Network Adapter Failover in Linux?

Brian the Wise asks: "Is there anything avaible for Linux that can compare to the IP Multipathing in Solaris 8? I need it specifically for the active/passive failover of ethernet interfaces. A search around the net has only come up with HA Linux and LVS, but they're both talking about complete machine failover. All I want is for the system to move the IP configuration from one ethernet interface to a dormant one on the same machine when it detects the link going down on a single machine. Is there anything with a proven track record out there?"

AmDissidentVoices: Why Revolution Is Necessary

American Dissident Voices Broadcast of November 3, 2001

Why Revolution Is Necessary
By Dr. William Pierce

Hello!

One of the most interesting developments I've seen since September 11 is the public hinting by people in the Federal Bureau of Investigation that it really would be helpful to them if they were permitted to torture suspects or other people from whom they wanted information, like the police in Israel do. These hints haven't been given a big play by the news media, but there is a report on the subject in the October 21 issue of the Washington Post and a column by Jonathan Alter in this week's issue of Newsweek. These stories seem to be what the media people call "trial balloons": give a new proposal just enough exposure to get a bit of public reaction from the perceptive minority without alarming the
lemmings. If the response isn't strongly negative, then push the proposal hard.

I'll read you just a few sentences from the October 21 story in the Washington Post, to give you the flavor of the proposal. I quote: "FBI
and Justice Department investigators are increasingly frustrated by the silence of jailed suspected associates of Osama bin Laden's al Quaeda network, and some are beginning to say that traditional civil liberties may have to be cast aside if they are to extract information about the September 11 attacks and terrorist plans. . . . Said one experienced FBI agent involved in the investigation: 'We are known for humanitarian treatment, so basically we are stuck. . . . Usually there is some incentive, some angle to play, what you can do for them. But it could get to that spot where we could go to pressure . . . where we won't have a choice, and we are probably getting there.' Among the alternative strategies under discussion are using drugs or pressure tactics, such as those employed occasionally by Israeli interrogators, to extract information." -- end of quote --

Well, the article goes on to quote other FBI officials who are "frustrated" by their inability to "extract information" from some suspects and who wish that they could use drugs or "pressure tactics" -- that's a euphemism for torture -- like the Israelis do, and more than
"occasionally." Actually the story, by Walter Pincus, is pretty low key. It nowhere says that there already is a plan to use torture, just
"wouldn't it be nice if we could." And he quotes a former senior FBI official who believes that the American public will go along with such a
plan if there is another terror attack on the United States. And, of course, there will be. As I said, the article reads like a "trial balloon."

It's a funny thing: after the Oklahoma City bombing in 1995, the Jewish media were all over my 1978 novel, The Turner Diaries, claiming that a fictional bombing of the FBI headquarters building in Washington that occurred in the novel was a "blueprint" for the Oklahoma City bombing. They really wanted to tie the Oklahoma City bombing to me and to everyone else who had criticized the Jews' monopoly control of the news
and entertainment media. I won't be surprised when they discover that the last chapter of The Turner Diaries describes a suicide attack on the
Pentagon with a bomb-carrying airplane and then begin claiming that that was a "blueprint" for the September 11 attack on the Pentagon. There's
something else in The Turner Diaries, however, that I'm quite certain they won't try to blame on me, and that is my description of the adoption of torture as an interrogation technique by the FBI. In the book, published 23 years ago, I described quite vividly the FBI's
torture of a terrorism suspect, using the services of an experienced Israeli torturer. The media bosses won't blame the current yearning in
the FBI for the authorization to use torture on my book because they themselves also are solidly in favor of the use of torture. It is no mere coincidence that both the Washington Post story and the Newsweek column are written by Jews.

They also are solidly in favor of every other measure to strengthen the hand of the government in dealing with its opponents -- and not just
with terrorists. They would like to put an end to all dissent, to all Politically Incorrect speech or writing or expression of opinion: an end to all opposition to them and to the government. And really, the media and the government are far too close to being one and the same these days. That's quite a different situation from the one we had 30 years ago, during the Vietnam war, and the situation is far more dangerous today than it was then. Then, when Jewish and Marxist groups were burning ROTC buildings on our university campuses, setting off bombs in banks and other businesses they claimed were supporting the White government in South Africa, and committing other acts of terrorism on a continuing basis, if the FBI had suggested that perhaps it should use torture in interrogating terrorist suspects, the media would have gone ballistic and screamed for the head of the FBI director. Well, if the FBI begins using torture now, at least the government canclaim that it is just going along with tradition. After all, it wasn't so long ago that witches were tortured to make them confess to having congress with the devil -- and also to reveal the names of other witches or sorcerers. The torture was justified on the grounds that it was essential for the safety and welfare of the public: you can't allow witches and sorcerers to run around putting spells on people; the government needs to find out who they are so that it can get them off the street. Of course, the danger from witches wasn't real, so the government wasn't justified in using torture in the 17th century, but the danger from terrorists today is real, and many people believe that justifies the use of torture and the curtailment of other civil liberties. And my answer to that is that the danger of terrorism today is real only because the government has made it real through its own policies: policies that it could change at will, eliminating the danger of terrorism without limiting the freedom of Americans.

Unfortunately, however, the government not only refuses to admit that any of its policies are the cause of terrorism against Americans; it is
moving with unseemly haste to silence anyone who dares to suggest that is the case. The ghastly new law, the badly misnamed "USA PATRIOT" law signed by George Bush last week, is a giant step in that direction. The "USA PATRIOT" title is a highly contrived acronym standing for "Uniting
and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism." The new law is both un-American and unpatriotic. It is also un-Constitutional, although you shouldn't make
any wagers that the Supreme Court will overturn it. The law specifically trashes the Fourth Amendment, and it is aimed at intimidating all
opponents of the government or its policies into silence by threatening to put them into the category of being suspected "supporters of
terrorism," whereupon they immediately lose all of their civil liberties and become, in effect, outlaws.

The new law certainly succeeded in intimidating nearly every legislator in the Congress even before George Bush signed it on Friday of last
week. The bill's sponsors rammed it through the Congress without any of the customary debate or public hearings or opportunity to modify it. The
customary legislative process of "regular order" was completely short-circuited, and terrified Congressman dared not protest or vote against the bill from fear of being denounced as "unpatriotic."

Denounced by whom, you ask? By the media, of course, which were solidly behind the new law. It was reminiscent of the witch trials of 400 years ago, when people who knew that the accused was innocent were afraid to speak up lest they too be accused of being in league with the devil.

If you still believe that the people elected by the voters to the U.S. Senate and House of Representatives are America's "leaders" and are
looking out for the interests of the public, you should contemplate in detail the course of the "USA PATRIOT" bill through the Congress. Nearly
90 per cent of the members of the Congress, Republicans and Democrats, all of whom took a solemn oath to uphold and defend the Constitution, let themselves be stampeded by fear of media criticism into damaging the
Constitution in a grievous way -- perhaps into striking a death blow against the Constitution -- by voting for this bill. And George Bush was
his usual smirking self as he triumphantly signed it into law last Friday.

Now Jewish billionaire Larry Ellison, the principal owner of Oracle, the country's second-largest software company, is trying to persuade the government to require everyone to carry a national identity card that will allow the FBI to keep track of their movements. Ellison has generously offered to provide the software without charge to the FBI to operate the tracking system. In the government the biggest booster of Ellison's national identity plan is Senator Diane Feinstein, who heads
the Senate subcommittee on terrorism.

Hey! It's not Osama bin Laden who hates America's freedom: it's our government, our media, and people like Larry Ellison and Diane
Feinstein.

If you've been listening to many of my broadcasts, you know what I think about democracy and democrats. I think democracy is a lousy political system, and it is inherently crooked. It pretends to put power into the hands of the majority of the people -- which is a stupid idea in itself -- while it actually puts power into the hands of the tiny minority that
control the opinions of the majority: namely, the media bosses. And I loathe Democrats: they are demagogues who seek power for themselves by
appealing to society's resentful losers and dispensing bread and circuses paid for by society's more productive elements. But as much as I hate Democrats, I hate and fear Republicans even more: especially conservative Republicans: for example, Chief Supreme Court Justice William Rehnquist, Attorney General John Ashcroft, Vice
President Richard Cheney, and George W. Bush. It is among the conservative politicians and bureaucrats that one finds the greatest mania for regimenting people, for making everyone march in step and sing in tune, for slapping down anyone who gets out of line, for sticking the government's nose into every aspect of people's lives. And I'll guarantee you, the mania these conservative politicians and bureaucrats have for controlling citizens and suppressing dissent is not based on either patriotism or a conviction that it's for our own good. They are crooks and liars, and the only good they're concerned about is their own.

You know, just because I have one view of an issue, and a politician has a different view, doesn't in itself mean that the politician is a crook and a liar. People -- even politicians -- are entitled to have different opinions about things. But when a politician like George Bush announces to the nation in completely unambiguous terms that the September 11 attack was unprovoked and was simply an expression of hatred by fundamentalist Muslims for America's freedom and democracy, it's not a difference of opinion; the man is simply lying. He's lying consciously and deliberately. He's lying to the whole nation on a matter of the utmost importance. This is much, much more reprehensible -- much, much more dangerous for the country -- than Bill Clinton's lies about the
sexual services he was receiving in the Oval Office from a Jewish intern.

George Bush has lied us into a war -- for two very obvious reasons. First, just as the members of the Congress were afraid to question the new anti-terrorism bill from fear of being painted by the media as "unpatriotic," George Bush is afraid to talk about the provocation which caused the September 11 attack -- namely, the U.S. government's support of Israeli aggression against her neighbors -- because he knows that the media would then accuse him of "anti-Semitism."

And second, if he raised the subject of the provocation, he would have to explain why the government pursued such a policy. He would have to talk about the enormous power of organized Jewry over government policy, and again that would cause the controlled media to denounce him as an "anti-Semite." And he also would stand revealed as a man who had consciously followed a policy dictated by organized Jewry knowing that
it was a policy harmful to America. He would stand revealed as a man at least partly responsible, along with his predecessors, who knowingly followed the same policy, for the September 11 attack. He would stand revealed as a traitor, who had served a foreign power to the detriment of American security and welfare.

You know, being a traitor is a bit like grabbing a tiger by the tail. Once you embark on that course, you can't go back. It's either hang on
or be hanged. So George Bush lies to the whole country about a matter of the utmost importance and continues serving his alien masters. And the
man smirks about it.

Such a man cannot be trusted. A government headed by such a President cannot be trusted. Any reasonable patriot must fear such a government when it is given the powerful tools for repression that are in the new "USA PATRIOT" law and when its secret police agencies begin suggesting that it would be nice if they were permitted to torture suspects in order to extract information. And such a government especially should be feared when it is in cahoots with the news media. In a free society one force that keeps the government from getting completely out of control is a free press. Even when the media also are crooked, if they at least
are hostile to the government they can keep the government in check. But when crooked media are in cahoots with a crooked government, the country
is in real trouble. And that is the situation we're in now.

In America's present situation, terrorism is the least of our problems. Certainly, it is a bad thing when our country is so hated by much of the
rest of the world because of our government's policies that airliners are hijacked and flown into office buildings, killing thousands of
Americans. Certainly it is a bad thing when anthrax-infected letters are mailed around the country, killing innocent people and causing major disruptions in the postal service. But these things are nothing compared to the loss of our civil liberties. They are nothing compared to the danger of a treasonous, lying government. They are nothing compared to the damage done to our society by mass media of news and entertainment being in the hands of an alien minority pursuing its own agenda. Americans made far greater sacrifices 225 years ago to secure civil liberties that King George III was denying them than they made in New York and Washington on September 11. When we are obliged to fight again to restore civil liberties now being given up so lightly by an irresponsible and thoughtless public seeking more security, the loss of lives and property will be far greater than in the World Trade Center attack. When we take the necessary actions to regain control of our mass media and our government, the disruption and suffering will be incomparably greater than that caused by the current anthrax terrorism.

In other words, even if the terrorism threat to Americans were a thousand times greater than we have experienced so far -- even if terrorism cost us five million lives instead of five thousand -- it would not be as harmful to us and as great a threat to our national survival as a treasonous government and alien-controlled mass media. The public, frightened of terrorism, may be willing to give up its freedom in the hope of gaining more security, but it will end up with neither. Unfortunately, the minority of us who really value our freedom will lose it too.

And you know, none of this is necessary. It is easy for us to eliminate -- or at least greatly reduce -- the threat of terrorism without giving
up any of our civil liberties. Without scrapping the Bill of Rights it is possible for the Sally Soccermoms and the Joe Sixpacks to go back to
cruising the malls and watching the ball games without having to worry about being hit by a hijacked airliner or opening an anthrax-infected
letter. It is possible for them to have their comfort and security and for us to have our freedom at the same time.

Regimentation is not necessary for security. The authoritarians in our government would like to regiment the people whether there is a threat
of terrorism or not, but regimentation isn't necessary. The way to eliminate the threat of terrorism is to eliminate the causes of
terrorism. And as far as terrorism from outside the country is concerned, the cause is the U.S. government's blind support of Israeli aggression in the Middle East. Every recent terrorist attack against Americans by foreigners has had this single cause: the 1993 bombing of
the World Trade Center, the 1998 bombing of our embassies in Kenya and Tanzania, the 1996 bombing of our servicemen in Saudi Arabia, last
year's bombing of the USS Cole, and the September 11 attack on New York and Washington. In fact, we can go back much further, even to the
bombing of the Marine barracks in Lebanon in 1983, which killed 241 Americans. None of these attacks would have occurred if the U.S.
government had pursued a policy in the Middle East based on American interests instead of on Jewish interests.

To eliminate or greatly reduce domestict errorism, more than a change in U.S. foreign policy is required. Here's an example: the Jewish media now are entertaining the theory that the anthrax letters causing so much
anxiety are being mailed by neo-Nazi groups inside the United States. Even though the anthrax letters refer specifically to Israel and close with the words "Allah is great," Jews are speculating that because all of the letters were mailed inside the United States and so many of the targets were media figures -- that is, Jews -- they could have been mailed by domestic anti-Semites rather than by Muslim backers of Osama bin Laden.

Perhaps so, but that still remains to be seen. The relevant fact is that domestic terrorism that would have been inconceivable 50 or 60 years ago is becoming increasingly common. Fifty years ago no American would have considered launching a campaign of anthrax terrorism in this country. Today it is at least conceivable. And it's not that the technology is new. Any reasonably resourceful graduate student in microbiology can find anthrax spores or other lethal pathogens in the natural environment, identify them, isolate them, cultivate them in a small laboratory using inexpensive equipment, and grow enough of them to inoculate hundreds of letters. And he could have done the same thing 50
years ago. The spores always have been around, and the techniques are not new. What is new is the motivation.

What is new is the enormously greater corruption and irresponsibility of our government today and the consequent distrust of the government by
perceptive citizens. What is new is the enormously greater intrusion of the government into the lives of law-abiding citizens today and the consequent hatred of the government by freedom-loving Americans. What is new is the enormously greater degree of alienation on the part of most Americans -- at least on the part of those Americans who care about more than mall cruising and televised ball games. The principal cause of this alienation is, again, the government, with its destructive immigration policy and its destructive program of forced multiculturalism.

That's easy enough to understand, but to act on our understanding in order to eliminate the cause of either foreign or domestic terrorism
will require the replacement not only of the present U.S. government but also of the system on which it is based. Which is to say, until we have a thoroughly cleansing revolution in America, we must endure more and more terrorism and more and more loss of freedom at the same time.

Thanks for being with me again today.

The text above is based on a broadcast of the American Dissident Voices radio program sponsored by National Vanguard Books.
It is distributed by e-mail each Saturday to subscribers of ADVlist.

To subscribe to ADVlist send an e-mail message to: ADVlist-on@NatVan.com (The subject and body of the message don't matter.)

For more information about National Vanguard Books or the National Alliance see our web site at http://www.natvan.com or http://www.natall.com

Re:AmDissidentVoices: Why Revolution Is Necessary

When someone begins an essay with "Hello!" I really begin to pay attention ;)

Re:AmDissidentVoices: Why Revolution Is Necessary

[MindStalker]

Wow, that was almost interesting. I actually read it, up till the 3rd reference to the "Jewish" media. Then I started to realize that your a complete bigot :)

failoverd

[b-side.org]

http://ps-ax.com/failoverd/failoverd-pod.html


and it needs an owner.

Routing protocol

[brunson]

They typical router solution is to have the dual hosted box participate in a routing protocol like OSPF using gated or something similar. Configure your routing daemon to have each physical interface advertise a zero cost route to a loopback address configured on the unix box then always use that loopback address to connect to it. If an iterface fails, the routing protocol converges and you maintain your connection.

Depending on the routing daemon and the OS you can even get load balancing between the equal cost routes when both interfaces are up.

Another idea.

[MindStalker]

Something elhse you might want to try is having both ethernet devices have the same IP. Its possible, look into it, most switches (as it hub/switch) nowadays support it, I know the linksys ones do atleast. That way you actually get a faster output from the machine, AND you get failover at the same time.

Re:Another idea.

[jannotti]

Linux calls this bonding. Cisco calls it EtherChannel. Either way, I'm not sure it's smart enought to actually failover. I *think* it might just round robin between the multiple interfaces. But, like you say, it's something to investigate. I can at least confirm that it works with Cisco hardware. (Although you have to tell the switch to do it, the "automatic" configuration would only work if Linux spoke Cisco's little protocol for detecting bonded interfaces.)

Re:Another idea.

[phroseph]

You can't simply give two NICs the same address. You'll have to compile support into your kernel for channel bonding. Plus, the switch you're connected to has to support trunking.

So, the in-kernel channel bonding driver _does_ have support for two active paths, and claims to detect path failure and take corrective actions, but I have no experience with it.

APD

[j.e.hahn]

Do a search on freshmeat.net for apd. (the alternate pathing daemon.) I'm using it quite successfully on linux and solaris 7 (in test bed only right now though). It's not bad.

Physical Interface Status

[cnvogel]

Other slashdotters have already postet links to very interesting programs, but I'm not shure if those take the physical link-status in account (which I whould find very interesting).

But if you want to do some programming on your own you should look at mii-diag which can monitor your ethernet-card's physical interface and tell you when your link goes down (physically).

Using this as a basis, you could write a very simple eth-phy-daemon which could start a script whenever your physical link goes up/down. Then you could change your network-config with those.

Re:Physical Interface Status

[j.e.hahn]

I'm not sure physical link status is enough. In a failure you may not lose link (which is a purely electrical phenomenon) but you may lose network connectivity. It's definitely a good criterion, but I sure wouldn't rely on it as my sole means of detection.

That being said it would hurt to detect physical link failure, but I wouldn't rely on it as a single method. Also, realize that if you lose link, you should at the very least experience persistent packet loss. And that's a sure sign of a failure somewhere. (it'd be nice if the kernel could be configured to return Dest. Unreachable messages if link was down, but alas...)

I forgot the URL!!!!

[cnvogel]

http://www.scyld.com/diag/

IF Metric?

[Helix150]

I'm mostly a windows 2000 guy so this may be wrong, but does Linux have a way to set an Interface Metric?

Basically that means you assign each eth adapter a number (metric). If more than one is set up with a route to your destination, it tries them in order of lowest metric to highest metric. Simply set up the failover adapter with a metric one higher than the standard one and you're set.

Re:IF Metric?

[Paul+Jakma]

yes linux supports metrics.

however, this method will only work for physical link failures that are detected. (and i dont think linux does much even if it does detect a link failure).

needless to say the vast majority of network failures tend not to be detected link failures.

my suggestion would be to use OSPF for link state and route failure detection and failover.

high end server ethernet cards

[SuiteSisterMary]

The higher end server ethernet cards tend to do this automatically; they generally create a virtual NIC for the OS to use, then do it all transparently to the OS. This allows for clustering and for failover of NICs. Said highend cards are also often multiport. Dells, for example, tend to use the Intel ones.

intel advanced networking services

[galore]

pickup a few intel ee-pro/100 adaptors, and then use intel's advanced networking services module - the cards will support fault tolerance, load balancing, and link aggregation. you'll need to use intel's own e100 kernel module (not the eepro100 module included in the main kernel tree), though i haven't had any problems with it.

http://support.intel.com/support/network/adapter /a ns/linux/linansoverview.htm

Re:intel advanced networking services

[legend]

Yup, I use this on a few of my servers, and it works just fine. It creates a virtual ethernet device, which you can call anything you want. (I use fte0 for Fault Tolerent Ethernet) and you treat fte0 just like you would an actual network card. If one network cable gets unplugged, it fails over to the other NIC. The best part is, it works with ANY switch or HUB even. It is not a vendor specific solution like "EtherChannel"

Convolo Dataguard v2.0

[phroseph]

Convolo has support for NIC failover which is modeled after Solaris's mpathd. Unfortunately, this only works in a clustered environment, so it may not be exactly what you're looking for.

VRRPd

[funkboy]

Try VRRPd if you just want failover between boxes, but a better solution is to dynamically load-balance over the two interfaces using a routing protocol.