-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfreevrrpd.8
137 lines (137 loc) · 4.8 KB
/
freevrrpd.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
.Dd March 24, 2015
.Dt FREEVRRPD 8
.Os
.Sh NAME
.Nm freevrrpd
.Nd Virtual Redundancy Router Protocol Daemon
.Sh SYNOPSIS
.Nm freevrrpd
.Bk -words
.Op Fl F
.Op Fl f Ar config_file
.Op Fl c Ar chroot_directory
.Sh DESCRIPTION
.Nm freevrrpd
is an RFC2338/5798 compliant daemon.
VRRP can be used with multiple interfaces as well as multiple VRIDs.
For each VRID defined in the configuration file,
.Nm freevrrpd
creates a thread for managing a poll of one or multiple virtual IP
addresses.
The daemon currently only supports IPv4 but IPv6 is being
developed.
.Pp
When
.Nm freevrrpd
start, it reads /usr/local/etc/freevrrpd.conf file and then daemonizes
itself.
All of the options are defined in the config file.
.Pp
.Nm freevrrpd is compatible with FreeBSD.
.Pp
Functionality includes :
.Bl -bullet -compact
.It
Support of multiple VRIDs
.It
State announcements are multicast using the
.Xr bpf 4
device
.It
Changing routes and IP in 3 seconds
.It
Sending gratuitous ARP requests to clean the ARP cache of all hosts listening hosts
.It
Election between different backup and master servers with differing priorities
.It
The same host can be both a SLAVE and MASTER at the same time for different VRIDs
.It
Automatic downgrade to BACKUP state if the MASTER returns to service
.It
Support of netmasks for virtual IP addresses
.El
.Sh CONFIGURATION
.Pp
.Nm freevrrpd
reads its configuration data from /usr/local/etc/freevrrpd.conf, or
the file specified with -f on the command line.
The config file contains keyword-argument pairs, one per line.
Each VRID definition is defined by the [VRID] keyword.
Lines starting with '#' and empty lines are interpreted as comments.
.Pp
The possible keywords and their meanings are as follows (note that keywords and arguments are case-sensitive):
.Bl -tag -width Ds
.It Cm serverid
This keyword is followed by a decimal number between 1 and 255 and represents the group identifier (Virtual Router Identifier).
.It Cm interface
This keyword is followed by an interface name where multicast VRRP announcements of the specified serverid group will be sent.
.It Cm useVMAC
Specifies whether Virtual MAC address (like 00:5E:00:...) is permitted.
The default is
.Dq yes .
Note that disabling useVMAC is an RFC violation but may be necessary for some specific cases.
If disabled,
.Dq sendgratuitousarp
must be enabled.
.It Cm priority
This keyword can be followed by a decimal number between 0 to 255.
A priority of 255 means a MASTER server.
A priority between 0 to 254 is a BACKUP priority.
If the VRID MASTER fails 254 becomes MASTER before 253, etc.
A priority of 0 would be the last possible failover attempt.
.It Cm addr
Specifies all Virtual IP addresses separated by commas of the corresponded VRID.
A VIP syntax will be:
.Dq xxx.xxx.xxx.xxx/yy
or
.Dq device:xxx.xxx.xxx.xxx/yy.
.Dq xxx.xxx.xxx.xxx
representing the IP address and
.Dq yy
is a netmask in CIDR format.
Device is an optional device where the VIP will be configured.
.It Cm monitoredcircuits
Specifies whether NIC monitoring is enabled.
This option uses a special ioctl for getting carrier, duplex, and health of the network card.
The default is
.Dq yes .
Note that your NIC driver must support mii bus functionality.
Some old drivers cannot use this option and must be disabled.
.It Cm MCClearErrorsCount
This keyword can be followed by a decimal number that represent the number of concurrent valid checks (monitored circuits) before nberrors flag will be resetted at 0.
The default is
.Dq 3600 .
Note that the default value means that 30 concurrent checks ok on a NIC by monitored circuits will reset the error counter for this NIC.
If a value of
.It Cm masterscript
This keyword can be followed by a script name with an absolute path and will be executed during MASTER transition state.
.It Cm backupscript
This keyword takes the same argument as
.Dq masterscript
except that this script is executed during BACKUP transition state.
.It Cm vridsdep
This keyword can be followed by a list of VRIDs in decimal format separated by commas.
If the VRID becomes BACKUP, all VRIDs specified will be preempted and become BACKUP too.
.It Cm password
This keyword can be followed by a password for authenticating VRRP packets on a specific VRID.
Note that the password will be transmitted in clear with this method.
.It Cm AHencryption
Not implemented yet
.It Cm useIKE
Not implemented yet
.It Cm presharedkey
Not implemented yet
.Sh IMPLEMENTATION NOTES
This utility does not quit properly if you use the -KILL signal.
If you want to stop freevrrpd, use kill [PID] and not kill -9 [PID].
This will allow it to delete virtual IP addresses and routes properly on shutdown.
.Sh BUGS
.Nm freevrrpd
is in active development.
Please send bugs report and suggestions.
.Sh AUTHORS
.An George V. Neville-Neil Aq [email protected]
.An Sebastien Petit Aq [email protected]
.Sh HISTORY
.An Sebastien Petit Aq [email protected]
was the original author.