keepalived,VRRP异常,主备都有VIP,备机收不到主节点的vrrp报文

发布于 2022-09-05 09:14:53 字数 3932 浏览 21 评论 0

主节点ip 192.168.0.107
配置成MASTER :

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id NodeA      
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    unicast_src_ip 192.168.0.107
    unicast_peer { 
                  192.168.0.105
                }
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.0.55
    }
}

备节点ip 192.168.0.105
配置成BACKUP :

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id NodeB
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    unicast_src_ip 192.168.0.105
    unicast_peer { 
                  192.168.0.107
                }
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.0.55
    }
}

先启动主节点,在启动备机
主节点的网卡

 inet 192.168.0.107/24 brd 192.168.0.255 scope global eth0
 inet 192.168.0.55/32 scope global eth0

备机的网卡:

inet 192.168.0.105/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.55/32 scope global eth0

主备都有VIP

在主节点上抓包:

[root@localhost ~]# tcpdump -i eth0 -n 'host 224.0.0.18'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:50:32.194720 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00:50:33.193174 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00:50:34.191970 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00:50:35.191044 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20

在备机上抓包

15:02:15.378400 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
15:02:16.379621 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
15:02:17.381288 IP 192.168.0.105 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20

把备机的keepalive关了
才能看的主节点的VRRP报文

[root@localhost ~]# tcpdump -i eth0 -n 'host 224.0.0.18'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:53:46.173603 IP 192.168.0.107 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 1s, length 20
00:53:47.186704 IP 192.168.0.107 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 1s, length 20

不是按道理,我主节点配置权值150要比备机的高么?

Aug 10 01:42:36 localhost Keepalived_vrrp[1617]: VRRP_Instance(VI_1) Received advert with lower priority 100, ours 150, forcing new election
Aug 10 01:42:37 localhost Keepalived_vrrp[1617]: VRRP_Instance(VI_1) Received advert with lower priority 100, ours 150, forcing new election

这里的日志有问题啊,怎么被forcing new election了?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

柠檬心 2022-09-12 09:14:53

配置文件中去掉 vrrp_strict 即可。

vrrp_strict 开启则表示严格遵守 vrrp 协议,会自动添加如下 iptables 规则:

-A INPUT -m set --match-set keepalived dst -j DROP

导致 VIP 无法访问

森末i 2022-09-12 09:14:53

发现我在别人的问题里回答了自己的问题,结果忘了在自己这里贴答案https://segmentfault.com/q/10...

去掉配置文件中的
vrrp_strict
重启keeplived

鲸落 2022-09-12 09:14:53

请问解决了吗亲

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文