Re: [FROG] MAC Flapping With VRRP on Linux
I'm glad you found a solution for your problem. If you would humor me, I'm still interested in your configuration, because the documentation doesn't mention any arp_ignore settings and if they are necessary I would like to document them. I find your setup interesting because I have a vague memory of similar deployments using VRRP on bonds and I don't recall needing to set those options. I am wondering if a kernel change happened, my memory is wrong, or if this really just is undocumented. If possible, could you send the results of: ip -d link showvrrp4-1-1@bond0 Thanks, Quentin On 5/19/24 8:03 PM, Alasdair Muckart via frog wrote:
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Quentin, As far as I can see the required sysctls are undocumented. Here are the links: 23: vrrp4-1-1@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group 200 qlen 1000 link/ether 00:00:5e:00:01:01 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535 macvlan mode bridge bcqueuelen 1000 usedbcqueuelen 1000 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 14: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group 200 qlen 1000 link/ether e2:39:b3:4e:bc:47 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535 bond mode active-backup active_slave enp10s0f1 miimon 1000 updelay 0 downdelay 0 peer_notify_delay 0 use_carrier 1 arp_interval 0 arp_validate none arp_all_targets any primary enp10s0f1 primary_reselect always fail_over_mac none xmit_hash_policy layer2 resend_igmp 1 num_grat_arp 1 all_slaves_active 0 min_links 0 lp_interval 1 packets_per_slave 1 lacp_active on lacp_rate slow ad_select stable tlb_dynamic_lb 1 addrgenmode eui64 numtxqueues 16 numrxqueues 16 gso_max_size 65536 gso_max_segs 65535 11: enp10s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group 200 qlen 1000 link/ether e2:39:b3:4e:bc:47 brd ff:ff:ff:ff:ff:ff permaddr 90:3c:b3:3f:da:18 promiscuity 0 minmtu 68 maxmtu 9710 bond_slave state ACTIVE mii_status UP link_failure_count 0 perm_hwaddr 90:3c:b3:3f:da:18 queue_id 0 addrgenmode none numtxqueues 64 numrxqueues 64 gso_max_size 65536 gso_max_segs 65535 parentbus pci parentdev 0000:0a:00.1 13: enp11s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group 200 qlen 1000 link/ether e2:39:b3:4e:bc:47 brd ff:ff:ff:ff:ff:ff permaddr 90:3c:b3:3f:da:1a promiscuity 0 minmtu 68 maxmtu 9710 bond_slave state BACKUP mii_status UP link_failure_count 0 perm_hwaddr 90:3c:b3:3f:da:1a queue_id 0 addrgenmode none numtxqueues 64 numrxqueues 64 gso_max_size 65536 gso_max_segs 65535 parentbus pci parentdev 0000:0b:00.1 The required sysctls were 'net.ipv4.conf.bond0.arp_ignore=1' and 'net.ipv4.conf.vrrp4-1-1.arp_ignore=1' Cheers. Quentin Young <qlyoung@qlyoung.net> writes:
1. ( ) text/plain (*) text/html
I'm glad you found a solution for your problem. If you would humor me, I'm still interested in your configuration, because the documentation doesn't mention any arp_ignore settings and if they are necessary I would like to document them.
I find your setup interesting because I have a vague memory of similar deployments using VRRP on bonds and I don't recall needing to set those options. I am wondering if a kernel change happened, my memory is wrong, or if this really just is undocumented.
If possible, could you send the results of:
ip -d link show vrrp4-1-1@bond0 Thanks, Quentin
On 5/19/24 8:03 PM, Alasdair Muckart via frog wrote:
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
[4. text/plain] _______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
- -- Alasdair Muckart (he/him) Network Infrastructure Architect Catalyst.Net Limited - Expert Open Source Solutions Catalyst.Net Ltd - a Catalyst IT group company DDI: +64 4 897 7794 | Mobile: +64 22 638 5141 | Tel: +64 4 499 2267 | www.catalyst.net.nz CONFIDENTIALITY NOTICE: This email is intended for the named recipients only. It may contain privileged, confidential or copyright information. If you are not the named recipient, any use, reliance upon, disclosure or copying of this email or its attachments is unauthorised. If you have received this email in error, please reply via email or call +64 4 499 2267. -----BEGIN PGP SIGNATURE----- iQJUBAEBCgA+FiEEu4g3jwJ68cPCdgH9iBAgH4ERwwMFAmZOqWAgHGFsYXNkYWly bXVja2FydEBjYXRhbHlzdC5uZXQubnoACgkQiBAgH4ERwwN+PxAAi5XxFJObiPEm qGwtfU0EP6I6nhruLmBCS05Q4+Ui6/WOTH02Jgz0B+6MuHYlLhL1g1EZJUB8HfF/ U+g9eRUTy77AYirY7HJaZ8rbD6GVJZyqaFteNvqEKTnCc6Ag14ToT953DaGOQ1LS jnWvTGhJWl6qlrWHaWnp3NCjfuisarJvlpMJnVXggnwjZ+LuqslBj9E0II786Sto gzcp81xd+a1a4pKOFyuYbCzziBDrW0o6Tdhdt7Eb3LLqQUtzlKmyQ+sWWX5q+NDE nYUHMVzl+/HqFt/LkCl3nsdZT+PeYm3LEuU8R84UhSttwwJ2STeJSNORayeGq1Xi KYbxyikKRccun2Zhs0MpXa5ViMITdkZg45iskeDW+YCm3dFPUGvxqCXgSh9sNflo 3U9o9ZkOYYt9eqXd6/VUv6ZInhXXswxhMLXsXgxIeUvA44zx3DLdCAAS1KaaqSSo sNJqm4Zu/ozJVGrx71K8HxWmyfxnpDz8pTlpUCmF7y+KSp2GQxgcpS7i4fCqk58O QkcD8DJX5RdF0UydeZacbStylclAn36BOlJoYyrhaXqETeIcgjLsS3ng2lGCE15J ZQQzbC/tHY8TRTcdPrEDR00gmJNZZi4dvd0KwY2UPG1/IgNSVw1Yc3VktGYgHOKw ULEbtp4dccs0VcTK7c6Chj3Hq0UFZSU= =WpJf -----END PGP SIGNATURE-----
participants (2)
-
Alasdair Muckart -
Quentin Young