Using two VyOS instances (Lab Router 1) **LR1** and (Lab Router 2) **LR2** with the following config
**LR1**
```
interfaces {
ethernet eth0 {
address 172.16.37.240/24
vrrp {
vrrp-group 200 {
authentication {
password foooo
type plaintext-password
}
priority 10
virtual-address 172.16.37.222
}
}
}
}
...
service {
dns {
forwarding {
cache-size 0
ignore-hosts-file
listen-on eth0
name-server 1.1.1.1
}
}
}
# netstat -npl | grep ":53"
(No info could be read for "-p": geteuid()=1000 but you should be root.)
tcp 0 0 172.16.37.222:53 0.0.0.0:* LISTEN -
tcp 0 0 172.16.37.240:53 0.0.0.0:* LISTEN -
tcp6 0 0 fe80::250:56ff:feaa::53 :::* LISTEN -
udp 0 0 172.16.37.222:53 0.0.0.0:* -
udp 0 0 172.16.37.240:53 0.0.0.0:* -
udp6 0 0 fe80::250:56ff:feaa::53 :::* -
```
**LR2**
```
interfaces {
ethernet eth0 {
address 172.16.37.241/24
smp-affinity auto
speed auto
vrrp {
vrrp-group 200 {
authentication {
password foooo
type plaintext-password
}
priority 10
virtual-address 172.16.37.222
}
}
}
}
...
service {
dns {
forwarding {
cache-size 4
ignore-hosts-file
listen-on eth0
name-server 1.1.1.1
}
}
}
# netstat -npl | grep ":53"
(No info could be read for "-p": geteuid()=1000 but you should be root.)
tcp 0 0 172.16.37.241:53 0.0.0.0:* LISTEN -
tcp6 0 0 fe80::250:56ff:feaa::53 :::* LISTEN -
udp 0 0 172.16.37.241:53 0.0.0.0:* -
udp6 0 0 fe80::250:56ff:feaa::53 :::* -
```
... had the effect that when **LR1** died and **LR2** took over the DNS forwarder (PowerDNS recursor) was not listening on the VRRP IP address of **LR2**.
The reason why **LR1** is listening on the VRRP address and **LR2** is not, is the generation of the PDNS recursor configuration file `/etc/powerdns/recursor.conf`.
**LR1**
```
$ cat /etc/powerdns/recursor.conf | grep local-addr
local-address=172.16.37.240,172.16.37.222,fe80::250:56ff:feaa:8b61%eth0
```
**LR2**
```
$ cat /etc/powerdns/recursor.conf | grep local-addr
local-address=172.16.37.241,fe80::250:56ff:feaa:e4e5%eth0
```
It's simple, we use the Python netifaces library to retrieve the IP address(es) from an interface it it simply is not returning the VRRP address when the node is in VRRP BACKUP state.
Simple problem but I yet don't know how to solve it.