add option to set interface params recommended by keepalived

Author: Kim Klotz

REFERENCE.md

@@ -1129,6 +1129,7 @@ The following parameters are available in the `keepalived::vrrp::instance` defin
 * [`garp_lower_prio_repeat`](#-keepalived--vrrp--instance--garp_lower_prio_repeat)
 * [`higher_prio_send_advert`](#-keepalived--vrrp--instance--higher_prio_send_advert)
 * [`collect_unicast_peers`](#-keepalived--vrrp--instance--collect_unicast_peers)
+* [`apply_sysctl_params`](#-keepalived--vrrp--instance--apply_sysctl_params)
 
 ##### <a name="-keepalived--vrrp--instance--interface"></a>`interface`
 
@@ -1490,6 +1491,15 @@ Data type: `Boolean`
 
 
 
+Default value: `false`
+
+##### <a name="-keepalived--vrrp--instance--apply_sysctl_params"></a>`apply_sysctl_params`
+
+Data type: `Boolean`
+
+Apply interface configuration recommended by keepalived project
+https://github.com/acassen/keepalived/blob/master/keepalived/vrrp/vrrp_if_config.c#L23
+
 Default value: `false`
 
 ### <a name="keepalived--vrrp--script"></a>`keepalived::vrrp::script`

manifests/vrrp/instance.pp

@@ -198,6 +198,9 @@
 #
 # @param collect_unicast_peers
 #
+# @param apply_sysctl_params
+#   Apply interface configuration recommended by keepalived project
+#   https://github.com/acassen/keepalived/blob/master/keepalived/vrrp/vrrp_if_config.c#L23
 define keepalived::vrrp::instance (
   $interface,
   Integer[1,254] $priority,
@@ -240,6 +243,7 @@
   $vmac_xmit_base                                                         = true,
   Boolean $use_vmac_addr                                                  = false,
   Boolean $native_ipv6                                                    = false,
+  Boolean $apply_sysctl_params                                            = false,
 ) {
   $_name = regsubst($name, '[:\/\n]', '', 'G')
   $_ordersafe = regsubst($_name, '-', '', 'G')
@@ -303,4 +307,49 @@
     content => "}\n\n",
     order   => "100-${_ordersafe}-zzz",
   }
+
+  if $apply_sysctl_params {
+    ensure_resource('sysctl::value', "net.ipv4.conf.${virtual_ipaddress_int}.arp_ignore",
+      {
+        value => '1',
+      },
+    )
+    ensure_resource('sysctl::value', "net.ipv4.conf.${virtual_ipaddress_int}.arp_filter",
+      {
+        value => '1',
+      },
+    )
+
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.accept_local",
+      {
+        value => '1',
+      },
+    )
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.arp_ignore",
+      {
+        value => '1',
+      },
+    )
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp/${virtual_router_id}.rp_filter",
+      {
+        value => '0',
+      },
+    )
+
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.accept_local",
+      {
+        value => '1',
+      },
+    )
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.arp_ignore",
+      {
+        value => '1',
+      },
+    )
+    ensure_resource('sysctl::value', "net.ipv4.conf.vrrp6/${virtual_router_id}.rp_filter",
+      {
+        value => '0',
+      },
+    )
+  }
 }