[Xorp-hackers] linux VRRP svn xorp

Li Zhao lizhaous2000 at yahoo.com
Fri Mar 12 08:16:40 PST 2010


I use linux ip/ifconfig command to add virtual address on the interface, then it can be pingable. Without this, I see some REDIRECT ICMP messages. I will check RFC again and investigate this later.

--- On Fri, 3/12/10, Li Zhao <lizhaous2000 at yahoo.com> wrote:

> From: Li Zhao <lizhaous2000 at yahoo.com>
> Subject: Re: [Xorp-hackers] linux VRRP svn xorp
> To: xorp-hackers at icir.org, "Eric S. Johnson" <esj at cs.fiu.edu>
> Date: Friday, March 12, 2010, 10:37 AM
> I observed same behavior. The virtual
> IP address was not accepted as a destination, but can be
> used as a nexthop. I would like this feature to be
> enhanced.
> 
> --- On Thu, 3/11/10, Eric S. Johnson <esj at cs.fiu.edu>
> wrote:
> 
> > From: Eric S. Johnson <esj at cs.fiu.edu>
> > Subject: [Xorp-hackers] linux VRRP svn xorp
> > To: xorp-hackers at icir.org
> > Date: Thursday, March 11, 2010, 11:13 AM
> > 
> > So I am kind feeling silly this morning. Ive been
> chasing a
> > bug 
> > that nearly  does not exist.
> > 
> > On and off for the last two weeks I have been trying
> to
> > debug
> > why xorp svn (checked out 20100217, i dont think much
> has
> > changed
> > since then) VRRP didn't work.
> > 
> > The behavior I saw was that when xorp became master
> for a
> > router
> > it would correctly change the mac address on the
> interface,
> > but
> > yet pinging the virtual IP would not work. I thought
> VRRP
> > was 
> > broken and spent some time tracing through the code
> to
> > figure
> > out what was going on and going wrong.
> > 
> > It was not until I was deep in the depths of
> vrrp/arpd.cc 
> > that I realized that the code was *mostly* working.
> Well,
> > all the code I could find was working, but there is
> one 
> > behavior that is far from what I expected.
> > 
> > I  found that indeed I could ping THROUGH the xorp
> > VRRP master 
> > router, just not ping the virtual address it self.
> > 
> > And that seems to be the way the code is designed to
> > work?!?
> > 
> > Vrrp::become_master()
> > {
> >     _state = MASTER;
> >            
> >         // my comments
> >     _vif.add_mac(_source_mac);   
> >     // this changes the mac on the interface
> >     send_advertisement();   
> >     // start sending vrrp master
> > announcements
> >     send_arps();   
> >         // send gratuitous
> > arps
> >     setup_timers();   
> >         // start timers
> >     _arpd.start();   
> >         // start an pseudo arp
> > deamon
> >            
> >         // that responds to
> > arp requests for the virtual
> >            
> >         // IP address with the
> > virtual mac
> > }
> > 
> > 
> > but no where does it seem to add the virtual IP as a
> IP on
> > the interface/vif..
> > 
> > So a station sending a packet to the an address that
> is not
> > the 
> > virtual IP but that has a next hop of the virtual IP
> will
> > make a 
> > arp request for the Virtual IP, and get back (from
> the
> > pseudo arp 
> > deamon) the virtual MAC and when that IP packet
> arrives at
> > the xorp 
> > router, it is processed normally and forwarded.
> > 
> > But an IP packet with a DESTINATION of the virtual IP
> > address will get
> > to the xorp router too. But the virtual router does
> not
> > recognize the
> > virtual IP as being one of it's IP address and
> doesn't
> > accept it.
> > 
> > 
> > soooo 
> > 
> > Is/was this just unfinished code?
> > 
> > Am I missing somewhere the Virtual address would be
> added
> > to the
> > VIF and something is broken in the code I can't find?
> > 
> > Or am I miss-understanding how VRRP should work
> (though
> > EVERY other 
> > implementation I have seen (vendor C, J, and open
> source
> > vrrpd) all
> > accept IP packets destined for the virtual IP
> address?)
> > 
> > 
> > 
> > Would a correct solution be to have xorp set the
> virtual IP
> > 
> > as a secondary IP on that VIF? If so, what would be
> the
> > correct
> > way to do this.. IfTreeVif::add_addr method?
> > 
> > 
> > Thoughts?
> > 
> > linux centos 5 kernel 2.6.18-164.6.1.el5
> > E
> > 
> > _______________________________________________
> > Xorp-hackers mailing list
> > Xorp-hackers at icir.org
> > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers
> > 
> 
> 
>       
> 
> _______________________________________________
> Xorp-hackers mailing list
> Xorp-hackers at icir.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers
> 


      



More information about the Xorp-hackers mailing list