Keepalived switched but slave still gets connections

Issues related to applications and software problems
Post Reply
kiwifruktish
Posts: 2
Joined: 2021/08/05 08:09:11

Keepalived switched but slave still gets connections

Post by kiwifruktish » 2021/08/05 08:29:36

I have two servers running, one physical and on virtual in VMware.

Both are running "Keepalived v1.3.5"
Masters IP: 192.168.8.31
Slaves IP: 192.168.8.32
Virtual IPs: 192.168.8.33, 192.168.8.34, 192.168.8.35

Master keepalived config:

Code: Select all

global_defs {
        notification_email {
                me@me.com
                me@me.com
        }
        notification_email_from me@me.com
        smtp_server mail.me.com
        smtp_connect_timeout 30
        router_id LB001
}

# Web
vrrp_instance web {
        state MASTER
        interface team0.100
        virtual_router_id 55
        priority 100
        smtp_alert

        unicast_src_ip 192.168.8.31 # My IP
        unicast_peer {
                192.168.8.32 # peer IP
        }

        authentication {
                auth_type PASS
                auth_pass ME
        }

        virtual_ipaddress {
                192.168.8.33 dev team0.100
                192.168.8.34 dev team0.100
                192.168.8.35 dev team0.100
        }
}
Slave config:

Code: Select all

global_defs {
        notification_email {
                me@me.com
                me@me.com
        }
        notification_email_from me@me.com
        smtp_server mail.me@me.com
        smtp_connect_timeout 30
        router_id LB002
}

# Web
vrrp_instance web {
        state BACKUP
        interface ens224
        virtual_router_id 55
        priority 50
        smtp_alert

        unicast_src_ip 192.168.8.32 # My IP
        unicast_peer {
                192.168.8.31 # peer IP
        }

        authentication {
                auth_type PASS
                auth_pass ME
        }

        virtual_ipaddress {
                192.168.8.33 dev ens224
                192.168.8.34 dev ens224
                192.168.8.35 dev ens224
        }
}

Both servers are running haproxy, as i am in need to be available to start harpoxy with settings for the virtuall ip'si have added them on "dummy" interface as that is recommended since network manager does not handle loopback interface.


Master interface when "master":

Code: Select all

6: team0.100@team0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 6c:2b:59:bf:fe:1f brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.31/26 brd 192.168.8.63 scope global noprefixroute team0.100
       valid_lft forever preferred_lft forever
    inet 192.168.8.33/32 scope global team0.100
       valid_lft forever preferred_lft forever
    inet 192.168.8.34/32 scope global team0.100
       valid_lft forever preferred_lft forever
    inet 192.168.8.35/32 scope global team0.100
       valid_lft forever preferred_lft forever

9: ha: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 3a:35:fa:03:74:f6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.33/32 brd 192.168.8.33 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
    inet 192.168.8.34/32 brd 192.168.8.34 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
    inet 192.168.8.35/32 brd 192.168.8.35 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
Slave interface when "slave":

Code: Select all

3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:ae:5d:a8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.32/26 brd 192.168.8.63 scope global noprefixroute ens224
       valid_lft forever preferred_lft forever

5: ha: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 4a:96:96:7b:3d:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.33/32 brd 192.168.8.33 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
    inet 192.168.8.34/32 brd 192.168.8.34 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
    inet 192.168.8.35/32 brd 192.168.8.35 scope global noprefixroute ha
       valid_lft forever preferred_lft forever
Running tshark vrrp check on master:

Code: Select all

  1 0.000000000 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
  3 1.001136459 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
  5 2.002488130 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
Running tshark vrrp check on slave:

Code: Select all

  1 0.000000000 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
  2 1.001357870 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
  3 2.002706787 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
  4 3.004089925 192.168.8.31 -> 192.168.8.32 VRRP 62 Announcement (v2)
But still for some reason slave still gets few connections to 192.168.8.34 even if the interface shows that the ip is only on dummy interface.

kiwifruktish
Posts: 2
Joined: 2021/08/05 08:09:11

Re: Keepalived switched but slave still gets connections

Post by kiwifruktish » 2021/08/05 10:40:50

The problem might be vmware?

As i am using network manager which do not handle lo interface i use dummy interface to add my ip address to both server to be able to bind haproxy and other applications to specific ip when not being "master", but the dummy interfaces is reported to vmware by vmtools as lo interfaces arnt, that might be something that vmware arp is reporting up?

Post Reply