Feature #11103
closed
Use virtual link local IP address as RA source address for HA environments
0%
Description
If radvd is configured with RA interface set to a virtual link local IP, then add it to AdvRASrcAddress in radvd.conf. This ensures that the virtual IP is advertised as the gateway address to clients.
Related issues
Updated by znerol znerol almost 3 years ago
Filed PR: https://github.com/pfsense/pfsense/pull/4487
Instructions for testing this feature:
- Setup HA cluster with primary and fallback
- Setup a IPv6 link-local VIP on the LAN interface, e.g.:
fe80::1:1 - Configure the link-local VIP as the
RA Interfaceon primary and fallback hosts
Observe that:
radvd.confis present with a configuration section for the LAN interface on both machines (primary and fallback)radvd.confincludes anAdvRASrcAddresssection- RA packets are sent by the primary host with the VIP as source address, no RA packets are sent by the fallback host.
- RA packets are sent by the fallback host with the VIP as source address as soon as the VIP switches over to the fallback host. No RA packets are sent by the primary host.
- Default route on client machines stays the same regardless whether the VIP is currently on primary or fallback host.
Updated by Jim Pingle almost 3 years ago
- Status changed from New to Pull Request Review
- Target version set to CE-Next
Updated by Renato Botelho over 2 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
PR has been merged. Thanks!
Updated by znerol znerol over 2 years ago
Thanks for merging. I just opened a PR for a small followup:
https://github.com/pfsense/pfsense/pull/4502
Sorry that I did not notice that earlier.
Updated by znerol znerol over 2 years ago
Found another thing I've missed before:
https://github.com/pfsense/pfsense/pull/4515
Updated by Jim Pingle over 2 years ago
- Status changed from Feedback to Pull Request Review
- Target version changed from CE-Next to 2.6.0
Updated by Anonymous over 2 years ago
- Status changed from Pull Request Review to Feedback
Updated by Jim Pingle over 2 years ago
- Subject changed from radvd: use virtual link local IP as source address in HA setups to Use virtual link local IP address as RA source address for HA environments
Updating subject for release notes.
Updated by Viktor Gurov over 2 years ago
- Status changed from Feedback to Resolved
works as expected on 21.05.r.20210526.1807
`AdvRASrcAddress` in `/var/etc/radvd.conf`:
# Automatically Generated, do not edit
# Generated for DHCPv6 Server lan
interface vtnet0 {
AdvSendAdvert on;
AdvRASrcAddress {
fe80:88::7272;
};
MinRtrAdvInterval 5;
MaxRtrAdvInterval 20;
AdvDefaultLifetime 60;
AdvLinkMTU 1500;
AdvDefaultPreference medium;
AdvManagedFlag on;
AdvOtherConfigFlag on;
prefix fc00:88::/64 {
DeprecatePrefix off;
AdvOnLink on;
AdvAutonomous on;
AdvValidLifetime 86400;
AdvPreferredLifetime 14400;
};
route ::/0 {
AdvRoutePreference medium;
RemoveRoute off;
};
RDNSS fc00:88::72 {
AdvRDNSSLifetime 60;
};
DNSSL home.arpa { };
};
it's better to hide non-linklocal VIPs from the dropdown menu, but this is not critical
Updated by Jim Pingle over 2 years ago
- Target version changed from 2.6.0 to 2.5.2
Updated by Viktor Gurov almost 2 years ago
- Related to Regression #12582: RADVD can be started on both HA nodes when configured with an IPv6 link-local address added