Carp: Unterschied zwischen den Versionen
Cbs (Diskussion | Beiträge) (Die Seite wurde neu angelegt: beim killen von zombies muss ein ggf. configuriertes carp-interface (HA/LB) im status 'BACKUP' sein und darf keinesfalls 'MASTER' sein.<br/> <br/> zu diesem zweck wird ...) |
Cbs (Diskussion | Beiträge) |
||
| Zeile 3: | Zeile 3: | ||
<br/> | <br/> | ||
zu diesem zweck wird einfach der wert '''advskew''' des/der interfaces auf 254 gesetzt, das die slave-node zum master macht | zu diesem zweck wird einfach der wert '''advskew''' des/der interfaces auf 254 gesetzt, das die slave-node zum master macht | ||
| + | |||
| + | ==OpenBSD loadbalancing and failover with relayd, pf and carp== | ||
| + | |||
| + | Wow, OpenBSD is such a good network operating system! Besides the great firewall pf(4), the excellent virtual network interface carp(4), there is a tool (ships with OpenBSD) called relayd(8). The last tool makes loadbalancing available for OpenBSD. | ||
| + | |||
| + | First setup a carp device as described on both OpenBSD machines. | ||
| + | |||
| + | Now uncomment these two rules in /etc/pf.conf: | ||
| + | rdr-anchor "relayd/*" | ||
| + | anchor "relayd/*" | ||
| + | |||
| + | And add these rules to enable full TCP state takeover. This means any OpenBSD machine may go down/reboot/fail while all existing connections will be taken over by the other. I have tried listening to a stream of music through this setup, it works like a charm! | ||
| + | |||
| + | pcn0 is the interface connected to your network, pcn1 is the interface that has a cross cable to the other openbsd machine. (pcn1 exists solely for pfsync, I consider the cross cable very reliable.) | ||
| + | pass quick on { pcn1 } proto pfsync keep state (no-sync) | ||
| + | pass on { pcn0 pcn1 } proto carp keep state | ||
| + | |||
| + | And edit /etc/relayd.conf to look something like this on both hosts. | ||
| + | <pre> | ||
| + | ext_addr="192.168.1.123" | ||
| + | webhost1="192.168.1.2" | ||
| + | webhost2="192.168.1.3" | ||
| + | |||
| + | table <webhosts> { $webhost1 $webhost2 } | ||
| + | relay www { | ||
| + | listen on $ext_addr port http | ||
| + | forward to <webhosts> port http mode loadbalance check http "/" code 200 | ||
| + | } | ||
| + | </pre> | ||
| + | |||
| + | Add this line to /etc/rc.conf.local on both machines for starting relayd at boot time. | ||
| + | relayd_flags="" | ||
| + | |||
| + | Reload pf and start relayd on both machines: | ||
| + | # pfctl -F all -f /etc/pf.conf | ||
| + | # relayd | ||
| + | |||
| + | You now have a highly available, failover loadbalancer! | ||
| + | |||
==Siehe auch== | ==Siehe auch== | ||
| − | + | [[Gdb]] | |
[[Kategorie:BSD]] | [[Kategorie:BSD]] | ||
Version vom 8. Dezember 2009, 10:47 Uhr
beim killen von zombies muss ein ggf. configuriertes carp-interface (HA/LB) im status 'BACKUP' sein
und darf keinesfalls 'MASTER' sein.
zu diesem zweck wird einfach der wert advskew des/der interfaces auf 254 gesetzt, das die slave-node zum master macht
OpenBSD loadbalancing and failover with relayd, pf and carp
Wow, OpenBSD is such a good network operating system! Besides the great firewall pf(4), the excellent virtual network interface carp(4), there is a tool (ships with OpenBSD) called relayd(8). The last tool makes loadbalancing available for OpenBSD.
First setup a carp device as described on both OpenBSD machines.
Now uncomment these two rules in /etc/pf.conf:
rdr-anchor "relayd/*" anchor "relayd/*"
And add these rules to enable full TCP state takeover. This means any OpenBSD machine may go down/reboot/fail while all existing connections will be taken over by the other. I have tried listening to a stream of music through this setup, it works like a charm!
pcn0 is the interface connected to your network, pcn1 is the interface that has a cross cable to the other openbsd machine. (pcn1 exists solely for pfsync, I consider the cross cable very reliable.)
pass quick on { pcn1 } proto pfsync keep state (no-sync)
pass on { pcn0 pcn1 } proto carp keep state
And edit /etc/relayd.conf to look something like this on both hosts.
ext_addr="192.168.1.123"
webhost1="192.168.1.2"
webhost2="192.168.1.3"
table <webhosts> { $webhost1 $webhost2 }
relay www {
listen on $ext_addr port http
forward to <webhosts> port http mode loadbalance check http "/" code 200
}
Add this line to /etc/rc.conf.local on both machines for starting relayd at boot time. relayd_flags=""
Reload pf and start relayd on both machines:
- pfctl -F all -f /etc/pf.conf
- relayd
You now have a highly available, failover loadbalancer!
