From c91db784e191c81c9fea434c06c7ea250bb3ed9f Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Fri, 19 Mar 2021 21:21:27 +0000
Subject: [PATCH] network: Use insecure password for keepalived

Using AH based authentication generates duplicate announces from master:

  IPSEC-AH : sequence number 34831 already processed. Packet dropped.

Use insecure (unencrypted) authentication for announcement pakets until
this is sorted out.
---
 roles/network/templates/keepalived.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/network/templates/keepalived.conf.j2 b/roles/network/templates/keepalived.conf.j2
index ffa0a32..83c873b 100644
--- a/roles/network/templates/keepalived.conf.j2
+++ b/roles/network/templates/keepalived.conf.j2
@@ -12,7 +12,7 @@ vrrp_instance VI_{{ vip.vhid }} {
     priority {{ vip.priority }}
 {% endif %}
     authentication {
-        auth_type AH
+        auth_type PASS
         auth_pass {{ vip.pass }}
     }
     virtual_ipaddress {