当前位置: 首页 > 图文教程 > 服务器 > Linux服务器 > OpenBSD3.8+PF+PFSYNC+CARP

Linux服务器
Linux Vsftpd本地用户不能登录问题
ChartDirector Linux下中文显示问题
关于Linux操作系统Fork的使用
Apache的基本设置和乱码解决方法
Apache的httpd.conf的配置详解
Linux Shell下的后台运行及其前台的转换
Linux操作系统两用户之间的信任关系
Linux操作系统下Shutdown命令-[option]
Linux系统下SSH远程登录速度慢?
Linux操作系统的时间服务器配置方法
Ubuntu Linux中文支持及编码问题
Linux下实现FTP虚拟主机的方法
Linux下查看某目录或指定文件大小的命令
Linux刷新主板BIOS的方法
闪盘(Thumb drive)装Linux系统
Linux文本模式下发送带附件的Email
删除文件提示:Operation not permitted
配置Linux的环境变量
Linux系统下硬盘挂载详细说明
Linux和Unix最常用的网络命令

Linux服务器 中的 OpenBSD3.8+PF+PFSYNC+CARP


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-18   浏览: 97 ::
收藏到网摘: n/a

参考:http://www.countersiege.com/doc/pfsync-carp/
参考:pfsync及carp手册
实验环境:
VMWare5.5,虚拟三台BSD,两台OpenBSD,一台FreeBSD.每台OpenBSD均有三块网卡.
虚拟机1:
名称:OpenBSD(GZ)
网卡pcn0:192.168.0.110/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.110/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.110/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254

虚拟机2:
名称:OpenBSD(PY)
网卡pcn0:192.168.0.120/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.120/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.120/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254
虚拟机3:
名称:FreeBSD
网卡lnc0:192.168.20.10/24(接内网vmnet2NAT192.168.20.0/24)
网关:192.168.20.200
[attach]122409[/attach]
设置:
1./etc/pf.conf(两台OpenBSD使用相同的规则),下面的规则非常简单,只用于测试.
ext_if="pcn0"
int_if="pcn1"
sync_if="pcn2"
loop_if="lo0"
naton$ext_iffrom$int_if:networktoany->$ext_if
passquickon{$sync_if}protopfsync
passon{$ext_if$int_if}protocarpkeepstate
passinquickallkeepstate
passoutquickallkeepstate
2.在OpenBSD(GZ)和OpenBSD(PY)中,分别增加下面文件.
#vi/etc/hostname.carp0
vhid1passfoo192.168.0.200255.255.255.0
#vi/etc/hostname.carp1
vhid2passbar192.168.20.200255.255.255.0
#vi/etc/hostname.pfsync0
syncpeer192.168.30.200syncdevpcn2
#vi/etc/rc.conf.local
pf=YES
3.设置FreeBSD
#vi/etc/rc.conf
defaultrouter="192.168.20.200"
ifconfig_lnc0="inet192.168.20.10netmask255.255.255.0"
#vi/etc/resolv.conf
nameserver202.96.128.68
nameserver202.96.134.133
4.设置完毕之后,重启三台虚拟机.
5.简单测试:
在FreeBSD虚拟机中,ping一个Internet上的真实IP,随便关闭那一台OpenBSD都可以.:em02::em02:
附ifconfig
1.OpenBSD(GZ)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:fe:67:4b
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.110netmask0xffffff00broadcast192.168.0.255
pcn1:flags=8b43mtu1500
lladdr00:0c:29:fe:67:55
media:Ethernetautoselect(autoselect)
inet192.168.20.110netmask0xffffff00broadcast192.168.20.255
pcn2:flags=8843mtu1500
lladdr00:0c:29:fe:67:5f
media:Ethernetautoselect(autoselect)
inet192.168.30.110netmask0xffffff00broadcast192.168.30.255
pflog0:flags=141mtu33224
pfsync0:flags=0mtu1348
pfsync:syncdev:pcn2syncpeer:192.168.30.200maxupd:128
enc0:flags=0mtu1536
carp0:flags=8843mtu1500
carp:BACKUPcarpdevpcn0vhid1advbase1advskew0
groups:carp
inet192.168.0.200netmask0xffffff00broadcast255.255.255.0
carp1:flags=8843mtu1500
carp:BACKUPcarpdevpcn1vhid2advbase1advskew0
groups:carp
inet192.168.20.200netmask0xffffff00broadcast255.255.255.0

2.OpenBSD(PY)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:cc:f5:37
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.120netmask0xffffff00broadcast192.168.0.255
pcn1:flags=8b43mtu1500
lladdr00:0c:29:cc:f5:41
media:Ethernetautoselect(autoselect)
inet192.168.20.120netmask0xffffff00broadcast192.168.20.255
pcn2:flags=8843mtu1500
lladdr00:0c:29:cc:f5:4b
media:Ethernetautoselect(autoselect)
inet192.168.30.120netmask0xffffff00broadcast192.168.30.255
pflog0:flags=141mtu33224
pfsync0:flags=0mtu1348
pfsync:syncdev:pcn2syncpeer:192.168.30.200maxupd:128
enc0:flags=0mtu1536
carp0:flags=8843mtu1500
carp:MASTERcarpdevpcn0vhid1advbase1advskew0
groups:carp
inet192.168.0.200netmask0xffffff00broadcast255.255.255.0
carp1:flags=8843mtu1500
carp:MASTERcarpdevpcn1vhid2advbase1advskew0
groups:carp
inet192.168.20.200netmask0xffffff00broadcast255.255.255.0
3.FreeBSD
#ifconfig
lnc0:flags=108843mtu1500
inet192.168.20.10netmask0xffffff00broadcast192.168.20.255
inet6fe80::20c:29ff:fe1d:bbda%lnc0prefixlen64scopeid0x1
ether00:0c:29:1d:bb:da