ID: CVE-2024-43804 CVSS V3.1: HIGH Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code on the web application server... #security#infosec#cve-alert

After setting up a new #Keepalived#vrrp@debian.bsky.social#Linuxwww.claudiokuenzler.com/blog/1430/ke...

Keepalived_vrrp: Warning - script XYZ is not used

After setting up a new keepalived vrrp setup, the track_scripts were ignored. As it turns out, the order in the config file is important!

ID: CVE-2024-41184 CVSS N/A In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. #security#infosec#cve-alert

手元に一つk8sクラスタあると便利なので会社で組み始めてるけどなかなか楽しいな。kube-vipあればkeepalivedもmetallbもいらない。ただ、一つずつ確認しながらなので一式揃うのにちと手間かかる。

I wrote about setting up a shared IP with BGP, conntrackd and keepalived in Containerlab (Linux containers). kubernaut.eu/posts/contai...medium.com/@norlin.t/co...

Containerlab with BGP, keepalived, conntrackd and SNAT

A simple how-to on BGP routing with SNAT, keepalived, conntrackd together with FRR and Containerlab that relies on docker containers.

정답 - 사실 해당 ip는 keepalived에서 관리하는 가상 ip였고 active node 한 대가 해당 ip를 사용하고 그게 죽으면 다른 백업 노드 중 하나가 이어받는 것인데 왜인지 양쪽에서 액티브 역할을 하고 있던 것. 문제 원인의 가설을 세우고 검증을 하려는 찰나 keepalived 설정 파일 중 한 곳에만 가상 ip를 두개 부여한 것을 확인함. 이거 때문에 설정이 꼬여서 양쪽이 같은 vip를 갖게 됐고 먼저 켜진 백업 노드에 arp 쿼리가 도착해서 클라이언트는 백업 노드에만 주구장창 헛된 커넥션을 시도하고 있던거임