commit e58a01f6b1d0b9001b927edf49110e71c898c4ca Author: Quentin Armitage AuthorDate: Tue Feb 12 00:49:46 2019 +0000 Commit: Quentin Armitage CommitDate: Tue Feb 12 00:49:46 2019 +0000 Fix removing left over VIPs at startup Signed-off-by: Quentin Armitage commit 6d8fc7bfdf72c3eed0f1a052d93403536637901b Author: Quentin Armitage AuthorDate: Tue Feb 12 00:40:59 2019 +0000 Commit: Quentin Armitage CommitDate: Tue Feb 12 00:40:59 2019 +0000 Don't consider VIPs as local addresses when restart after crash Keepalived maintains a list of addresses per interface that can be used as source adddresses for adverts. To build the list, keepalived reads the addresses configured on interfaces when it starts. However, if keepalived crashed it will have left VIPs configured on interfaces, and we don't want to use them as advert source addresses. This commit makes keepalived compare the addresses on interfaces to VIPs, and ignores any addresses that are VIPs. Signed-off-by: Quentin Armitage commit c236810a4ec6c3aa1ced42289d9e09b8dab079a8 Author: Quentin Armitage AuthorDate: Tue Jan 15 10:44:37 2019 +0000 Commit: Quentin Armitage CommitDate: Tue Jan 15 10:44:37 2019 +0000 Ensure all protocol headers received before return pointer to vrrp header vrrp_get_header() returns a pointer to the vrrp header, but it now returns NULL if insufficient data has been received to include all the (IP, possibly AH, and VRRP) headers (this does not include the VIPs in the VRRP packet). This means that when a pointer to the VRRP header is returned, all fields in all protocol headers can safely be accessed. Signed-off-by: Quentin Armitage commit 53ab7ad6520d235fa28a535bed25d906a09e89e4 Author: Quentin Armitage AuthorDate: Sun Dec 2 15:13:20 2018 +0000 Commit: Quentin Armitage CommitDate: Sun Dec 2 15:13:20 2018 +0000 Restructed code around how iptables/nftables are called This commit also allows building keepalived without iptables support, thereby allowing only nftables support. Adding any other mechanism to handle no_accept mode, i.e. blocking receiving and sending to/from VIPs should be added to vrrp_firewall.c, in a similar way to how nftables/iptables are used. Signed-off-by: Quentin Armitage commit 4834d12c13f1bcfa092507ff55c8530a2e60a85c Merge: 5da2eabb 95ef74a6 Author: Quentin Armitage AuthorDate: Fri Jun 15 14:21:37 2018 +0100 Commit: GitHub CommitDate: Fri Jun 15 14:21:37 2018 +0100 Merge pull request #915 from pqarmitage/updates Consider eVIPs when determining if need GARP/NDISC send buffers commit 95ef74a609d1113e3d8f34cb1ebf72f456f7e322 Author: Quentin Armitage AuthorDate: Fri Jun 15 14:13:45 2018 +0100 Commit: Quentin Armitage CommitDate: Fri Jun 15 14:13:45 2018 +0100 Consider eVIPs when determining if need GARP/NDISC send buffers Issue #914 identifed a segfault when the vrrp instances are all IPv6 but there are IPv4 eVIPs configured. keepalived was not allocation a buffer for sending GARPs in this situation. Signed-off-by: Quentin Armitage commit d800501ac4c6e5ed7dc2c05d366d938b2386ad8d Merge: 18ee0303 762d97fb Author: Quentin Armitage AuthorDate: Fri May 25 09:03:49 2018 +0100 Commit: GitHub CommitDate: Fri May 25 09:03:49 2018 +0100 Merge pull request #885 from pqarmitage/beta Add no-track option for VIPs/eVIPs commit 0e0c2817e26c9b2b2685ab157de7d01ccd6420e5 Author: Quentin Armitage AuthorDate: Thu May 24 21:20:06 2018 +0100 Commit: Quentin Armitage CommitDate: Thu May 24 21:20:06 2018 +0100 Add no-track option for VIPs/eVIPs This option allows VIPs/eVIPs to be configured, but the deletion of those addresses will not cause the VRRP instance to transition to backup state. Merge request #860 gives a justification for why there are circumstances when a vrrp instance should not transition to fault state if a VIP is deleted. Signed-off-by: Quentin Armitage commit 979727e5db1f0307149b2932267ed214ecd0850d Author: Quentin Armitage AuthorDate: Thu May 24 21:06:40 2018 +0100 Commit: Quentin Armitage CommitDate: Thu May 24 21:06:40 2018 +0100 Add tracking of VIPs/eVIPs on interfaces other the vrrp instance i/f If VIPs/eVIPs were configured on interfaces which were not the interface that the VRRP instance is running over, then the address were not being tracked. This commits adds those interfaces to the interfaces to be tracked for a VRRP instance. Signed-off-by: Quentin Armitage commit e90a633c34fbe6ebbb891aa98bf29ce579b8b45c Author: Quentin Armitage AuthorDate: Fri Dec 15 21:14:24 2017 +0000 Commit: Quentin Armitage CommitDate: Fri Dec 15 21:14:24 2017 +0000 Fix removing left-over addresses if keepalived aborts Issue #718 reported that if keepalived terminates abnormally when it has vrrp instances in master state, it doesn't remove the left-over VIPs and eVIPs when it restarts. This is despite commit f4c10426c saying that it resolved this problem. It turns out that commit f4c10426c did resolve the problem for VIPs or eVIPs, although it did resolve the issue for iptables and ipset configuration. This commit now really resolves the problem, and residual VIPs and eVIPs are removed at startup. Signed-off-by: Quentin Armitage commit 0b1528c76d3fe8d1c5765841df86c59570a036da Author: Quentin Armitage AuthorDate: Tue Jun 6 15:52:11 2017 +0100 Commit: Quentin Armitage CommitDate: Tue Jun 6 15:52:11 2017 +0100 If a VIP or eVIP is removed, transition to backup If we transition to backup, then either another router will take over, or we will transition to master; in the later case we will restore the address that was deleted. Signed-off-by: Quentin Armitage commit 84fb82079b5f75ad1fadf86d721863472cf34e7a Author: Quentin Armitage AuthorDate: Tue Aug 30 16:11:41 2016 +0100 Commit: Quentin Armitage CommitDate: Mon Oct 17 13:19:16 2016 +0100 Become master as soon as send first advert After sending the first advert after deciding to become master we were waiting a further advert interval before configuring the VIPs etc on the interface. This meant that although we had told the network we were the master, for 1 advert interval we weren't doing so, and so the virtual router would be down for that period. Signed-off-by: Quentin Armitage