Feature #11103
Use virtual link local IP address as RA source address for HA environments
0%
Description
If radvd is configured with RA interface set to a virtual link local IP, then add it to AdvRASrcAddress in radvd.conf. This ensures that the virtual IP is advertised as the gateway address to clients.
Associated revisions
Do not deprecate prefix if AdvRASrcAddress is specified, refs: #11103
Do not remove route upon radvd shutdown, refs: #11103
Do not remove IPv6 link-local vips on secondary during hasync, refs: #11103
History
#1
Updated by Lorenz Schori 7 months ago
Updated by Filed PR: https://github.com/pfsense/pfsense/pull/4487
Instructions for testing this feature:
- Setup HA cluster with primary and fallback
- Setup a IPv6 link-local VIP on the LAN interface, e.g.:
fe80::1:1 - Configure the link-local VIP as the
RA Interfaceon primary and fallback hosts
Observe that:
radvd.confis present with a configuration section for the LAN interface on both machines (primary and fallback)radvd.confincludes anAdvRASrcAddresssection- RA packets are sent by the primary host with the VIP as source address, no RA packets are sent by the fallback host.
- RA packets are sent by the fallback host with the VIP as source address as soon as the VIP switches over to the fallback host. No RA packets are sent by the primary host.
- Default route on client machines stays the same regardless whether the VIP is currently on primary or fallback host.
#2
Updated by Jim Pingle 7 months ago
Updated by - Status changed from New to Pull Request Review
- Target version set to CE-Next
#3
Updated by Renato Botelho 4 months ago
Updated by - Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
PR has been merged. Thanks!
#4
Updated by Lorenz Schori 4 months ago
Thanks for merging. I just opened a PR for a small followup:
https://github.com/pfsense/pfsense/pull/4502
Sorry that I did not notice that earlier.
#5
Updated by Renato Botelho 3 months ago
MErged. Thanks!
#6
Updated by Lorenz Schori about 2 months ago
Found another thing I've missed before:
https://github.com/pfsense/pfsense/pull/4515
#7
Updated by Jim Pingle about 2 months ago
- Status changed from Feedback to Pull Request Review
- Target version changed from CE-Next to 2.6.0
#8
Updated by Jim Pingle about 1 month ago
- Plus Target Version set to 21.05
#9
Updated by Steve Beaver about 1 month ago
Updated by - Status changed from Pull Request Review to Feedback
#10
Updated by Jim Pingle about 1 month ago
- Subject changed from radvd: use virtual link local IP as source address in HA setups to Use virtual link local IP address as RA source address for HA environments
Updating subject for release notes.
#11
Updated by Viktor Gurov 22 days ago
Updated by - Status changed from Feedback to Resolved
works as expected on 21.05.r.20210526.1807
`AdvRASrcAddress` in `/var/etc/radvd.conf`:
# Automatically Generated, do not edit
# Generated for DHCPv6 Server lan
interface vtnet0 {
AdvSendAdvert on;
AdvRASrcAddress {
fe80:88::7272;
};
MinRtrAdvInterval 5;
MaxRtrAdvInterval 20;
AdvDefaultLifetime 60;
AdvLinkMTU 1500;
AdvDefaultPreference medium;
AdvManagedFlag on;
AdvOtherConfigFlag on;
prefix fc00:88::/64 {
DeprecatePrefix off;
AdvOnLink on;
AdvAutonomous on;
AdvValidLifetime 86400;
AdvPreferredLifetime 14400;
};
route ::/0 {
AdvRoutePreference medium;
RemoveRoute off;
};
RDNSS fc00:88::72 {
AdvRDNSSLifetime 60;
};
DNSSL home.arpa { };
};
it's better to hide non-linklocal VIPs from the dropdown menu, but this is not critical
#12
Updated by Jim Pingle 22 days ago
- Target version changed from 2.6.0 to 2.5.2
Add AdvRASrcAddress to radvd.conf if linklocal vip is selected, refs: #11103