keepalived: garp_master_delay not respected?

[Janusz Krzysztofik <jkrzyszt@xxxxxxxxxxxx>]

Hello,

I am trying to set up LVS director failover using keepalived's vrrp 
function (debian stable version 1.1.12-1). In my backup director 
keepalived.conf I put:
  garp_master_delay 10

But in case of communication problems, in my syslog I get:

Apr 26 21:56:53 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Transition to 
MASTER STATE
Apr 26 21:56:53 e49 Keepalived_vrrp: VRRP_Group(FIREWALL) Syncing 
instances to MASTER state
Apr 26 21:56:53 e49 Keepalived_vrrp: VRRP_Instance(ETH3) Transition to 
MASTER STATE
Apr 26 21:56:53 e49 Keepalived_vrrp: VRRP_Instance(ETH3) Entering MASTER 
STATE
Apr 26 21:56:53 e49 Keepalived_vrrp: VRRP_Instance(ETH3) setting 
protocol Virtual Routes
Apr 26 21:56:53 e49 kernel: IPVS: sync thread started: state = MASTER, 
mcast_ifn = eth3, syncid = 0
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Entering 
MASTER STATE
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) setting 
protocol VIPs.
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) setting 
protocol Virtual Routes
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0001 for 192.168.128.254
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0002 for 212.160.220.15
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0006 for 84.40.217.183
Apr 26 21:56:54 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0014 for 83.238.55.15
Apr 26 21:56:54 e49 Keepalived_vrrp: Netlink reflector reports IP 
192.168.128.254 added
Apr 26 21:56:54 e49 Keepalived_vrrp: Netlink reflector reports IP 
212.160.220.15 added
Apr 26 21:56:54 e49 Keepalived_vrrp: Netlink reflector reports IP 
84.40.217.183 added
Apr 26 21:56:54 e49 Keepalived_vrrp: Netlink reflector reports IP 
83.238.55.15 added
Apr 26 21:57:04 e49 kernel: NET: Registered protocol family 15
Apr 26 21:57:04 e49 kernel: Initializing IPsec netlink socket
Apr 26 21:57:04 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0001 for 192.168.128.254
Apr 26 21:57:04 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0002 for 212.160.220.15
Apr 26 21:57:04 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0006 for 84.40.217.183
Apr 26 21:57:04 e49 Keepalived_vrrp: VRRP_Instance(VLAN1) Sending 
gratuitous ARPs on vlan0014 for 83.238.55.15
So it looks like gratuitous ARPs are sent twice: immediately when master 
state is entered and again 5 seconds later.
What am I doing wrong?

Thanks,
Janusz

---------------------------------
! Configuration File for keepalived

global_defs {
   router_id E49
}

vrrp_sync_group FIREWALL {
    group {
        ETH3
        VLAN1
    }
    # Using monit instead of keepalived healthcheckers
    # for its reach protocol support, including generic.
    notify_master "/usr/sbin/monit -g lvs monitor all"
    notify_backup "/usr/sbin/monit -g firewall stop all"
    notify_fault "/usr/sbin/monit -g firewall stop all"
}

vrrp_instance ETH3 {
    state BACKUP
    nopreempt
    interface eth3      # crossover link to master
    dont_track_primary
    track_interface {
        dummy0          # virtual routes for proxy arp go here
    }
    garp_master_delay 10
    virtual_router_id 49
    priority 49
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass xxxxxxxx
    }
    virtual_routes {
        212.160.220.16 dev dummy0 scope link
        172.16.128.254 dev dummy0 scope link
        83.16.220.213 dev dummy0 scope link
        192.168.160.254 dev dummy0 scope link
        212.160.220.1 dev dummy0 scope link
        212.160.220.3 dev dummy0 scope link
        83.238.55.3 dev dummy0 scope link
        84.40.217.184 dev dummy0 scope link
        192.168.239.254 dev dummy0 scope link
        192.168.130.254 dev dummy0 scope link
        192.168.131.254 dev dummy0 scope link
        192.168.139.254 dev dummy0 scope link
        83.238.55.16 dev dummy0 scope link
        83.18.254.125 dev dummy0 scope link
        192.168.193.254 dev dummy0 scope link
        192.168.200.254 dev dummy0 scope link
        192.168.212.254 dev dummy0 scope link
        192.168.224.254 dev dummy0 scope link
        192.168.225.254 dev dummy0 scope link
        192.168.226.254 dev dummy0 scope link
        192.168.227.254 dev dummy0 scope link
        192.168.228.254 dev dummy0 scope link
        192.168.240.254 dev dummy0 scope link
    }
    # Not using integrated lvs sync daemon control
    # as ipvs_syncbackup does not work for me when syncid <> 0.
    # Not supported by monit - no pidfile.
    notify_master "/sbin/ipvsadm --start-daemon master 
--mcast-interface eth3"
    notify_backup "/sbin/ipvsadm --stop-daemon master"
    notify_fault "/sbin/ipvsadm --stop-daemon master"
}

vrrp_instance VLAN1 {
    state BACKUP
    nopreempt
    interface vlan0001
    mcast_src_ip 192.168.128.254
    track_interface {   # all vlans with virtual IPs or routes
        vlan0002
        vlan0003
        vlan0004
        vlan0005
        vlan0006
        vlan0013
        vlan0014
        vlan0015
        vlan0200
    }           # physical interfaces not tracked, using bonding HA
    garp_master_delay 10
    virtual_router_id 50
    priority 49
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass xxxxxxxx
    }
    virtual_ipaddress {
        192.168.128.254/32 dev vlan0001
        212.160.220.15/32 dev vlan0002
        84.40.217.183/32 dev vlan0006
        83.238.55.15/32 dev vlan0014
    }
    virtual_routes {
        212.160.220.254 dev vlan0002 scope link src 212.160.220.15
        195.116.252.234 via 212.160.220.254 dev vlan0002
        212.160.220.10 dev vlan0002 scope link
        212.160.220.21 dev vlan0002 scope link
        212.160.220.32/27 dev vlan0002 scope link
        212.160.220.64/30 dev vlan0002 scope link
        212.160.220.97 dev vlan0002 scope link
        212.160.220.124 dev vlan0002 scope link
        212.160.220.192/28 dev vlan0002 scope link
        212.160.220.210 dev vlan0002 scope link
        212.160.220.214 dev vlan0002 scope link
        212.160.220.223 dev vlan0002 scope link
        212.160.220.224/30 dev vlan0002 scope link
        212.160.220.232/29 dev vlan0002 scope link
        212.160.220.246 dev vlan0002 scope link
        212.160.220.252/31 dev vlan0002 scope link
        table 253 195.116.252.233 dev vlan0002 scope link src 
212.160.220.15
        table 253 195.116.252.232/30 via 195.116.252.233 dev vlan0002
        table 2 default via 195.116.252.233 dev vlan0002
        172.16.0.0/16 dev vlan0003 scope link src 192.168.128.49
        172.16.2.8 dev vlan0003 scope link
        192.168.128.111 dev vlan0003 scope link
        192.168.128.208 dev vlan0003 scope link
        212.160.220.125 dev vlan0003 scope link
        212.160.220.211 dev vlan0003 scope link
        212.160.220.218 dev vlan0003 scope link
        212.160.220.243 dev vlan0003 scope link
        212.160.220.244 dev vlan0003 scope link
        83.238.55.250 dev vlan0003 scope link
        192.168.239.100/30 dev vlan0003 scope link
        192.168.214.0/24 via 172.16.128.10 dev vlan0003
        83.16.220.209 dev vlan0004 scope link src 192.168.128.49
        table 253 83.16.220.209 dev vlan0004 scope link src 192.168.128.49
        table 253 213.25.2.38 via 83.16.220.209 dev vlan0004
        table 4 default via 83.16.220.209 dev vlan0004
        192.168.160.0/24 dev vlan0005 scope link src 192.168.128.49
        192.168.160.22 dev vlan0005 scope link
        212.160.220.6 dev vlan0005 scope link
        83.238.55.6 dev vlan0005 scope link
        212.160.220.25 dev vlan0005 scope link
        212.160.220.2 via 192.168.160.6 dev vlan0005
        83.238.55.2 via 192.168.160.6 dev vlan0005
        table 21 default via 192.168.160.21 dev vlan0005
        table 22 default via 192.168.160.22 dev vlan0005
        table 108 default via 192.168.160.108 dev vlan0005
        table 253 84.40.217.177 dev vlan0006 scope link src 84.40.217.183
        table 6 default via 84.40.217.177 dev vlan0006
        192.168.239.0/24 dev vlan0013 scope link src 192.168.128.49
        192.168.128.100/32 dev vlan0013 scope link
        192.168.128.110/32 dev vlan0013 scope link
        192.168.130.0/23 dev vlan0013 scope link
        192.168.139.0/24 dev vlan0013 scope link
        212.160.220.212 dev vlan0013 scope link
        212.160.220.240 dev vlan0013 scope link
        212.160.220.242 dev vlan0013 scope link
        212.160.220.247 dev vlan0013 scope link
        212.160.220.250 dev vlan0013 scope link
        83.238.55.100 dev vlan0013 scope link
        83.238.55.240/29 dev vlan0013 scope link
        83.238.55.248/31 dev vlan0013 scope link
        83.238.55.251 dev vlan0013 scope link
        83.16.220.214 dev vlan0013 scope link
        83.18.254.126 dev vlan0013 scope link
        84.40.217.189 dev vlan0013 scopy link
        84.40.217.190 dev vlan0013 scopy link
        83.238.55.1 dev vlan0014 scope link src 83.238.55.15
        83.238.244.76 via 83.238.55.1 dev vlan0014
        table 253 83.238.244.77 dev vlan0014 scope link src 83.238.55.15
        table 253 83.238.244.76/30 via 83.238.244.77 dev vlan0014
        table 14 default via 83.238.244.77 dev vlan0014
        83.18.254.121 dev vlan0015 scope link src 192.168.128.49
        table 253 83.18.254.121 dev vlan0015 scope link src 192.168.128.49
        table 253 213.25.5.222 via 83.18.254.121 dev vlan0015
        table 15 default via 83.18.254.121 dev vlan0015
        83.238.55.244 dev vlan0200 scope link
    }
    # multipath virtual routes not supported by keepalived
    notify_master "/sbin/ip route replace table default default nexthop 
via 195.116.252.233 dev vlan0002 weight 1 nexthop via 83.16.220.209 dev 
vlan0004 weight 4 nexthop via 84.40.217.177 dev vlan0006 weight 6 
nexthop via 83.238.244.77  dev vlan0014 weight 5 nexthop via 
83.18.254.121  dev vlan0015 weight 2"
    notify_backup "/etc/init.d/ipvsadm load"
    notify_fault "/etc/init.d/ipvsadm load"
}