I'm looking into some network "weirdness", and I noticed that a CentOS 6 system with multiple IP addresses (load balancer running keepalived) is sending ARP requests from apparently random source IPs. I would have thought that ARP requests would always come from the interface's "primary" IP (especially since keepalived adds all the virtual IPs with a /32 mask). This is probably not related to my problem, but I just thought it was odd. Is there a way to control this? -- Chris Adams <linux at cmadams.net>
On Mar 20, 2015, at 7:38 AM, Chris Adams <linux at cmadams.net> wrote:> > I'm looking into some network "weirdness", and I noticed that a CentOS 6 > system with multiple IP addresses (load balancer running keepalived) is > sending ARP requests from apparently random source IPs.It probably isn?t random. First, isn?t the whole idea behind a load balancer to distribute the traffic over the set of hosts/IPs it?s configured to manage? You *expect* traffic to balance evenly across these, so you?re going to see ARPs on all of them. Second, the choice of IP comes from the routing layer of the network stack, not from ARP (too low) or the load balancer (too high). An ARP packet gets sent out for a long-lived connection about every 10 minutes, even when there is no reason to believe the answer will be different when the stack asks the same ?who-has? question it asked 10 minutes ago. It still has to check in case that IP is on a different MAC now.> Is there a way to control this?Why is that useful? You have a box with N IPs (N > 1) and they?re all supposed to behave as if they're interchangeable. If you?re trying to make it easier to write tshark commands or similar, you shouldn?t be load-balancing at all. I think you made this bed. Sleep in it. :)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 20.03.2015 14:38, Chris Adams wrote:> I'm looking into some network "weirdness", and I noticed that a > CentOS 6 system with multiple IP addresses (load balancer running > keepalived) is sending ARP requests from apparently random source > IPs. I would have thought that ARP requests would always come from > the interface's "primary" IP (especially since keepalived adds all > the virtual IPs with a /32 mask). > > This is probably not related to my problem, but I just thought it > was odd. Is there a way to control this?You may be running into the "arp flux" problem: http://blog.cj2s.de/archives/29-Preventing-ARP-flux-on-Linux.html HTH Sven -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGcBAEBAgAGBQJVDWX6AAoJEAq0kGAWDrqlkxoL/2Lz1magdKlwWsLGD9CIzmio Z2eeUPHk7Ya/g8AU/LD6b37zF8tSXqj63cp4oh8Tp+KBNlpTzRm2664syAPpUi/K LsbXPgRWwBeN9LPlxKFAimnkFabIuTe7LJArcL5Mg1D08hepfGRY6gpbTmcI5BmC Tfq5bg5tBGQ8P0dFn0G8fOetdNITVR6iO1Imrw0vsiE9ENzUo1rjHDrf6EVgxfwe 76v+Au2+UbYtKNmV8zBWSfm7fcDYJd7QIcPSie0VNUOKX0Hc72BpmjkQuk0yrJMW D5V7AZVtKlwvGXci/Iwmfsej7kwqSTAnI1Jb1A6FM5cb1OcLVW+VJvG+cFJk1Myg DBNstgceobR+xV2oTzdNlttl7QMh8gQtHxP5Z+159YdClXEqIo5/JtoGH6odRn6u z1CzJZqfWOb0Hgy7seOCQ6iwAkqBH6zVgpy+mft5Z/TfDtX5KSCX6XazsYDGdQpq PvWoW4Ie0YM9IvMc7D7oLDAQxV/CylDmy/coZf+o0g==fd9y -----END PGP SIGNATURE-----