How a virtual IP address works (Windows/Linux)?

How a primary/secondary virtual IP address works in the same subnet?

Case of a mirror cluster with 2 Windows or Linux servers

When both servers of a mirror cluster are in the same subnet, the virtual IP address is set on the Ethernet card of the primary server (through IP aliasing). The virtual IP address is a third IP address coming in addition to the two physical IP addresses of server 1 and server 2. Note that with SafeKit, several virtual IP addresses can be set in the cluster on the same Ethernet card or on different Ethernet cards.

If server 1 is the primary server, then the virtual IP address is associated to the Ethernet MAC address of server 1 in the clients ARP caches: mac1 in the figure. If there is a failure of server 1 and a failover on server 2, SafeKit automatically sends gratuitous ARP to reroute clients ARP caches with the Ethernet address mac2 of server 2. Thus, clients are reconnected to server 2 running the application which has been restarted on this server by the SafeKit clustering mechanisms.

When two servers are in remote sites, the previous virtual IP address algorithms are working if they are connected in the same subnet through an extended LAN/VLAN. This is the simplest use case for remote sites.

How a primary/secondary virtual IP address works in different subnets?

Case of a mirror cluster with 2 Windows or Linux servers

If the servers are in differents subnets, the virtual IP address can be set at the level of a load balancer. The load balancer is configured with the two physical IP addresses of the two servers in their respective subnets. And the load balancer routes the traffic according a health check to servers.

The health check is based on a URL managed by SafeKit servers and answering OK or NOT FOUND according the status of a server. If the server is SECOND, the SafeKit health check returns NOT FOUND. Thus no traffic is sent by the load balancer to the secondary server. And if the server is PRIM, then the SafeKit health check returns OK. Thus all the traffic is sent by the load balancer to the primary server. In case of failover, SafeKit changes its answers to the health check. Thus the traffic of the load balancer is rerouted.

This implementation is the one used in SafeKit mirror-like solutions in the Cloud: Amazon AWS, Microsoft Azure and Google GCP.

Please note that SafeKit does not provide a load balancer; it only offers health checks. The load balancer must be supplied by the network infrastructure between the two subnets.

If needed, it can be discussed with the network team whether, instead of setting up a load balancer, an extended LAN could be configured between the two subnets. Moreover, when using a load balancer, it is essential to ensure that the application supports clients connecting via the load balancer's virtual IP address and that it properly handles connections arriving through the translated physical IP address assigned by the load balancer.

This issue does not arise with an extended LAN, which also provides sufficient bandwidth and appropriate latency for real-time synchronous replication without data loss.

How a load balanced virtual IP address works in the same subnet?

Case of a farm cluster with 2 Windows or Linux servers

In a load balancing farm cluster, a virtual IP address is required to load balance clients requests and to reroute clients in case of failover. In this example, we consider only two servers but the solution works with more than two servers.

When both servers of the cluster are in the same subnet, the virtual IP address is set on the Ethernet card of both servers (IP aliasing).

In the ARP cache of clients, the virtual IP address is associated to the Ethernet MAC address of one server: mac1 of server1 in the figure. A filter inside the kernel of server 1 receives the traffic and split it according the identity of the client packets (client IP address, client TCP port).

If there is a failure of server 1, SafeKit sends gratuitous ARP to reroute clients ARP caches with the Ethernet address mac2 of server 2. Thus, clients are reconnected to server 2.

When two servers are in remote sites, the previous virtual IP address algorithms are working if they are connected in the same subnet through an extended LAN/VLAN. This is the simplest use case for remote sites.

How a load balanced virtual IP address works in different subnets?

Case of a farm cluster with 2 Windows or Linux servers

If the servers are in differents subnets, the virtual IP address can be set at the level of a load balancer. The load balancer is configured with the two physical IP addresses of the two servers in their subnets. And the load balancer routes the traffic according load balancing rules (client IP address, client TCP port) and according a health check to servers.

The health check is based on a URL managed by SafeKit servers and answering OK or NOT FOUND according the status of a server. If the server is UP, the SafeKit health check returns OK, else NOT FOUND. In case of failover, SafeKit does not answer anymore OK to the health check on the failed server. Thus the traffic of the load balancer is rerouted.

This implementation is the one used in SafeKit farm-like solutions in the Cloud: Amazon AWS, Microsoft Azure and Google GCP.

Note that there is another solution by rerouting at the DNS level. But this solution is not working in most cases because the prerequisite is that clients makes a DNS resolution after a failover to be rerouted to the new server. Most often, they do not and continue their execution with the IP address resolved when they started.