綠色小羊

防火牆loadbalance
主機1:FW1
原先的carp2
# more hostname.carp2
inet 1.1.1.140 255.255.255.248 1.1.1.143 vhid 123 advskew 100 pass ccc
接下來...
新增一個carp3，ip設定和carp2相同，差別在於vhid和advskew
# more hostname.carp3
inet 1.1.1.140 255.255.255.248 1.1.1.143 vhid 124 advskew 150 pass ccc
FW1的carp3 vhid要和FW2的carp3相同，才是同一組
FW1的carp3 advskew要比FW2的carp3優先權較低

主機2:FW2
# more hostname.carp2
inet 1.1.1.140 255.255.255.248 1.1.1.143 vhid 123 advskew 150 pass ccc
新增一個carp3，ip設定和carp2相同，差別在於vhid和advskew
# more hostname.carp3
inet 1.1.1.140 255.255.255.248 1.1.1.143 vhid 124 advskew 100 pass ccc
FW2的carp3 vhid要和FW1的carp3相同，才是同一組
FW2的carp3 advskew要比FW1的carp3優先權較高

再來記得設定net.inet.carp.arpbalance=1
vi sysctl.conf
net.inet.carp.arpbalance=1
若不重開機可下指令
sysctl net.inet.carp.arpbalance=1

檢查是否正常運作
主機:FW1===>carp: BACKUP
ifconfig
carp3: flags=8843 mtu 1500
lladdr 00:00:5e:00:01:7c
carp: BACKUP carpdev rl2 vhid 124 advbase 1 advskew 150
groups: carp
inet 1.1.1.140 netmask 0xfffffff8 broadcast 1.1.1.143
inet6 fe80::200:5eff:fe00:17c%carp3 prefixlen 64 scopeid 0xc

主機:FW2==>carp: MASTER
ifconfig
carp3: flags=8843 mtu 1500
lladdr 00:00:5e:00:01:7c
carp: MASTER carpdev rl2 vhid 124 advbase 1 advskew 100
groups: carp
inet 1.1.1.140 netmask 0xfffffff8 broadcast 1.1.1.143
inet6 fe80::200:5eff:fe00:17c%carp3 prefixlen 64 scopeid 0xc

*若用ifconfig來設定carp3
ifconfig carp3 create
ifconfig carp3 inet 1.1.1.140 netmask 255.255.255.248 carpdev rl2 vhid 124 advbase 1 advskew 150

本文由喜歡不一定擁有轉載