![nixsky[www.nixsky.com]](/templets/images/toplogo.gif)
参考:pfsync 及 carp 手册
实验环境:
VMWare 5.5,虚拟三台BSD,两台OpenBSD,一台FreeBSD.每台OpenBSD均有三块网卡.
虚拟机1:
名称:OpenBSD(GZ)
网卡pcn0:192.168.0.110/24 (接外网 vmnet0 桥接 192.168.0.0/24)
网卡pcn1:192.168.20.110/24 (接内网 vmnet2 NAT 192.168.20.0/24)
网卡pcn2:192.168.30.110/24 (pfsync vmnet3 NAT 192.168.30.0/24)
网关:192.168.0.254
虚拟机2:
名称:OpenBSD(PY)
网卡pcn0:192.168.0.120/24 (接外网 vmnet0 桥接 192.168.0.0/24)
网卡pcn1:192.168.20.120/24 (接内网 vmnet2 NAT 192.168.20.0/24)
网卡pcn2:192.168.30.120/24 (pfsync vmnet3 NAT 192.168.30.0/24)
网关:192.168.0.254
虚拟机3:
名称:FreeBSD
网卡lnc0:192.168.20.10/24 (接内网 vmnet2 NAT 192.168.20.0/24)
网关:192.168.20.200
[attach]122409[/attach]
设置:
1./etc/pf.conf(两台OpenBSD使用相同的规则),下面的规则非常简单,只用于测试.
ext_if = "pcn0"
int_if = "pcn1"
sync_if = "pcn2"
loop_if = "lo0"
nat on $ext_if from $int_if:network to any -> $ext_if
pass quick on { $sync_if } proto pfsync
pass on { $ext_if $int_if } proto carp keep state
pass in quick all keep state
pass out quick all keep state
2.在OpenBSD(GZ)和OpenBSD(PY)中,分别增加下面文件.
# vi /etc/hostname.carp0
vhid 1 pass foo 192.168.0.200 255.255.255.0
# vi /etc/hostname.carp1
vhid 2 pass bar 192.168.20.200 255.255.255.0
# vi /etc/hostname.pfsync0
syncpeer 192.168.30.200 syncdev pcn2
# vi /etc/rc.conf.local
pf=YES
3.设置FreeBSD
# vi /etc/rc.conf
defaultrouter="192.168.20.200"
ifconfig_lnc0="inet 192.168.20.10 netmask 255.255.255.0"
# vi /etc/resolv.conf
nameserver 202.96.128.68
nameserver 202.96.134.133
4.设置完毕之后,重启三台虚拟机.
Power by nixsky Copyright 2004-2008