add option to set interface params recommended by keepalived

voxpupuli · Jul 3, 2023 · fc52966 · fc52966
1 parent a08c9d9
commit fc52966
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/manifests/vrrp/instance.pp b/manifests/vrrp/instance.pp
@@ -198,6 +198,9 @@
 #
 # @param collect_unicast_peers
 #
+# @param apply_sysctl_params
+#   Apply interface configuration recommended by keepalived project
+#   https://github.com/acassen/keepalived/blob/master/keepalived/vrrp/vrrp_if_config.c#L23
 define keepalived::vrrp::instance (
   $interface,
   Integer[1,254] $priority,
@@ -240,6 +243,7 @@
   $vmac_xmit_base                                                         = true,
   Boolean $use_vmac_addr                                                  = false,
   Boolean $native_ipv6                                                    = false,
+  Boolean $apply_sysctl_params                                            = false,
 ) {
   $_name = regsubst($name, '[:\/\n]', '')
   $unicast_peer_array = [$unicast_peers].flatten
@@ -297,4 +301,33 @@
     content => "}\n\n",
     order   => "100-${_name}-zzz",
   }
+
+  if $apply_sysctl_params {
+    ensure_resource('sysctl::value', "net.ipv4.conf.${virtual_ipaddress_int}.arp_ignore", {
+      value => '1',
+    })
+    ensure_resource('sysctl::value', "net.ipv4.conf.${virtual_ipaddress_int}.arp_filter", {
+      value => '1',
+    })
+
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.accept_local", {
+      value => '1',
+    })
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.arp_ignore", {
+      value => '1',
+    })
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.rp_filter", {
+      value => '0',
+    })
+
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.accept_local", {
+      value => '1',
+    })
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.arp_ignore", {
+      value => '1',
+    })
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.rp_filter", {
+      value => '0',
+    })
+  }
 }