Debian 11 - keepalived s ipv6 po restartu OS jde do failure state

Ahoj,

po upgradu na debian 11 jsem objevil problem s keepalived, pokud je nakonfigurovana i ipv6. Sit je staticky konfigurovana pres systemd-networkd (GUA adresy)

Kód: [Vybrat]
[Match]
Name=ens18

[Network]
Address=SERVER_IPV6/64

[Route]
Gateway=GW_IPV6
PreferredSource=SERVER_IPV6

Vrrp blok pro ipv6 je takto (ipv4 ma stejny, pouze ipv4 adresy + spojeno v jedne vrrp_sync_group)
Kód: [Vybrat]
vrrp_instance V6 {
    interface ens18
    virtual_router_id 106
    unicast_src_ip SERVER_IPV6
    unicast_peer {
        PEER_SERVER_IPV6
    }
    priority 50
    virtual_ipaddress {
        VIRTUAL_SERVER_IPV6/64 dev ens18
    }
    track_process {
        track_haproxy
     }


Log po bootu

Kód: [Vybrat]
Dec 14 11:26:01 HOSTNAME systemd[1]: Started Network Service.
Dec 14 11:26:01 HOSTNAME systemd[1]: Reached target Network.
Dec 14 11:26:01 HOSTNAME systemd[1]: Reached target Network is Online.
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens20: Link UP
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens20: Gained carrier
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens19: Link UP
Dec 14 11:26:01 HOSTNAME systemd-udevd[250]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens19: Gained carrier
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens18: Link UP
Dec 14 11:26:01 HOSTNAME systemd-networkd[240]: ens18: Gained carrier
...
Dec 14 11:26:01 HOSTNAME Keepalived[370]: Starting Keepalived v2.1.5 (07/13,2020)
Dec 14 11:26:01 HOSTNAME Keepalived[370]: Running on Linux 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) (built for Linux 5.8.14)
Dec 14 11:26:01 HOSTNAME Keepalived[370]: Command line: '/usr/sbin/keepalived' '--dont-fork'
Dec 14 11:26:01 HOSTNAME Keepalived[370]: Opening file '/etc/keepalived/keepalived.conf'.
Dec 14 11:26:01 HOSTNAME Keepalived[370]: NOTICE: setting config option max_auto_priority should result in better keepalived performance
Dec 14 11:26:01 HOSTNAME Keepalived[370]: Starting VRRP child process, pid=424
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: Registering Kernel netlink reflector
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: Registering Kernel netlink command channel
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: Opening file '/etc/keepalived/keepalived.conf'.
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: (V6) Changing effective priority from 50 to 150
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: (V4) Changing effective priority from 50 to 150
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: Registering gratuitous ARP shared channel
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: Registering gratuitous NDISC shared channel
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: bind unicast_src SERVER_IPV6 failed 99 - Cannot assign requested address
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: (V6): entering FAULT state (src address not configured)
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: (V6) Entering FAULT STATE
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: VRRP_Group(V64) Syncing instances to FAULT state
Dec 14 11:26:01 HOSTNAME Keepalived_vrrp[424]: (V4) Entering FAULT STATE
...
Dec 14 11:26:02 HOSTNAME systemd-networkd[240]: ens18: Gained IPv6LL
Dec 14 11:26:02 HOSTNAME systemd-networkd[240]: ens19: Gained IPv6LL


Delaji to obe verze keepalived
Kód: [Vybrat]
keepalived:
  Installed: 1:2.1.5-0.2
  Candidate: 1:2.1.5-0.2
  Version table:
     1:2.2.4-0.2~bpo11+1 450
        450 http://ftp.cz.debian.org/debian bullseye-backports/main amd64 Packages
 *** 1:2.1.5-0.2 990
        990 http://ftp.cz.debian.org/debian bullseye/main amd64 Packages
        100 /var/lib/dpkg/status

Prozatim jsem to poresil pres "vrrp_startup_delay 5", ale existuje lepsi cesta, resp. fix? Nerad bych se zbavoval "unicast_src_ip" a "unicast_peer" (aby mi to nechodilo pres link-local atd.). Vypada to na nejake specifikum nastaveni ipv6 na interface oproti ipv4 (dle google).

Diky


Re:Debian 11 - keepalived s ipv6 po restartu OS jde do failure state
« Odpověď #1 kdy: 14. 12. 2021, 12:44:51 »
Vypada to na tento bug https://github.com/acassen/keepalived/issues/1972, fixnuto z konce srpna, v backports repozitari debianu je 2.2.4 pridana 6.12., akorat z toho nepoznam, zda to ten fix obsahuje ci ne...

Kdyztak tipy na pripadny jiny spolehlivy balancer, co by umel kontrolovat, ze sluzba bezi, snadno konfigurovatelny vcetne testu konfigurace - proste zakladni veci...