1

I have three clusters of keepalived servers, two instances in each cluster, each cluster with a unique VIP and Router Id. Two of them are working fine using unicast VRRP advertisements, but one of them...isn't.

So, we'll say for the sake of this question that the two clustered instances are machine1.domain and machine2.domain. Here's the keepalived config for machine1.domain:

vrrp_instance VI_1 {
    state MASTER
    notify /usr/local/bin/keepalived-notify.sh
    virtual_router_id 55
    interface eth0
    unicast_src_ip 192.168.0.12
    unicast_peer {
        192.168.0.13
    }
    priority 255
    authentication {
        ...
    }
    virtual_ipaddress {
        192.168.0.14
    }
    track_script {
        chk_haproxy
    }
}

Just to state it explicitly, machine1.domain has an assigned IP of 192.168.0.12 and machine2.domain has 192.168.0.13 with a VIP of 192.168.0.14.

When I run tcpdump -i eth0 | grep "vrid 55", this is what I get:

sudo tcpdump -i eth0 | grep "vrid 55"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:09:03.386420 IP machine1.domain > machine2.domain: VRRPv2, Advertisement, vrid 55, prio 255, authtype simple, intvl 1s, length 20
14:09:03.738807 IP VIP.domain > vrrp.mcast.net: VRRPv2, Advertisement, vrid 55, prio 100, authtype none, intvl 1s, length 20
14:09:04.387364 IP machine1.domain > machine2.domain: VRRPv2, Advertisement, vrid 55, prio 255, authtype simple, intvl 1s, length 20
14:09:04.740211 IP VIP.domain > vrrp.mcast.net: VRRPv2, Advertisement, vrid 55, prio 100, authtype none, intvl 1s, length 20
14:09:05.388325 IP machine1.domain > machine2.domain: VRRPv2, Advertisement, vrid 55, prio 255, authtype simple, intvl 1s, length 20
14:09:05.740435 IP VIP.domain > vrrp.mcast.net: VRRPv2, Advertisement, vrid 55, prio 100, authtype none, intvl 1s, length 20

So keepalived is sending multicast messages on the VIP and unicast messages on machine1.domain's instance IP. I have restarted the keepalived service, reloaded it, stopped it, restarted the instance, etc. It always comes back broadcasting on both unicast and multicast.

Also, all instances in all 3 of my clusters are configured via chef. They all have identical configurations, just substitute the three IPs and router id in the keepalived config.

Thanks for any help you can give. I have no idea what caused this, any ideas?

Nick Pendleton
  • 11
  • 1
  • 3
  • You seem to be saying multicast traffic is a problem, but [VRRP](https://en.wikipedia.org/wiki/Virtual_Router_Redundancy_Protocol) requires that "Physical routers within the virtual router must communicate within themselves using packets with multicast IP address 224.0.0.18 and IP protocol number 112.". – iwaseatenbyagrue Apr 23 '17 at 11:43
  • Keepalived supports unicast messaging between nodes to establish a master node. Whether or not this is in the VRRP spec is neither here nor there. The functionality of keepalived, as stated in documentation, is that when a unicast peer is defined, multicast messages stop being sent, and instead unicast messages to the peers occur. This question is inquiring as to why that wasn't working. – Nick Pendleton May 12 '17 at 22:09

0 Answers0