[Dnsmasq-discuss] HA Cluster - IPv6 router adv lifetime of 0

Petr Menšík pemensik at redhat.com
Tue Oct 5 09:45:37 UTC 2021


Hi William,

I think priority is correct here. Well observed!

On 10/2/21 13:55, William Edwards wrote:
> Jochen Demmer via Dnsmasq-discuss schreef op 2021-10-02 10:28:
>> Hi,
>>
>> I've been trying to develop my own kind of firewall solution named
>> nftwall which uses nftables as packet filter and is being managed
>> centrally by Ansible - no webGUI.
>>
>> My first attempt was to use dnsmasq but then I found out of this
>> obstacle. I've been thinking about switching to KEA + radvd but
>> actually I would like to keep using dnsmasq.
>> I manage my VRRP IPs with keepalived. There are small scripts for an
>> event of a primary - secondary change. Especially in an event of
>> controlled switch of primary - secondary I would like the primary
>> dnsmasq to send a lifetime of 0 in the router advertisement package.
>> That way the clients know that this router shall not be used any more.
>
> No experience with RAs so far, but isn't that what the priority field
> is for?

Correct! ra-param already supports setting lifetime to 0, which should
work for your use case even without code change.

# server is not primary
ra-param=eth0,low,0,0 # should announce prefix without clients routing
via it.
# server is primary
dhcp-authoritative
ra-param=eth0,high,0,600 # Use on elected primary router, make this
route preferred.

Isn't switching those parameters on election change all you would need?

>
>>
>> Please confirm my findings that this is currently not possible with
>> dnsmasq. If so please accept my feature request to implement that.
>>
>> Regards
>> Jochen Demmer

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB




More information about the Dnsmasq-discuss mailing list