-
-
Notifications
You must be signed in to change notification settings - Fork 735
/
TODO
181 lines (134 loc) · 6.74 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
BUG - If have VIP on a different interface from the VRRP instance, the
interface isn't tracked and so we do nothing if the interface is deleted.
Add INTERFACE_CHECK and ADDRESS_CHECK checkers - see issue#1679 and pull request
#1680.
Fix building on CentOS 6.10
Add a TCP_KEEPALIVE_CHECK that established a TCP connection and uses keepalives
like hg635_config to check the remote end is there.
Remove definitions that simply access structure fields, e.g. VRRP_ISUP
Stop making structure fields such as base_ifp and configured_ifp conditional.
In parsers, using LIST_TAIL to find object to configure doesn't work
if error in first line means not created. TAIL could be null, or previous
object.
No SMTP alert for vrrp instance FAULT/BACKUP/MASTER following track file changes
Shutdown SMTP messages not completing before keepalived terminates (especially for
connect timeout. Causes memory leak!)
Test LVS forwarding via VIP if no_accept set
If interface is deleted and recreated, then index changes - does that cause OIDs to change? Is the RFC flawed? How do we deal with it?
We could have our own ifindex incremented as we create interface_t's
Add track_route, track_address
PKG_CONFIG_* autoconf options - see man pkg.m4
Whatever you want !
Real servers
Add quorum_weight, defaults to weight. May want to set different between quorum and IPVS weight
Rationalise use of timer_now()/gettimeofday()/set_time_now()
virtual route:
1. How do we handle
virtual_routes {
192.168.210.0/24 via 10.1.0.1
}
if there is no route to 10.1.0.1? If we go to fault state if it cannot
be installed when attempt to transition to master, how do we know to transiton
out of fault state.
IPVS
1. Can we have an IPv4 fwmark and specify tunnel to IPv6, and vice versa etc.
What does ipvsadm do?
2. Sort out IP_VS_SO vs LVS_CMD...
3. Make sure log/email messages contain relevant info re VS -> RS. See FMT_CHK
The following are still outstanding from the ideas for what became v2.0.0:
* Sort out termination in vrrp and checker - stop_vrrp/check, and phase2
are inconsistent between vrrp and checker. What about bfd?
* A route with multiple nexthops will only be deleted if all interfaces
are down. Each nexthop needs to record the interface, and only remove
once all down
* Don't add RTNMGRP_IPV4_ADDR/IPV6_ADDR if not monitoring one of those
families
* May want to stop VS down at start for alpha mode RSs (except SNMP)
* Have a socket to connect to for receiving notifications. A process
can register for what notifications it wants to receive.
* Allow variable parameters to be passed to scripts - see issue #837
* Make tarball include git version if not a tag
* If an address owner recovers from fault, transition directly to
master
* If configuration_state=MASTER && !OWNER, transition to master after
1 * advert_int + skew. Sort out all initialisation around states
* Split vrrp_snmp.c into vrrp_snmp_keepalived.c vrrp_snmp_rfcv2.c and
vrrp_snmp_rfcv3.c
* Only send correct type of trap, and respond to correct SNMP version,
controlled by config, defaults to type of instance. Flags snmp_v2 and
snmp_v3 to force other, or both.
* Ensure unicast peers groups check source address of received advert
so that the same VRID can be used between different peer groups on the
same interface.
* Add process checking:
Add track_process for vrrp instances
Add PROCESS_CHECK for checkers
- Find PID and remember it. If PID has gone, try and find new pid
Look at how pidof/killall find processes
* Allow dynamic definitions, e.g. $_VI_NAME
Also $*_INSTANCE net_namspace $_INSTANCE
so $* means only do if $_INSTANCE not blank. */
* ng-scheduler
Other issues awaiting resolution:
ipvs_group_range_cmd() appears nonsense, and inet_stor returning a uint8_t
doesn't work for IPv6. The virtual_service_entry_t thing needs range to be
uint32_t. Why would mask be 0xffffffff for IPv6?
ip_vs_daemon_kern vs /usr/include/linux/ip_vs.h ip_vs_daemon_user
vrrp_timer_fd should return 0 if an fd's timer is in the past?
Make vrrp->send_buffer a single buffer for all
Check timers passto to thread_... functions are reasonable, and stacktrace if not.
In function socket_state, should thread_add_write use timer_long() or -timer_long()
vrrp_timer_fd() - see comment
In thread functions with a timer, ensure not > LONG_MAX (or even some lower value);
Change tcp_socket_state etc to socket_state etc
Add noreturn function attribute on stop_vrrp/check
in ipvswrapper.c, get rid of static srule etc and make them procedure local and pass as parameters
Stop passing base_ifp to netlink3_set_interface_parameters() etc
ipsecah issues
==============
1. sync and vmac ignore counter
2. Start up just after master dies, but have lowest priority so become master with counter == 1
3. cycle won't happen
4. In vrrp_backup, don't check auth type matches
5. ? if cycle becomes set, we must become backup. How do we get out of state?
epoll
=====
Use timerfd (see timerfd_create(2)) for microsecond timing with epoll, and do not bother with its timeout.
If not available, then simply use the epoll timer.
Optimise calls to timer_now() and see set_time_now()
====================================================
After select completes, get time. Before calculating next
select expire time, get time again.
To test time processing, save time after select and log time taken
before next select. Also initialise timer at startup.
Add api
=======
Add pipe for updates
====================
track_script like for absolute or relative priority
Upstream issues
===============
1. Kernel. Socket receive buffers growing to fill memory
See issue #839. If the following setting are in place:
net.core.rmem_default = 37748736
net.core.rmem_max = 37748736
and vrrp_tx_bufs_policy NO_SEND_RX is configured, then
all system memory can be consumed. Why is it not limited
to 37748736 bytes?
2. Kernel. Corruption when netlink sends status of large number
of links - see issues #392/#803.
When using default socket receive buffer size, and have 500
vmac interfaces configured on a physical interface and the
physical interface is downed, lots of netlink messages are
received, and we get an ENOBUFS. However, after that we then
see a repeat of some of the earlier messages, so it looks like
a circular buffer corruption. Running ip -ts monitor link addr route
we see precisely the same problem at exactly the same message,
although which message it is varies each time.
3. net-snmp. Display-hint only works on indices.
See issue #866.
# snmpwalk -v2c -c public localhost KEEPALIVED-MIB::virtualServerAddress
KEEPALIVED-MIB::virtualServerAddress.1 = STRING: "
0,"
The address is attempted to be output as text, rather than using
the display hint