[Debian-ha-maintainers] Bug#1109925: findif.sh: fix to avoid duplicate route issues

Sakirnth Nagarasa sakirnth at gmail.com
Sat Jul 26 12:06:36 BST 2025 

Package: resource-agents
Version: 1:4.16.0-3
Severity: important

Hello

In our setup, we use the IPaddr2 resource in Pacemaker to configure a 
gateway address for a firewall via Corosync. The interface eno2 is 
configured with the IPv6 address 2001:db8:abcd:0012::3/64, and the 
Pacemaker resource is defined as follows:

primitive intern-ipv6 IPaddr2 \
params ip="2001:db8:abcd:0012::1" nic=eno2 cidr_netmask=64 \
meta migration-threshold=2 \
op monitor interval=20 on-fail=restart

There is this route installed in the routing table:
2001:db8::/32 via 2001:db8:abcd:0012::10 dev eno2 proto static metric 
1024 pref medium

Under this configuration, the resource fails to start, and the following 
error appears in the logs:

$HOST pacemaker-schedulerd[273]: warning: Unexpected result (Error 
occurred: [findif] failed)
$HOST IPaddr2(intern-ipv6)[774]: ERROR: More than 1 routes match 
2001:db8:abcd:0012::1/64. Unable to decide which route to use.

This issue occurs because the findif.sh script 
(/usr/lib/ocf/lib/heartbeat/findif.sh) in the heartbeat resource agent 
does not correctly handle more specific routes or automatically added 
local routes when multiple IPs in the same network exist on an 
interface. As a result, the route check fails and prevents the resource 
from starting. A fix has already been merged upstream [1], but it is not 
yet included in the current released version. It would be very helpful 
if this fix could be applied, as our firewall setup depends on this 
functionality working correctly. And it will break our existing setup 
once we do an upgrade.

I added the patch in the attachment.

[1] https://github.com/ClusterLabs/resource-agents/pull/2052


-- System Information:
Debian Release: 13 (trixie)

resource-agents version:
ii  resource-agents 1:4.16.0-3   amd64        Cluster Resource Agents

Regards
Sakirnth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: findif-avoid-duplicate-route-issue.patch
Type: text/x-patch
Size: 2213 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-ha-maintainers/attachments/20250726/8b6aed74/attachment.bin>

More information about the Debian-ha-maintainers mailing list