I have two identical Centos7 latest relase machines.One is named rotuer1 and other one is router2.
\nI will use VRRP protocol for router redundancy.In my test bench im not gonna use any layer 2\/3 switches.<\/p>\n
Specification :<\/p>\n
MB: A2SDi-8C-HLN4F
\n1x Intel(R) Atom(TM) CPU C3758
\n1x *8gig memory
\n2\u0445 HUS722T1TALA604
\n4x internal network interfaces.<\/p>\n
1.Network connectivity.
\nRouters are connected with crossover ethernet cable.In my case in eno3 interface.<\/p>\n
router1<\/strong> eno3 network interface config file<\/p>\n TYPE=”Ethernet” router2 <\/strong>eno3 network interface config file<\/p>\n TYPE=”Ethernet” Make sure to have ping form router1 <-> rotuer2 and telnet in 22 port for ssh.<\/p>\n Network card configuration in Centos <\/p>\n At the usual directory in centos7 we fill find configuration files for network interfaces. For vlan interface:<\/p>\n \nDEVICE=eno2.22 And for non vlan interface:<\/p>\n \nNAME=eno2 Be sure all network interfaces are set with option ONBOOT=yes<\/strong> or keepalived will not start.<\/p>\n 2.Pkgs Keepalived<\/strong> high-availability is achieved by VRRP protocol. VRRP is a fundamental brick for router failover. In addition, Keepalived implements a set of hooks to the VRRP finite state machine providing low-level and high-speed protocol interactions. <\/p>\n Using following configuration in \/etc\/keepalive\/keepalived.conf for master router1<\/p>\n \nglobal_defs { vrrp_sync_group router { } vrrp_instance router_eno1 <\/strong>{
\nBOOTPROTO=”static”
\nNAME=”eno3″
\nDEVICE=”eno3″
\nONBOOT=”yes”
\nIPADDR=”10.10.10.10″
\nPREFIX=”24″<\/p><\/blockquote>\n
\nBOOTPROTO=”static”
\nNAME=”eno3″
\nDEVICE=”eno3″
\nONBOOT=”yes”
\nIPADDR=”10.10.10.20″
\nPREFIX=”24″<\/p><\/blockquote>\n
\n\/etc\/sysconfig\/network-scripts\/
\nifcfg-* files should not have any configuration for network addresses.
\nExample:<\/p>\n
\nONBOOT=yes
\nVLAN=yes
\nTYPE=”Ethernet”\n<\/p><\/blockquote>\n
\nDEVICE=eno2
\nTYPE=Ethernet
\nONBOOT=yes
\nBOOTPROTO=static\n<\/p><\/blockquote>\n
\nyum install keepalived conntrackd openvpn quagga <\/p>\n
\n notification_email {
\n dimo@d1m0.com #who get notifications .
\n pich@d1m0.com
\n }
\n notification_email_from dimo@dm10.com
\n smtp_server 192.168.3.7 # mail server to send mails
\n smtp_connect_timeout 30 # wait before retry .
\n router_id firewall #name of our machine
\n}<\/p>\n
\n group {
\n router_eno1<\/strong>
\n router_eno2
\n router_eno4<\/p>\n
\n# this script is in \/usr\/share\/doc\/conntrack-tools-1.4.4\/doc\/sync\/. You may want to place it it keepalive config directory. It is used to notify Master and Backup for theirs states.
\n notify_master “\/etc\/keepalived\/primary-backup.sh primary”
\n notify_backup “\/etc\/keepalived\/primary-backup.sh backup”
\n notify_fault “\/etc\/keepalived\/primary-backup.sh fault”
\n}<\/p>\n
\n state MASTER # OR BACKUP
\n interface eno3 ### This is important interface.Over this interface router1 and router2 will talk to each others.
\n dont_track_primary
\n virtual_router_id 50
\n priority 100
\n advert_int 3
\n authentication {
\n auth_type PASS
\n auth_pass 11router #password is limited to 8 characters.
\n }
\nvirtual_ipaddress {
\n #