carp
0.1.0
Services: CARP (failover)
-
/etc/crontab
*/5 * * * * root nice -n 20 /usr/local/pkg/pf/carp_sync_client.php
CARP Virtual IPs
/pkg_edit.php?xml=carp.xml
CARP Status
carp_status.php
CARP Settings
pkg_edit.php?xml=carp_settings.xml&id=0
/usr/local/pkg/
a+x
- http://www.pfsense.com/packages/config/carp_settings.xml
/usr/local/pkg/pf/
a+x
- http://www.pfsense.com/packages/config/carp_sync_client.php
/usr/local/pkg/pf/
a+x
- http://www.pfsense.com/packages/config/carp_sync_server.php
/usr/local/pkg/pf/
a+x
- http://www.pfsense.com/packages/config/carp_rules.php
/usr/local/www/
a+x
- http://www.pfsense.com/packages/config/carp_status.php
['installedpackages']['carp']['config']
VHID Group
vhid
Virtual IP Address
ipaddress
Advertising Frequency
advskew
Netmask
netmask
Virtual IP Address
ipaddress
Enter the IP Address that you would like to share on both machines
input
Virtual IP Netmask
netmask
Enter the IP Address's netmask that you would like to share on both machines
select
24
Virtual IP Password
password
Enter the VHID group password.
password
VHID Group
vhid
Enter the VHID group that the machines will share
select
1
Advertising Frequency
advskew
The frequency that this machine will advertise
select
0
function sync_package_carp() {
/*
* XXX: find out how many carp and pfsync interfaces are established
* and destroy/down them before sweeping through the list
*/
conf_mount_rw();
config_lock();
$fout = fopen("/usr/local/etc/rc.d/carp.sh","w");
fwrite($fout, "#!/bin/sh \n");
global $config;
$carp_instances_counter = 0;
$pfsync_instances_counter = 0;
if($config['installedpackages']['carp']['config'] != "") {
foreach($config['installedpackages']['carp']['config'] as $carp) {
/*
* create the carp interface
*/
fwrite($fout, "echo Creating {$pfsync_instances_counter} ...\n");
fwrite($fout, "/sbin/ifconfig carp" . $carp_instances_counter . " create\n");
$broadcast_address = gen_subnet_max($carp['ipaddress'], $carp['netmask']);
if($carp['password'] != "") {
$password = " pass " . $carp['password'];
}
$carp_command = "/sbin/ifconfig carp" . $carp_instances_counter . " " . $carp['ipaddress'] . "/" . $carp['netmask'];
$carp_command .= " broadcast " . $broadcast_address . " vhid " . $carp['vhid'] . " advskew " . $carp['advskew'] . $password;
if($carp['balancing'] == "true") $using_arp_balance = 1;
if($carp['preempt'] == "true") $using_preempt = 1;
fwrite($fout, $carp_command . "\n");
fwrite($fout, "/sbin/ifconfig carp{$carp_instances_counter} up\n");
if($carp['pfsync'] != "") $pfsync = 1;
$carp_instances_counter++;
}
}
if($config['installedpackages']['carpsettings']['config'] != "")
foreach($config['installedpackages']['carpsettings']['config'] as $carp)
if($carp['pfsyncenabled'] != "") {
$pfsync = 1;
if($carp['premption'] != "")
$preempt = 1;
if($carp['balancing'] != "")
$using_arp_balance = 1;
$carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);
fwrite($fout, "/sbin/ifconfig pfsync0 create\n");
fwrite($fout, "/sbin/ifconfig pfsync0 syncif " . $carp_sync_int . "\n");
fwrite($fout, "/sbin/ifconfig {$carp_sync_int} up\n");
fwrite($fout, "/sbin/ifconfig pfsync0 up\n");
$pfsync_instances_counter++;
}
fwrite($fout, "/etc/rc.filter_configure");
fclose($fout);
mwexec("chmod a+x /usr/local/etc/rc.d/carp.sh");
system("/usr/local/etc/rc.d/carp.sh >/dev/null 2>&1 &");
if($using_arp_balance == 1) mwexec("sysctl net.inet.arpbalance=1");
if($preempt == 1) mwexec("sysctl net.inet.carp.preempt=1");
conf_mount_ro();
config_unlock();
}
sync_package_carp();
sync_package_carp();
system("/bin/rm /usr/local/www/carp* 2>/dev/null");
system("/bin/rm /usr/local/pkg/carp* 2>/dev/null");
system("/bin/rm /usr/local/pkg/pf/carp* 2>/dev/null");
system("/bin/rm /usr/local/etc/rc.d/carp* 2>/dev/null");