OpenBSD3.8+PF+PFSYNC+CARP
2009-05-13 01:22:25来源:未知 阅读 ()
参考:http://www.countersiege.com/doc/pfsync-carp/
参考:pfsync及carp手册
实验环境:
VMWare5.5,虚拟三台BSD,两台OpenBSD,一台FreeBSD.每台OpenBSD均有三块网卡.
虚拟机1:
名称:OpenBSD(GZ)
网卡pcn0:192.168.0.110/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.110/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.110/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254
虚拟机2:
名称:OpenBSD(PY)
网卡pcn0:192.168.0.120/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.120/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.120/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254
虚拟机3:
名称:FreeBSD
网卡lnc0:192.168.20.10/24(接内网vmnet2NAT192.168.20.0/24)
网关:192.168.20.200
[attach]122409[/attach]
设置:
1./etc/pf.conf(两台OpenBSD使用相同的规则),下面的规则非常简单,只用于测试.
ext_if="pcn0"
int_if="pcn1"
sync_if="pcn2"
loop_if="lo0"
naton$ext_iffrom$int_if:networktoany->$ext_if
passquickon{$sync_if}protopfsync
passon{$ext_if$int_if}protocarpkeepstate
passinquickallkeepstate
passoutquickallkeepstate
2.在OpenBSD(GZ)和OpenBSD(PY)中,分别增加下面文件.
#vi/etc/hostname.carp0
vhid1passfoo192.168.0.200255.255.255.0
#vi/etc/hostname.carp1
vhid2passbar192.168.20.200255.255.255.0
#vi/etc/hostname.pfsync0
syncpeer192.168.30.200syncdevpcn2
#vi/etc/rc.conf.local
pf=YES
3.设置FreeBSD
#vi/etc/rc.conf
defaultrouter="192.168.20.200"
ifconfig_lnc0="inet192.168.20.10netmask255.255.255.0"
#vi/etc/resolv.conf
nameserver202.96.128.68
nameserver202.96.134.133
4.设置完毕之后,重启三台虚拟机.
5.简单测试:
在FreeBSD虚拟机中,ping一个Internet上的真实IP,随便关闭那一台OpenBSD都可以.:em02::em02:
附ifconfig
1.OpenBSD(GZ)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:fe:67:4b
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.110netmask0xffffff00broadcast192.168.0.255
pcn1:flags=8b43mtu1500
lladdr00:0c:29:fe:67:55
media:Ethernetautoselect(autoselect)
inet192.168.20.110netmask0xffffff00broadcast192.168.20.255
pcn2:flags=8843mtu1500
lladdr00:0c:29:fe:67:5f
media:Ethernetautoselect(autoselect)
inet192.168.30.110netmask0xffffff00broadcast192.168.30.255
pflog0:flags=141mtu33224
pfsync0:flags=0mtu1348
pfsync:syncdev:pcn2syncpeer:192.168.30.200maxupd:128
enc0:flags=0mtu1536
carp0:flags=8843mtu1500
carp:BACKUPcarpdevpcn0vhid1advbase1advskew0
groups:carp
inet192.168.0.200netmask0xffffff00broadcast255.255.255.0
carp1:flags=8843mtu1500
carp:BACKUPcarpdevpcn1vhid2advbase1advskew0
groups:carp
inet192.168.20.200netmask0xffffff00broadcast255.255.255.0
2.OpenBSD(PY)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:cc:f5:37
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.120netmask0xffffff00broadcast192.168.0.255
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- centos网卡配置详解 2020-03-22
- centos7.7上安装broadcom bcm4312无线网卡驱动 2020-03-13
- centos7使用rt_tables巧妙配置多网卡多路由实现策略路由 2020-03-01
- centos7网卡启动不了 2020-01-09
- 2-2 远程管理命令-网卡和IP地址的概念 2019-11-16
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash
