当前位置: 首页 > 图文教程 > 服务器 > Linux服务器 > OpenBSD3.8+PF+PFSYNC+CARP

Linux服务器
FreeBSD操作系统安装过程
Ubuntu8.04安装配置PHP+MYSQL环境
接触linux的用户需要掌握的linux命令
配置你的Ubuntu8.04
sudo安装、配置和使用
Linux设置技巧:如何防止入行单用户
服务器设置错误页面转向的特定网页
恢复Linux口令的五种方法
Linux知识:配置Linux网络地址
apache下实现301永久性重定向的方法
linux开机自启动挂载windows的具体步骤
Linux服务器:关闭的Linux机器继续运行ipchains
使用国外Linux主机做网站应该注意的2点
目前热门的以服务器为导向的开源技术
大公司使用Linux系统的使用方式

Linux服务器 中的 OpenBSD3.8+PF+PFSYNC+CARP


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-18   浏览: 85 ::
收藏到网摘: n/a

参考:http://www.countersiege.com/doc/pfsync-carp/
参考:pfsync及carp手册
实验环境:
VMWare5.5,虚拟三台BSD,两台OpenBSD,一台FreeBSD.每台OpenBSD均有三块网卡.
虚拟机1:
名称:OpenBSD(GZ)
网卡pcn0:192.168.0.110/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.110/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.110/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254

虚拟机2:
名称:OpenBSD(PY)
网卡pcn0:192.168.0.120/24(接外网vmnet0桥接192.168.0.0/24)
网卡pcn1:192.168.20.120/24(接内网vmnet2NAT192.168.20.0/24)
网卡pcn2:192.168.30.120/24(pfsyncvmnet3NAT192.168.30.0/24)
网关:192.168.0.254
虚拟机3:
名称:FreeBSD
网卡lnc0:192.168.20.10/24(接内网vmnet2NAT192.168.20.0/24)
网关:192.168.20.200
[attach]122409[/attach]
设置:
1./etc/pf.conf(两台OpenBSD使用相同的规则),下面的规则非常简单,只用于测试.
ext_if="pcn0"
int_if="pcn1"
sync_if="pcn2"
loop_if="lo0"
naton$ext_iffrom$int_if:networktoany->$ext_if
passquickon{$sync_if}protopfsync
passon{$ext_if$int_if}protocarpkeepstate
passinquickallkeepstate
passoutquickallkeepstate
2.在OpenBSD(GZ)和OpenBSD(PY)中,分别增加下面文件.
#vi/etc/hostname.carp0
vhid1passfoo192.168.0.200255.255.255.0
#vi/etc/hostname.carp1
vhid2passbar192.168.20.200255.255.255.0
#vi/etc/hostname.pfsync0
syncpeer192.168.30.200syncdevpcn2
#vi/etc/rc.conf.local
pf=YES
3.设置FreeBSD
#vi/etc/rc.conf
defaultrouter="192.168.20.200"
ifconfig_lnc0="inet192.168.20.10netmask255.255.255.0"
#vi/etc/resolv.conf
nameserver202.96.128.68
nameserver202.96.134.133
4.设置完毕之后,重启三台虚拟机.
5.简单测试:
在FreeBSD虚拟机中,ping一个Internet上的真实IP,随便关闭那一台OpenBSD都可以.:em02::em02:
附ifconfig
1.OpenBSD(GZ)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:fe:67:4b
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.110netmask0xffffff00broadcast192.168.0.255
pcn1:flags=8b43mtu1500
lladdr00:0c:29:fe:67:55
media:Ethernetautoselect(autoselect)
inet192.168.20.110netmask0xffffff00broadcast192.168.20.255
pcn2:flags=8843mtu1500
lladdr00:0c:29:fe:67:5f
media:Ethernetautoselect(autoselect)
inet192.168.30.110netmask0xffffff00broadcast192.168.30.255
pflog0:flags=141mtu33224
pfsync0:flags=0mtu1348
pfsync:syncdev:pcn2syncpeer:192.168.30.200maxupd:128
enc0:flags=0mtu1536
carp0:flags=8843mtu1500
carp:BACKUPcarpdevpcn0vhid1advbase1advskew0
groups:carp
inet192.168.0.200netmask0xffffff00broadcast255.255.255.0
carp1:flags=8843mtu1500
carp:BACKUPcarpdevpcn1vhid2advbase1advskew0
groups:carp
inet192.168.20.200netmask0xffffff00broadcast255.255.255.0

2.OpenBSD(PY)
lo0:flags=8049mtu33224
groups:lo
inet127.0.0.1netmask0xff000000
pcn0:flags=8b43mtu1500
lladdr00:0c:29:cc:f5:37
groups:egress
media:Ethernetautoselect(autoselect)
inet192.168.0.120netmask0xffffff00broadcast192.168.0.255
pcn1:flags=8b43mtu1500
lladdr00:0c:29:cc:f5:41
media:Ethernetautoselect(autoselect)
inet192.168.20.120netmask0xffffff00broadcast192.168.20.255
pcn2:flags=8843mtu1500
lladdr00:0c:29:cc:f5:4b
media:Ethernetautoselect(autoselect)
inet192.168.30.120netmask0xffffff00broadcast192.168.30.255
pflog0:flags=141mtu33224
pfsync0:flags=0mtu1348
pfsync:syncdev:pcn2syncpeer:192.168.30.200maxupd:128
enc0:flags=0mtu1536
carp0:flags=8843mtu1500
carp:MASTERcarpdevpcn0vhid1advbase1advskew0
groups:carp
inet192.168.0.200netmask0xffffff00broadcast255.255.255.0
carp1:flags=8843mtu1500
carp:MASTERcarpdevpcn1vhid2advbase1advskew0
groups:carp
inet192.168.20.200netmask0xffffff00broadcast255.255.255.0
3.FreeBSD
#ifconfig
lnc0:flags=108843mtu1500
inet192.168.20.10netmask0xffffff00broadcast192.168.20.255
inet6fe80::20c:29ff:fe1d:bbda%lnc0prefixlen64scopeid0x1
ether00:0c:29:1d:bb:da