Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:network:high-availability [2021/05/25 15:49] – alt_config_file - mention and explain riskdocs:guide-user:network:high-availability [2022/08/31 20:55] – Fixed error in uci file header preventing use of alt config file nathhad
Line 99: Line 99:
 </code> </code>
  
-To ensure `/etc/init.d/keepalived` script starts the daemon pointed at your config set `/etc/config/keepalived` like:+To ensure `/etc/init.d/keepalived` script starts the daemon pointed at your config
 + 
 +write the following in `/etc/config/keepalived` :
  
 <code> <code>
-config global_defs                                                                             +config globals                                                                             
    option alt_config_file          "/etc/keepalived/keepalived.conf"    option alt_config_file          "/etc/keepalived/keepalived.conf"
 </code> </code>
  
-This above will cause the init script to not generate its own config, but merely create a symlink to your script in /tmp where the daemon ends up pointing to.+This will tell the keepalived service to use the configuration file you wrote at /etc/keepalived/keepalived.conf 
  
 ==== 4. Configure conntrackd ==== ==== 4. Configure conntrackd ====
Line 181: Line 183:
 </code> </code>
  
-==== 3. Configure dhcp ====+==== 5. Configure dhcp ====
  
 You'll want DHCP (dnsmasq) to serve 192.168.0.4 (vip address) to hosts on the lan, both as their gateway and DNS. You'll want DHCP (dnsmasq) to serve 192.168.0.4 (vip address) to hosts on the lan, both as their gateway and DNS.
Line 197: Line 199:
 dhcp_option 3 is gateway, dhcp_option 6 is DNS. dhcp_option 3 is gateway, dhcp_option 6 is DNS.
  
-==== 5. Sysupgrade backup add dirs ====+Now we need to configure synchronization of the dhcp leases. Both devices will have a dhcp server and both will assign dynamic IPs to clients. But each will only update its own dhcp lease list. 
 + 
 +Dnsmasq stores current leases in a text file called **/tmp/dhcp.leases** by default in OpenWrt (it's also a configuration option you can change from UCI or Luci web interface (**Network -> DHCP and DNS -> Resolv and Hosts files -> Lease File** ) 
 + 
 +This is what it looks like on my OpenWrt router VM 
 +<code> 
 +root@VM-router:~# cat /tmp/dhcp.leases 
 +1633703346 00:1c:42:0f:b1:c7 192.168.222.244 hostname1 01:00:1c:42:0f:b1:c7 
 +1633703352 c4:41:1e:68:97:62 192.168.222.243 hostname2 01:c4:41:1e:68:97:62 
 +1633703161 c0:10:b1:2c:e4:e6 192.168.123.148 * 01:c0:10:b1:2c:e4:e6 
 +1633703141 e8:f4:08:1f:9c:67 192.168.123.69 hostname3 01:e8:f4:08:1f:9c:67 
 +</code> 
 +The first number is a timestamp (seconds since Unix "beginning of time" date which is somewhere in 1970, so it should be consistent with another device if the clocks are set correctly), then there is mac address of the device, then IP, then hostname (I redacted the hostnames of my devices above), then it seems another mac address but I'm not sure of what that is. 
 + 
 +So we add a simple and dumb script that just merges the files on both devices every X time, and it assumes that dnsmasq will automatically drop the entries when their lease is up. 
 + 
 +We must do the following on both routers. 
 + 
 +Import the public SSH key of the router 1 in router 2 (and the reverse) so they can scp to each other without writing the password 
 +this to read the current public key [[docs:guide-user:security:dropbear.public-key.auth#extras]] 
 +and this to write the key [[docs:guide-user:security:dropbear.public-key.auth#web_interface_instructions]] 
 + 
 +Then copy the following script to **/bin/dnsmasq-lease-sync.sh** and edit the IP address (so it can point to the other router) 
 + 
 +<code> 
 +#!/bin/sh 
 +#syncs contents of dnsmasq dhcp leases 
 + 
 +other_router=192.168.11.254 
 + 
 +scp root@$other_router:/tmp/dhcp.leases /tmp/dhcp_lease_temp 
 + 
 +cat /tmp/dhcp.leases /tmp/dhcp_lease_temp | sort -u > /tmp/dhcp_lease_new 
 + 
 +mv /tmp/dhcp_lease_new /tmp/dhcp.leases 
 +</code> 
 + 
 +then make it executable 
 +<code> 
 +chmod u+x /bin/dnsmasq-lease-sync.sh 
 +</code> 
 +Then add a scheduled task to execute this script every minute and enable cron (scheduled tasks) service. (can be done from luci as well [[docs:guide-user:base-system:cron]]) 
 + 
 +<code> 
 +echo '*/1 * * * *  /bin/dnsmasq-lease-sync.sh' >>  /etc/crontabs/root 
 +echo 'root' >> /etc/crontabs/cron.update 
 +service cron start 
 +</code> 
 + 
 +==== 6. Sysupgrade backup add dirs ====
  
 Add the following directories to ''/etc/sysupgrade.conf''. (can be done from luci as well). Add the following directories to ''/etc/sysupgrade.conf''. (can be done from luci as well).
Line 204: Line 255:
 /etc/keepalived/ /etc/keepalived/
 /etc/conntrackd/ /etc/conntrackd/
 +/bin/dnsmasq-lease-sync.sh
 </code> </code>
  
  • Last modified: 2023/02/04 18:31
  • by nathhad