Keepalived send gratuitous ARP periodically

failover linux-networking high-availability arp keepalived

Is there a way for a keepalived to send gratuitous ARP periodically?

We had following situation:

  1. switch failure (VLAN setup)
  2. keepalived failovered to backup instance
  3. backup instance sent gratuitous ARP but Cisco ASA device didn't got it (because of switch failure)
  4. when switch was recovered (few minutes later) VIPs were unaccessible cause ASA did not refresh the ARP table (ARP table expiry is set to 4h)
  5. as ASA already had the MACs from previously active node it didn't sent ARP request
  6. VIP were unaccessible until we restarted the keepalived instance what initiated new GARP

So, we think that we could avoid this situation with periodical GARPs. Is this a good approach and is there a way to do it within keepalived?

Any other suggestions to avoid this kind of issues?

Keepalived config:

global_defs {
   notification_email {
     [email protected]
   }

   notification_email_from SERVER_1
   smtp_server smtp.server.local
   smtp_connect_timeout 30
   router_id SERVER_1
}

vrrp_instance V1 {
    state BACKUP
    nopreempt
    interface eth0
    lvs_sync_daemon_interface eth0
    virtual_router_id 150
    priority 120
    advert_int 1
    persistence_timeout 0
    smtp_alert

    authentication {
        auth_type PASS
        auth_pass xxx
    }

    virtual_ipaddress {
    10.xxx.xxx.xxx
    }
}

Solution 1:

keepalived versions 1.2.20 and above support following config settings regarding gratuitous ARP, vrrp_garp_master_refresh is what I need.

    # delay for second set of gratuitous ARPs after transition to MASTER
    vrrp_garp_master_delay 10    # seconds, default 5, 0 for no second set

    # number of gratuitous ARP messages to send at a time after transition to MASTER
    vrrp_garp_master_repeat 1    # default 5

    # delay for second set of gratuitous ARPs after lower priority advert received when MASTER
    vrrp_garp_lower_prio_delay 10

    # number of gratuitous ARP messages to send at a time after lower priority advert received when MASTER
    vrrp_garp_lower_prio_repeat 1

    # minimum time interval for refreshing gratuitous ARPs while MASTER
    vrrp_garp_master_refresh 60  # secs, default 0 (no refreshing)

    # number of gratuitous ARP messages to send at a time while MASTER
    vrrp_garp_master_refresh_repeat 2 # default 1

    # Delay in ms between gratuitous ARP messages sent on an interface
    vrrp_garp_interval 0.001          # decimal, seconds (resolution usecs). Default 0.

    # Delay in ms between unsolicited NA messages sent on an interface
    vrrp_gna_interval 0.000001        # decimal, seconds (resolution usecs). Default 0.

Related

apt-key add on Debian Stretch: no valid OpenPGP data found
Move a file and leave a soft link behind
How do you compute the AC capacity needed for a server room?
How to configure "On-Access Anti-Virus" for a faster boot?
How often do IP blocks get reassigned to different regions?
Amazon S3 not sending Content-Type header
Are VLANs necessary for my environment?
phpPgAdmin exporting empty SQL dump?
How to report spam to blacklists
Does the ``-'' sign have meaning in rsyslog.conf
Is there a way to turn off client browser caching for specific websites?
Get drive power state without waking it up