Feature #11103
closed
Use virtual link local IP address as RA source address for HA environments
0%
Description
If radvd is configured with RA interface set to a virtual link local IP, then add it to AdvRASrcAddress in radvd.conf. This ensures that the virtual IP is advertised as the gateway address to clients.
Updated by Lorenz Schori 10 months ago
Filed PR: https://github.com/pfsense/pfsense/pull/4487
Instructions for testing this feature:
- Setup HA cluster with primary and fallback
- Setup a IPv6 link-local VIP on the LAN interface, e.g.:
fe80::1:1 - Configure the link-local VIP as the
RA Interfaceon primary and fallback hosts
Observe that:
radvd.confis present with a configuration section for the LAN interface on both machines (primary and fallback)radvd.confincludes anAdvRASrcAddresssection- RA packets are sent by the primary host with the VIP as source address, no RA packets are sent by the fallback host.
- RA packets are sent by the fallback host with the VIP as source address as soon as the VIP switches over to the fallback host. No RA packets are sent by the primary host.
- Default route on client machines stays the same regardless whether the VIP is currently on primary or fallback host.
Updated by Jim Pingle 10 months ago
- Status changed from New to Pull Request Review
- Target version set to CE-Next
Updated by Renato Botelho 7 months ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
PR has been merged. Thanks!
Updated by Lorenz Schori 7 months ago
Thanks for merging. I just opened a PR for a small followup:
https://github.com/pfsense/pfsense/pull/4502
Sorry that I did not notice that earlier.
Updated by Lorenz Schori 5 months ago
Found another thing I've missed before:
https://github.com/pfsense/pfsense/pull/4515
Updated by Jim Pingle 5 months ago
- Status changed from Feedback to Pull Request Review
- Target version changed from CE-Next to 2.6.0
Updated by Steve Beaver 4 months ago
- Status changed from Pull Request Review to Feedback
Updated by Jim Pingle 4 months ago
- Subject changed from radvd: use virtual link local IP as source address in HA setups to Use virtual link local IP address as RA source address for HA environments
Updating subject for release notes.
Updated by Viktor Gurov 4 months ago
- Status changed from Feedback to Resolved
works as expected on 21.05.r.20210526.1807
`AdvRASrcAddress` in `/var/etc/radvd.conf`:
# Automatically Generated, do not edit
# Generated for DHCPv6 Server lan
interface vtnet0 {
AdvSendAdvert on;
AdvRASrcAddress {
fe80:88::7272;
};
MinRtrAdvInterval 5;
MaxRtrAdvInterval 20;
AdvDefaultLifetime 60;
AdvLinkMTU 1500;
AdvDefaultPreference medium;
AdvManagedFlag on;
AdvOtherConfigFlag on;
prefix fc00:88::/64 {
DeprecatePrefix off;
AdvOnLink on;
AdvAutonomous on;
AdvValidLifetime 86400;
AdvPreferredLifetime 14400;
};
route ::/0 {
AdvRoutePreference medium;
RemoveRoute off;
};
RDNSS fc00:88::72 {
AdvRDNSSLifetime 60;
};
DNSSL home.arpa { };
};
it's better to hide non-linklocal VIPs from the dropdown menu, but this is not critical