF

Table 5-2 describes the configuration parameters.

Table 5-2 failSAFE IP Configuration Parameters
Parameter Description Default
INTERFACE_LIST The list of interfaces that failSAFE monitors. All interfaces
INFO_POLL Specifies the polling interval used when the interface is known to be functional. It requires two INFO_POLL timeouts to determine that an interface is not responding, at which time the polling frequency is set to the WARN_POLL period. 3 seconds
WARN_POLL Specifies the polling interval used when the interface first stops responding. It will continue polling the interface for RETRY_WARN attempts before the interface is deemed to be malfunctioning, at which time the polling frequency is set to ERROR_POLL and failover occurs. 2 seconds
RETRY_WARN Specifies the number of warning polls before the interface is deemed to be malfunctioning and the IP addresses associated with it are removed. A value of zero skips the WARN_POLL cycle. 1 retry
ERROR_POLL Specifies the polling interval used when the interface is deemed to be malfunctioning. failSAFE monitors a malfunctioning interface at this frequency until it determines that the interface has recovered, at which time the polling frequency is set back to the INFO_POLL period. 15 seconds

5.2.3 Creating and Displaying Home Interfaces

failSAFE IP addresses can be created with a designated home interface. By default, all primary IP addresses are created with a home interface. A home interface provides a preferential failover and recovery target in an effort to always migrate IP addresses to their home interface, thereby limiting the disruption to users.

You can use the ifconfig utility to create and display addresses configured with home interfaces. For example, to create three addresses, enter the following commands: 


$ ifconfig ie0 10.10.10.1            ! primary has home interface by default
$ ifconfig ie0 alias 10.10.10.2      ! alias does not
$ ifconfig ie0 home alias 10.10.10.3 ! create alias with home interface

Although the TCP/IP management command SET INTERFACE can be used to create primary and alias addresses, it does not allow you to create the home alias address. You must use the ifconfig utility to do this.

When addresses are displayed by the ifconfig utility, those addresses with a home interface are marked with an asterisk (*). For example: 


$ ifconfig ie0
IE0: flags=c43<UP,BROADCAST,RUNNING,MULTICAST,SIMPLEX>
   *inet 10.10.10.1 netmask ff000000 broadcast 10.255.255.255
    inet 10.10.10.2 netmask ff000000 broadcast 10.255.255.255
   *inet 10.10.10.3 netmask ff000000 broadcast 10.255.255.255

The asterisk indicates that the addresses 10.10.10.1 and 10.10.10.3 have a home interface of IE0.

Note
The TCP/IP management command SHOW INTERFACE does not identify addresses with a home interface.

Creating IP addresses with home interfaces spreads the IP addresses across multiple interfaces. This is useful for load-balancing and gaining higher aggregate throughput. If a home interface recovers after a failure, the addresses may return to their recovered home interface, thus maintaining the spread of addresses across the available interfaces.

Note
The IP address will not migrate toward a home interface while that address has active connections.

5.3 Managing failSAFE IP

The failSAFE IP service monitors the state of interfaces and, upon detecting a failure or recovery, takes the appropriate action. To start and stop the failSAFE IP service, run the following command procedures:

  • SYS$STARTUP:TCPIP$FAILSAFE_STARTUP.COM
  • SYS$STARTUP:TCPIP$FAILSAFE_SHUTDOWN.COM

The failSAFE IP service performs the following actions:

  1. Monitors the state of interfaces by periodically reading their Bytes Received counter.
  2. When required, marks an interface as failed or recovered.
  3. Maintains static routes to ensure they are preserved after interface failure or recovery.
  4. Logs all messages to TCPIP$FAILSAFE_RUN.LOG. Important events are additionally sent to OPCOM.
  5. Invokes a site-specific command procedure. For more information about the site-specific command procedures, see Section 22.1.1.
  6. Generates traffic to help avoid phantom failures, as described in Section 5.3.5.3.

If the failSAFE IP service is not enabled, configuring a failSAFE IP address across nodes provides identical functionality to the IP cluster alias, as described in Section 1.4.

5.3.1 failSAFE IP Logical Names

You can use logical names to customize the operating environment of failSAFE IP. The logical names must be defined in the LNM$SYSTEM_TABLE for them to take effect.

Table 5-3 describes the failSAFE IP logical names.

Table 5-3 failSAFE IP Logical Names
Logical Name Description
TCPIP$FAILSAFE Specifies the configuration file that is read by TCPIP$FAILSAFE during startup. This logical must be defined prior to starting the failSAFE IP service. The default file specification is SYS$SYSDEVICE:TCPIP$FAILSAFE.CONF.
TCPIP$FAILSAFE_FAILED_ ifname Simulates a failure for the named interface ( ifname). This logical name is translated each time failSAFE IP reads the LAN counters.

To determine the interface name, use the TCP/IP management command SHOW INTERFACE.

TCPIP$SYFAILSAFE Specifies the name of a site-specific command procedure that is invoked when one of three conditions occurs: interface failure, retry failure, or interface recovery. The default file specification is SYS$MANAGER:TCPIP$SYFAILSAFE.COM.
TCPIP$FAILSAFE_LOG_LEVEL Controls the volume of log messages sent to OPCOM and the log file. This logical is translated each time failSAFE IP logs a message. The default value is 0.
TCPIP$FSACP_LOG_LEVEL Controls the volume of log messages sent to OPCOM by the ACP. This logical should be used only when directed by customer support. The default value is 0.

5.3.2 Customizing failSAFE IP

You can create a site-specific command procedure to be invoked under specified circumstances, such as when an interface fails. You can customize the command procedure to handle the following circumstances:

  • When the interface first appears to have stopped responding. This is the first warning that a problem may exist, but no action to failover IP addresses has been taken yet.
  • When an attempt to generate traffic on the interface fails. After the retry limit is reached, the interface is deemed as malfunctioning, and IP addresses are removed from the interface. Failover occurs.
  • When the interface recovers.

The default site-specific command procedure is: 


SYS$MANAGER:TCPIP$SYFAILSAFE.COM

To modify the location or file name, define the logical name TCPIP$SYFAILSAFE.

Use the following text strings as parameters to the command procedure:

  • P1 is the interface name (for example, IE0)
  • P2 is the state. The states are:
    • INFO_STATE
    • WARN_STATE
    • ERROR_STATE

5.3.3 Reestablishing Static and Dynamic Routing

When an interface fails, failSAFE IP removes all addresses and static routes from the failed interface. The static routes are reestablished on every interface where the route's network is reachable. This action can result in the creation of a static route on multiple interfaces and is most often observed with the default route.

You may need to restart dynamic routing to ensure that the dynamic routing protocol remains current with changes in the interface availability. If this is necessary, restart the routing process using the following TCP/IP management commands: 


TCPIP> STOP ROUTING /GATED
TCPIP> START ROUTING /GATED

For GATED, failSAFE IP can be configured to scan the interfaces periodically for any changes. Use the GATED configuration option scaninterval . You can scan the interfaces manually using the following TCP/IP management command: 


$ TCPIP SET GATED/CHECK_INTERFACES

For more information about routing protocols, see Chapter 4.

5.3.4 Displaying the Status of Interfaces

The failSAFE IP service periodically reads the network interface card (NIC) Bytes Received counter to determine the status of an interface. You can display the Bytes Received counter using the LANCP utility. For example, to view the Bytes Received counters for all interfaces, enter the following command: 


$ pipe mcr lancp show device/count | search sys$pipe "Bytes received"/exact

The types of events that prevents the Bytes Received counter from changing include:

  • Failing interface hardware
  • Disconnected physical link
  • Shutting the interface down using TCP/IP management commands
  • Shutting down TCP/IP Services
  • Shutting down a node

Previous Next Contents Index