Difference between revisions of "Multi-Path Routing"
Jump to navigation
Jump to search
| Line 10: | Line 10: | ||
The first thing to do is install ifstated; | The first thing to do is install ifstated; | ||
| − | + | <pre> | |
FreeBSD: pkg add ifstated | FreeBSD: pkg add ifstated | ||
OpenBSD: pkg_add ifstated | OpenBSD: pkg_add ifstated | ||
| − | + | </pre> | |
Assuming you have gif tunnels already established? | Assuming you have gif tunnels already established? | ||
| Line 28: | Line 28: | ||
With ifstated installed we can go through the configuration file; | With ifstated installed we can go through the configuration file; | ||
| − | + | <pre> | |
$ more /usr/local/etc/ifstated.conf | $ more /usr/local/etc/ifstated.conf | ||
| Line 69: | Line 69: | ||
} | } | ||
} | } | ||
| − | + | </pre> | |
To break this file down so you can understand, the line pf_check is pinging another router every ten seconds. | To break this file down so you can understand, the line pf_check is pinging another router every ten seconds. | ||
Revision as of 06:30, 24 October 2018
Multi-Path routing with OpenBSD/FreeBSD using GIF interfaces and ifstated.
Multi-Path routing allows you to do several different concepts and methodologies. This article will be focused on fault tolerance. You can certainly use public address space.. no one can stop you... yet this article is geared towards private gif interfaces. A few questions come to mind;
1.) Server outage and you have a ZFS mirror in another location, how can we get there? 2.) Core router that allows other routers to talk to one another has a fiber cut or hardware failure. 3.) Corporate wide redundancy
The first thing to do is install ifstated;
FreeBSD: pkg add ifstated OpenBSD: pkg_add ifstated
Assuming you have gif tunnels already established?
RouterA
- ifconfig gif0 create
- ifconfig gif0 internal1 internal2
- ifconfig gif0 tunnel external1 external2
RouterB
- ifconfig gif0 create
- ifconfig gif0 internal2 internal1
- ifconfig gif0 tunnel external2 external1
With ifstated installed we can go through the configuration file;
$ more /usr/local/etc/ifstated.conf
init-state auto
pf_check = '( "ping -q -c 1 -W 1 10.0.11.9 > /dev/null" every 10)'
state auto {
if ! $pf_check {
set-state int_demoted
}
if $pf_check {
set-state int_promoted
}
}
state int_demoted {
init {
run "sh /etc/netstart"
run "sh /etc/rc.local2"
}
if $pf_check {
set-state int_promoted
}
}
state int_promoted {
init {
run "sh /etc/netstart"
run "sh /etc/rc.local"
run "sh /usr/local/etc/rc.d/racoon restart"
}
if ! $pf_check {
set-state int_demoted
}
}
To break this file down so you can understand, the line pf_check is pinging another router every ten seconds.