by Michael Hampicke

High-availability

Setting Up a Floating IP with Keepalived (IPv4/IPv6)

This article provides instructions on how to set up a floating IP for an AdGuard failover system. The designated IPs are as follows:

  • adguard1: 192.168.255.4 / fd::4/64
  • adguard2: 192.168.255.5 / fd::5/64
  • floating IP: 192.168.255.6 / fd::6/64

Details regarding the AdGuard setup itself will be covered in a separate article.

Installing Keepalived

# Debian based
apt install keepalived

# Gentoo
emerge keepalived

Next, create the /etc/keepalived/keepalived.conf configuration file for both the master and slave machines. The configuration includes:

  • Global definitions
  • VRRP instance settings for both IPv4 and IPv6
global_defs {
  router_id adguard1
}

vrrp_instance ADGUARD4 {
  state MASTER
  interface eth0
  virtual_router_id 55
  priority 50
  advert_int 1
  unicast_src_ip 192.168.255.4
  unicast_peer {
    192.168.255.5
  }

  authentication {
    auth_type PASS
    auth_pass secret
  }

  virtual_ipaddress {
    192.168.255.6/24
  }
}

vrrp_instance ADGUARD6 {
  state MASTER
  interface eth0
  virtual_router_id 55
  priority 50
  advert_int 1

  authentication {
    auth_type PASS
    auth_pass secret
  }

  virtual_ipaddress {
    fd::6/64
  }
}
global_defs {
  router_id adguard2
}

vrrp_instance ADGUARD4 {
  state MASTER
  interface eth0
  virtual_router_id 55
  priority 40
  advert_int 1
  unicast_src_ip 192.168.255.5
  unicast_peer {
    192.168.255.4
  }

  authentication {
    auth_type PASS
    auth_pass secret
  }

  virtual_ipaddress {
    192.168.255.6/24
  }
}

vrrp_instance ADGUAR6 {
  state MASTER
  interface eth0
  virtual_router_id 55
  priority 40
  advert_int 1

  authentication {
    auth_type PASS
    auth_pass secret
  }

  virtual_ipaddress {
    fd::6/64
  }
}

After configuring Keepalived, restart both instances on the master and slave machines, and check their status:

systemctl restart keepalived

systemctl status keepalived

* keepalived.service - Keepalive Daemon (LVS and VRRP)
     Loaded: loaded (/lib/systemd/system/keepalived.service; enabled; preset: enabled)
     Active: active (running) since Sun 2023-10-22 14:46:39 UTC; 10ms ago

Now, it's time to verify that the setup is functioning correctly. To do this:

  • Tail the log of Keepalived on the slave machine using journalctl -fu keepalived.
  • Stop Keepalived on the master machine using systemctl stop keepalived.

If everything is working as expected, you should see log entries like these:

Oct 22 14:49:00 adguard2 Keepalived_vrrp[275]: (ADGUARD4) Entering MASTER STATE
Oct 22 14:49:00 adguard2 Keepalived_vrrp[275]: (ADGUAR6) Entering MASTER STATE

At this point, the slave machine should have taken over the floating IP. To confirm this:

  • Restart Keepalived on the master machine using systemctl start keepalived.

You should observe the following log entries on the slave machine:

Oct 22 14:49:11 adguard2 Keepalived_vrrp[275]: (ADGUARD4) Master received advert from 192.168.255.4 with higher priority 50, ours 40
Oct 22 14:49:11 adguard2 Keepalived_vrrp[275]: (ADGUARD4) Entering BACKUP STATE
Oct 22 14:49:11 adguard2 Keepalived_vrrp[275]: (ADGUAR6) Master received advert from fe80::fcc0:1ff:abcd:ef01 with higher priority 50, ours 40
Oct 22 14:49:11 adguard2 Keepalived_vrrp[275]: (ADGUAR6) Entering BACKUP STATE

This confirms that the floating IP setup is working as expected.

Comments

Add a comment

Please add 4 and 9.