Hello,
I used [URL=“IP FailOver Setup Using KeepAlived on CentOS & Red Hat”]How To Tutorials and Tech Updates – TecAdmin tutorial to configure Keepalived on two CentOS web servers:
Server 1: 192.168.56.7
Server 2: 192.168.56.8
Virtual IP: 192.168.56.110
And after it, I added below Firewalld rule:
# firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent
# firewall-cmd --reload
#
# firewall-cmd --list-all
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: dhcpv6-client http ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule protocol value="vrrp" accept
But I can’t ping my Virtual IP address:
# ping 192.168.56.110
PING 192.168.56.110 (192.168.56.110) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
And cURL doesn’t show anything too:
# curl -l 192.168.56.110
I used “ip addr show NIC” command and Virtual IP address is assigned to my NIC:
# ip addr show enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:2b:47:38 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.7/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s3
valid_lft 536sec preferred_lft 536sec
inet 192.168.56.110/32 scope global enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe2b:4738/64 scope link noprefixroute
valid_lft forever preferred_lft forever
But why it doesn’t work? Which log files should be examined?
The tcpdump tool show me:
# tcpdump -n -v -i enp0s3 vrrp
dropped privs to tcpdump
tcpdump: listening on enp0s3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
00:24:08.251180 IP (tos 0xc0, ttl 255, id 98, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:09.251332 IP (tos 0xc0, ttl 255, id 99, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:10.251488 IP (tos 0xc0, ttl 255, id 100, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:11.251635 IP (tos 0xc0, ttl 255, id 101, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:12.251797 IP (tos 0xc0, ttl 255, id 102, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:13.251927 IP (tos 0xc0, ttl 255, id 103, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:14.252055 IP (tos 0xc0, ttl 255, id 104, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
00:24:15.252202 IP (tos 0xc0, ttl 255, id 105, offset 0, flags [none], proto VRRP (112), length 40)
192.168.56.7 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype none, intvl 1s, length 20, addrs: 192.168.56.110
Thank you.