|
On Fri, 2008-01-18 at 12:24 +0100, santi@xxxxxxxxxxxx wrote:
> Is there anyway to disable logging this type of messages in Keepalived?
>
> =====================================================================
> Jan 18 06:25:52 hs-741 Keepalived_vrrp: receive an invalid passwd!
> Jan 18 06:25:52 hs-741 Keepalived_vrrp: bogus VRRP packet received on eth0 !!!
> Jan 18 06:25:52 hs-741 Keepalived_vrrp: VRRP_Instance(VI_1) Dropping
> received VRRP packet...
> =====================================================================
>
> I have several LVS clusters multicasting VRRP in the same network, can
> I disable logging this messages? or any method to prevent this
> multicasting..
I *thought* this error would only be generated if you had a VRID
conflict between instances on your network, but looking at the code I
see in the code that the password is checked before the VRID.
Alexandre, wouldn't it make more sense to modify the code such that the
auth checks are done *after* the VRID is validated? AH authentication is
checked after the packet's VRRP VRID, addresses and advert interval are
checked, so it makes sense to move the PASS check down too, doesn't it?
Or... does it? Looking in vrrp.c the following sequence of checks is
followed:
IP TTL == 255
VRRP Version
Packet length
VRRP checksum
Auth Type
PASS auth
VRID check
IP address check
Advert interval
AH auth
It strikes me that you could re-order these checks to be:
IP TTL == 255
VRRP Version
Packet length
VRRP checksum
VRID check
Auth Type
PASS auth
AH auth
IP address check
Advert interval
Such that, in pseudo-logic:
If the VRID is one of mine, then:
If AUTH defined, then:
If it's not the one we expect, then:
Return error
Else:
If AUTH is not valid, then:
Return error
Endif
Endif
Endif
If virtual IP list is invalid, then:
Return error
Endif
Endif
I hope that makes sense! It'll remove the errors the OP is seeing,
anyway, and I don't think it's going to break anything else.
Graeme
|
