Here is how to configure carp on FreeBSD 9.3.
Reference
Two FreeBSD 9.3 machines are running as virtual machines and these VMs have two vNICs.
SW- em0 VM1 em1 -------|
| --- em0 VM2 em1 ---- SW
edit /boot/loader.conf so that the OS loads carp module when booting.
root@bsd93-vm1:~ # cat /boot/loader.conf
if_carp_load="YES"
|
reboot the OS
make sure the OS is loading carp module.
root@bsd93-vm1:~ # kldstat
Id Refs Address Size Name
1 3 0xffffffff80200000 1611638 kernel
2 1 0xffffffff81812000 10db0 if_carp.ko
|
on the VM1
add carp0 device to em1
root@bsd93-vm1:~ # cat /etc/rc.conf
hostname="bsd93-vm1"
keymap="jp.106x.kbd"
ifconfig_em0="DHCP"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
unbound_enable="YES"
ifconfig_em1="inet 192.168.1.3 netmask 255.255.255.0"
cloned_interfaces="carp0"
ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24"
|
on the VM2
root@bsd93-vm2:~ # cat /etc/rc.conf
hostname="bsd93-vm2"
keymap="jp.106x.kbd"
ifconfig_em0="DHCP"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
unbound_enable="YES"
ifconfig_em1="inet 192.168.1.4 netmask 255.255.255.0"
cloned_interfaces="carp0"
ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24"
|
reboot VM1 and VM2.
Both VM has same IP 192.168.1.50 on carp0 device.
Backup box also grabs the VIP when that machine is in backup state.
VM1 is master.
root@bsd93-vm1:~ # ifconfig -a
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 52:54:00:16:a6:9e
inet 192.168.11.20 netmask 0xffffff00 broadcast 192.168.11.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 52:54:00:2c:8b:7b
inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe2c:8b7b%em1 prefixlen 64 scopeid 0x3
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: MASTER vhid 1 advbase 1 advskew 0
root@bsd93-vm1:~ #
|
on the VM2
VM2 is backup.
root@bsd93-vm2:~ # ifconfig -a
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 52:54:00:de:6d:92
inet 192.168.11.17 netmask 0xffffff00 broadcast 192.168.11.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 52:54:00:e1:ea:69
inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::5054:ff:fee1:ea69%em1 prefixlen 64 scopeid 0x3
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: BACKUP vhid 1 advbase 1 advskew 100
|
VM1 ( 192.168.1.3 ) is sending advertisement packets every second.
root@bsd93-vm2:~ # tcpdump -i em1 -n carp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
17:23:10.707902 IP 192.168.1.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0, authtype none, intvl 1s, length 36
17:23:11.717968 IP 192.168.1.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0, authtype none, intvl 1s, length 36
|
reboot the VM1.
VM2 is master
root@bsd93-vm2:~ # ifconfig carp0
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: MASTER vhid 1 advbase 1 advskew 100
|
VM1 is backup.
root@bsd93-vm1:~ # ifconfig carp0
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: BACKUP vhid 1 advbase 1 advskew 0
|
[ make high availability of DNS “unbound” with CARP ]
With CARP, backup machine can grab VIPs when that machine is in backup state, so you do not need to restart unbound process when master-backup state has changed.
VM1
unbound.conf
interface: 192.168.1.50
interface: 127.0.0.1
|
VM2
unbound.conf
interface: 192.168.1.50
interface: 127.0.0.1
|
When VM2 is master
root@bsd93-vm2:~ # ifconfig carp0
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: MASTER vhid 1 advbase 1 advskew 100
# /var/log/messages
Sep 7 17:57:56 bsd93-vm2 unbound: [858:0] info: 192.168.1.100 www.google.com. A IN
|
When VM1 is master
root@bsd93-vm1:~ # ifconfig carp0
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 192.168.1.50 netmask 0xffffff00
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
carp: MASTER vhid 1 advbase 1 advskew 0
# /var/log/messages
Sep 7 17:58:45 bsd93-vm1 kernel: carp0: link state changed to UP
Sep 7 17:59:25 bsd93-vm1 unbound: [853:0] info: 192.168.1.100 www.google.com. A IN
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.