Annotation of embedaddon/freevrrpd/freevrrpd.conf.sample, revision 1.1
1.1 ! misho 1: # This is a simple configuration file for freevrrpd
! 2: # Please read the documentation before modifying these parameters
! 3: # I recommend to not set addr to the unique and real ip of your server because
! 4: # if freevrrpd will shutdown, your server will don't have any IP address.
! 5: # a good utilization is to set a real IP address not managed by freevrrpd and
! 6: # then choosing an alias for the virtual IP address managed by freevrrpd
! 7: #
! 8: # Each VRID Section must begin with [VRID] keyword
! 9:
! 10: [VRID]
! 11: # serverid is needed to specify the number of the VRID, here VRID = 1
! 12: serverid = 1
! 13:
! 14: # you must set interface with a real interface name of your system
! 15: # this interface is used for sending VRRP announces
! 16: interface = rl0
! 17:
! 18: # this option specify a timeout for an interface like bge/em go down and up
! 19: # when an ethernet (lladdr) adress is setted on it. em/bge take about 2/3
! 20: # secondes before becoming up and running after transiting MASTER/BACKUP states
! 21: # the default is 10 seconds and must work with all NICs without problems
! 22: carriertimeout = 10
! 23:
! 24: # this option must be set for switches that have spanning tree activated
! 25: # because there is a time between the port activation and the first VLANs
! 26: # packets received. A value of 40 seconds will be good.
! 27: # by default, spanningtreelatency is disabled (=0)
! 28: spanningtreelatency = 0
! 29:
! 30: # priority = 255 is a MASTER of the VRID
! 31: # priority < 255 is a BACKUP with a priority 0 to 254
! 32: # 254 is a higher BACKUP priority
! 33: priority = 255
! 34:
! 35: # addr option is need to specify ip address(es) associated with the VRID
! 36: # you can specify multiple addresses separated by ','
! 37: # netmask is specified with CIDR notation so number after '/' represent the
! 38: # number of bits set to 1 for the netmask.
! 39: # eg: /24 is 11111111 11111111 11111111 00000000 = 255.255.255.0
! 40: # you can specify another (pseudo-)device for setting this(ese) adress(es)
! 41: addr = 10.0.0.1/32, vlan100:192.168.1.1/30, vlan101:192.168.10.1/30
! 42:
! 43: # Monitored circuits (test of carrier, interface and duplex) can be enabled
! 44: # or disabled. it's enabled by default but you may want to deactivate it for
! 45: # old NIC drivers that d'ont support mii bus
! 46: monitoredcircuits = yes
! 47:
! 48: # Specify the number of concurrent checks on a NIC by monitored circuits
! 49: # before considering to reset the error counter on this NIC. The default value
! 50: # is 3600 concurrent checks (about 1 hour)
! 51: # if 0 is specified, nberrors wil be never resetted
! 52: MCClearErrorsCount = 3600
! 53:
! 54: # now, you can specify a script name to execute when this host became master
! 55: # of this VRID
! 56: masterscript = /usr/local/bin/master_script.sh
! 57:
! 58: # and you can specify a script name to execute when this host became backup
! 59: # too
! 60: backupscript = /usr/local/bin/backup_script.sh
! 61:
! 62: # if physical interface attached to VRID 1 fail you can specify one or more
! 63: # VRIDs that must go to backup state in the same time. (monitored circuits)
! 64: # in this example if rl0 is faulty, xl0 and bge0 go to backup state mode
! 65: # This is extremly useful to avoir blackhole with Firewalls with two interfaces
! 66: vridsdep = 2, 3
! 67:
! 68: # if you want to authenticate your VRRP packets you can set a password
! 69: # associated with this VRID. this is not required but is you don't set a
! 70: # password, everybody in your LAN can generate VRRP packets without
! 71: # authentification. If you set this, you must set it to BACKUP VRID too, if you
! 72: # don't, all BACKUP VRRP packets will be rejected.
! 73: password = vrid1
! 74:
! 75: # if you want to authenticate your VRRP packets by AH encryption you must set
! 76: # this option to yes and specify a presharedkey parameter or useIKE=yes if you
! 77: # want an external key negociation like IKE (racoon)
! 78: #AHencryption = no
! 79:
! 80: # if you want to use an external key exchanger IKE, let freevrrpd know it with
! 81: # useIKE = yes
! 82: #useIKE = no
! 83:
! 84: # if you have set AHencryption = yes and useIKE = no you must specify a pre
! 85: # shared key known by VRRP servers that is on the same VRID, you can specify
! 86: # the key with this option
! 87: #presharedkey = blahblah
! 88:
! 89: [VRID]
! 90: # specify a second VRID number 2
! 91: serverid = 2
! 92: interface = xl0
! 93: # priority = 100 so it's a backup
! 94: priority = 100
! 95: addr = 192.168.1.2/32
! 96: password = vrid2
! 97: [VRID]
! 98: serverid = 3
! 99: interface = bge0
! 100: priority = 255
! 101: addr = 192.168.2.2/32
! 102: password = vrid3
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>