Keepalived two master have virtual IP simultaneously

by YCS   Last Updated June 13, 2019 08:00 AM

It's really strange on my BACKUP device always turn to MASTER several secs.

I've already search both master have virtual IP simultaneously cases,and all of there solution I've tried, but still not work.

There's two way probably to solve it

  1. Priority setting in keepalived.conf

  2. Firewall drop VRRP packet make BACKUP device consider it should transit
    to MASTER

BACKUP.conf

global_defs {
        router_id ThinkPad  
}

vrrp_instance VRRP3 {
    state BACKUP
    interface eth0
    virtual_router_id 41
    priority 1
    advert_int 5
    authentication {
        auth_type PASS
        auth_pass 1066
    }
    virtual_ipaddress {
    172.16.100.1/16 dev eth0
    #172.16.10.1/16 dev eth0 label eth0:1
    #172.16.20.1/16 dev eth0 label eth0:2
    #172.16.30.1/16 dev eth0 label eth0:3
    }

 #   unicast_src_ip 172.16.100.2         ##source ip
 #   unicast_peer {
 #           172.16.100.1          ##dest ip
 #  }

     notify_master /etc/keepalived/ICS2.sh
     notify_backup /etc/keepalived/ICS.sh
}

MASTER.conf

global_defs {
        router_id NvidiaTx2
}

vrrp_instance VRRP1 {
    state MASTER
    interface eth0
    virtual_router_id 41
    priority 200
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1066
    }
    virtual_ipaddress {
    172.16.100.1/16 dev eth0
    #172.16.10.1/16 dev eth0 label eth0:1
    #172.16.20.1/16 dev eth0 label eth0:2
    #172.16.30.1/16 dev eth0 label eth0:3
    }

 #   unicast_src_ip 172.16.100.1         ##source ip
 #   unicast_peer {
 #           172.16.100.2          ##dest ip
 #  }

}

iptables setting (and ufw already disable)

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     112  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     112  --  0.0.0.0/0            224.0.0.18          
ACCEPT     112  --  0.0.0.0/0            224.0.0.18          

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     112  --  0.0.0.0/0            224.0.0.18          
ACCEPT     112  --  0.0.0.0/0            224.0.0.18    

tcpdump resault

[email protected]:/etc/keepalived# tcpdump -i eth0 -n vrrp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:41:38.864030 IP 172.16.100.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 200, authtype simple, intvl 1s, length 20
15:41:39.859616 IP 172.16.100.2 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 1, authtype simple, intvl 5s, length 20
15:41:40.862070 IP 172.16.100.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 200, authtype simple, intvl 1s, length 20
15:41:41.863060 IP 172.16.100.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 200, authtype simple, intvl 1s, length 20
15:41:42.863939 IP 172.16.100.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 200, authtype simple, intvl 1s, length 20
15:41:43.864744 IP 172.16.100.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 200, authtype simple, intvl 1s, length 20
15:41:44.859805 IP 172.16.100.2 > 224.0.0.18: VRRPv2, Advertisement, vrid 41, prio 1, authtype simple, intvl 5s, length 20


Related Questions


Updated February 07, 2018 11:00 AM

Updated July 24, 2017 03:00 AM

Updated December 16, 2015 19:00 PM

Updated January 01, 2017 08:00 AM

Updated January 01, 2017 08:00 AM