On Thu, Sep 29, 2022, 9:36 AM Blažej Krajňák <blazej.kraj...@gmail.com> wrote:
> Well, my server has dummy interface and multiple /32 IP addresses. > They are announced via OSPF to IGP. > > The idea is to anycast 2 IPs (HA solution) and when primary server > goes down, secondary will response to primary's IP address also. > > Primary server has the following config: > interface ignore wildcard > interface listen 172.20.1.3 > interface listen 172.20.2.3 > interface listen 172.20.1.19 > > + FRR: ip ospf cost 700 172.20.2.3 > > Secondary: > interface ignore wildcard > interface listen 172.20.1.3 > interface listen 172.20.2.3 > interface listen 172.20.2.19 > > + FRR: ip ospf cost 700 172.20.1.3 > > The IPs 172.20.1.3 and 172.20.2.3 are "floating IPs". And I need from > ntpd to make outgoing connections from 172.20.1.19 and 172.20.2.19 > respectively. > > I did tests and now, ntpd is selecting "172.20.2.3" for outgoing > "connections" from primary server. And it fails, because 172.20.2.3 is > routed to secondary (server will never get the response). Try changing your configuration for ntpd to list your persistent IP address ahead of the floating IP addresses. NTPD does consult the routing table indirectly in choosing the source address for its connection to peers and servers. It does this by connecting a UDP socket to the destination address and then examining the local address returned. I fear changing the order of listening addresses in the configuration will not make a difference because your floating IP addresses have a more specific net mask. In that case, you may need to reconfigure NTPD each time the active IP addresses change. You can do runtime configuration without restarting. NTPD using authenticated NTPQ . Good luck, Dave Hart
