*Empty MediaWiki Message*
This commit is contained in:
parent
53470e9291
commit
2f4430631e
|
@ -83,36 +83,138 @@ lxc.network.link=vswitch0
|
||||||
|
|
||||||
WICHTIG: durch das Flatbert Netzwerkschema muss! vswitch1 nach vswitch0 umgeschrieben werden, damit „dropbert1“ direkt über die erste Bridge angebunden wird und nicht an der zweiten Bridge, die ProxyARP/ProxyNDP verwendet!
|
WICHTIG: durch das Flatbert Netzwerkschema muss! vswitch1 nach vswitch0 umgeschrieben werden, damit „dropbert1“ direkt über die erste Bridge angebunden wird und nicht an der zweiten Bridge, die ProxyARP/ProxyNDP verwendet!
|
||||||
|
|
||||||
|
„dropbert1“ Container: starten und einloggen
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
lxc-start -n dropbert1
|
||||||
|
lxc-attach -n dropbert1
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
|
Der Container sollte automatisch per DHCP eine IP Adresse zugewiesen bekommen.
|
||||||
|
|
||||||
|
„dropbert1“ Container: ucarp und pppoeconf installieren
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
apt-get autoclean; apt-get clean; apt-get update; apt-get upgrade
|
||||||
|
|
||||||
|
apt-get install ucarp pppoeconf
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
|
„dropbert1“ Container: pppoe einrichten
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
pppoeconf
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
|
„dropbert1“ Container: Netzwerk Interface Konfiguration
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
vi /etc/network/interfaces
|
||||||
|
|
||||||
|
auto lo
|
||||||
|
iface lo inet loopback
|
||||||
|
|
||||||
|
auto eth0
|
||||||
|
iface eth0 inet manual
|
||||||
|
pre-up ifconfig eth0 up
|
||||||
|
post-down ifconfig eth0 down
|
||||||
|
|
||||||
|
auto eth1
|
||||||
|
iface eth1 inet static
|
||||||
|
address 172.22.99.91
|
||||||
|
netmask 255.255.255.0
|
||||||
|
gateway 172.22.99.4
|
||||||
|
up /usr/sbin/ucarp -i eth1 -f daemon -B -p TOPSECRET -P -z -u /usr/share/ucarp/vip-up -d /usr/share/ucarp/vip-down -b 1 -k 1 -s 172.22.99.91 -a 172.22.99.4 -v 1
|
||||||
|
up ping -S 172.22.99.4 -c 2 -q 172.22.99.7
|
||||||
|
down pkill ucarp
|
||||||
|
|
||||||
|
# The carp network interface, on top of eth0
|
||||||
|
iface eth1:ucarp inet static
|
||||||
|
#/ address 172.22.99.90
|
||||||
|
address 172.22.99.4
|
||||||
|
netmask 255.255.255.0
|
||||||
|
|
||||||
|
auto dsl-provider
|
||||||
|
iface dsl-provider inet ppp
|
||||||
|
pre-up /bin/ip link set eth0 up # line maintained by pppoeconf
|
||||||
|
provider dsl-provider
|
||||||
|
|
||||||
|
# EOF
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
|
„dropbert1“ Container: damit nach dem failover Moduswechsel (von BACKUP auf MASTER) auch der tatsächliche Switch die neue MAC Adresse zur virtuellen (virtual shared) IP erhält, wird das ucarp-up Skript angepasst indem man einfach ein Ping anschließend senden lässt
|
||||||
|
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
vi /usr/share/ucarp/vip-up
|
||||||
|
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# /sbin/ifup $1:ucarp
|
||||||
|
/sbin/ifup eth1:ucarp
|
||||||
|
|
||||||
|
sleep 1 && ping -S 172.22.99.4 -c 2 -q 172.22.99.7
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
|
„dropbert1“ Container: /etc/sysctl.conf & /etc/rc.local anpassen
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
vi /etc/sysctl.conf
|
||||||
|
|
||||||
|
### ### ### ROUTING // ### ### ###
|
||||||
|
net.ipv4.conf.all.forwarding=1
|
||||||
|
net.ipv6.conf.eth0.accept_ra=0
|
||||||
|
### ### ### // ROUTING ### ### ###
|
||||||
|
|
||||||
|
# EOF
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
vi /etc/rc.local
|
||||||
|
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# rc.local
|
||||||
|
#
|
||||||
|
# This script is executed at the end of each multiuser runlevel.
|
||||||
|
# Make sure that the script will "exit 0" on success or any other
|
||||||
|
# value on error.
|
||||||
|
#
|
||||||
|
# In order to enable or disable this script just change the execution
|
||||||
|
# bits.
|
||||||
|
#
|
||||||
|
# By default this script does nothing.
|
||||||
|
#
|
||||||
|
### ### ### C3D2 // ### ### ###
|
||||||
|
|
||||||
|
|
||||||
|
#/ echo "stage0"
|
||||||
|
iptables -F
|
||||||
|
iptables -X
|
||||||
|
iptables -t nat -F
|
||||||
|
iptables -t nat -X
|
||||||
|
iptables -t mangle -F
|
||||||
|
iptables -t mangle -X
|
||||||
|
iptables -P INPUT ACCEPT
|
||||||
|
iptables -P FORWARD ACCEPT
|
||||||
|
iptables -P OUTPUT ACCEPT
|
||||||
|
|
||||||
|
ip6tables -F
|
||||||
|
ip6tables -X
|
||||||
|
ip6tables -t nat -F
|
||||||
|
ip6tables -t nat -X
|
||||||
|
ip6tables -t mangle -F
|
||||||
|
ip6tables -t mangle -X
|
||||||
|
ip6tables -P INPUT ACCEPT
|
||||||
|
ip6tables -P FORWARD ACCEPT
|
||||||
|
ip6tables -P OUTPUT ACCEPT
|
||||||
|
|
||||||
|
#/ echo "stage1"
|
||||||
|
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
|
||||||
|
sysctl net.ipv4.conf.default.forwarding=1 > /dev/null 2>&1
|
||||||
|
sysctl net.ipv4.conf.eth0.forwarding=1 > /dev/null 2>&1
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
### ### ### C3D2 // ### ### ###
|
||||||
|
# EOF
|
||||||
</source>
|
</source>
|
||||||
<source lang=bash>
|
|
||||||
|
|
||||||
</source>
|
Sofern ich an dieser Stelle nichts nennenswertes vergessen habe zu erwähnen, sollte nach einem Container Neustart die PPPoE Einwahl und das Routing schon funktionieren
|
||||||
<source lang=bash>
|
|
||||||
|
|
||||||
</source>
|
|
||||||
<source lang=bash>
|
|
||||||
|
|
||||||
</source>
|
|
||||||
=== FreeNAS/Storage (FreeBSD) ===
|
=== FreeNAS/Storage (FreeBSD) ===
|
||||||
<source lang=bash>
|
<source lang=bash>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user