餱ȥƥȤͫݵ

⤷ƤȤɽεϿøȽ񤯡

2006ǯ06

freevrrpdǥоĹ

freevrrpdFreeBSDNetBSDOpenBSDvrrpdFreeBSDʤ/usr/ports/net/freevrrpdˤ롣

vrrp롼¿ŲԤΥץȥƤ뤱ɡä˥롼˸ꤷʤƤ⡢̤ΥۥȤǤȤȤǤ롣

äƤ뤳ȤϡۥȤ餽ΥۥȤäƤIPɥ쥹̤ΥۥȤѤȤ᡼򡢲IPɥ쥹ʣΥۥȤǶͭƤ뤳ȤǼ¸롣ʣΥۥȤΥ롼פvrrpǥ롼IDǴ졢ǥץ饤ƥκǤ⤤ۥȤmaster(IPɥ쥹꿶)ʳbackupȤʤꡢmasterbackupǥץ饤ƥ⤤ۥȤmasterȤʤ롣freevrrpdǤϲIPɥ쥹masterȤʤۥȤIPɥ쥹ꥢȤꤵ롣ȤƤϤȤƤ⥷ץ롣

ʤ(192.168.1.253IPɥ쥹)

rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet6 fe80::20d:bff:fe4e:8e42%rl0 prefixlen 64 scopeid 0x2
        inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.1.253 netmask 0xffffffff broadcast 192.168.1.253
        ether 00:0d:0b:4e:8e:42
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

FreeBSDports줿/usr/local/etc/freevrrpd.confǡƱǥ쥯ȥfreevrrpd.conf.sampleꡢǫˤʥȤ򵭺ܤƤƤ롣

masterˤۥȤǤ

[VRID]
serverid = 1
interface = rl0
priority = 255
addr = 192.168.1.253/32
password = hogehoge
useVMAC = no
sendgratuitousarp = yes

backupˤۥȤǤ

[VRID]
serverid = 1
interface = rl0
priority = 250
addr = 192.168.1.253/32
password = hogehoge
useVMAC = no
sendgratuitousarp = yes

ꤹ٤ܤϤäȤʤȤ

  • serveridvrrpΥ롼IDɳդۥȤƱIDȤ
  • interfacevrrp򤷤٤餻NICꡣ
  • priorityͥ١255ͤǻꤵƤmasterˤʤ롣
  • addrϲIPɥ쥹
  • passwordvrrp̿Υѥɡ롼ƱΤꡣ
  • useVMACMACɥ쥹ⲾۤΤΤȤɤλꡣ

MACɥ쥹ȤȡڤؤƱMACɥ쥹̿Ǥ뤿ᡢarpѹʤʤL2SWǤѹɽɬפ롣ޤ̤ϰռʤƤ褤)MACɥ쥹Ȥϡڤؤ˥ۥȤMACɥ쥹񤭴뤿ᡢȤIPɥ쥹꿶ƤФˤϤ˱ƶФ(ǽ)

MACɥ쥹Ȥʤϡڤؤ˲IPɥ쥹бMACɥ쥹(masterۥȤΤΤ)ѹ롣Τ¾ΥۥȤMACɥ쥹ѹΤƤɬפ롣ؼΤsendgratuitousarpڤؤ˼ʬȤMACɥ쥹ޤޤ줿arpꥯȤ֥ɥ㥹ȤŪMACɥ쥹ѹŤ롣

freevrrpdΩ夲к¤IPɥ쥹ڤؤϽ褦ˤʤ롣IPɥ쥹Ȥäӥξ夲(DBhttpdstart/stopȤ)ˤmasterscriptbackupscriptǻꤷץȤǹԤФ

masterscript = /usr/local/bin/master_script.sh
backupscript = /usr/local/bin/backup_script.sh

ǡƱ䶦ͭǥѤ򤭤ȹθƤСʤäHA饹ŪʻȤ(󤸤ʤʤ)

Debian GNU/LinuxΥåץǡȤproxyͳǹԤ

줫餪ŻDebian GNU/Linux򤿤ȤȤˤʤꤽޤϥåץǡȤˡ餤ΤʤȤ͡äƤȤǤäĴ٤Ƥߤ

ʬȤ󥿡ͥåȤãǤʤʤɡľܳ˽ФʤȤ˷ҤäƤ硢ȤꤢľproxyDzȤǤʤϺapt-getޥɤǥåץǡȤproxyλˡϤʲ2Τ褦

  • Ķѿhttp_proxy(ɬפˤäftp_proxy)
  • /etc/apt/apt.conf
  Acquire {
     http {
        Proxy "http://proxy:8080";;
     };
     ftp {
        Proxy "http://proxy:8080";;
     };
  }

㳰ȤȤǤߤ

ȤsquidʤapacheʤproxyΥå奵ФǤäƤס

̲ΤǤ̵ǰ

ҤȤĤDNSФWANLAN򽻤ʬ

ǤWANϥХ륢ɥ쥹꿶ƤͥåȥLANϥץ饤١ȥɥ쥹ΥͥåȥȤäȤǡ

ȤLANWAN̤Υ֥ɥᥤ̾褹ʤɡƱǥХ륢ɥ쥹֤쥳ɤȥץ饤١ȥɥ쥹֤쥳ɤ򺮺ߤ硢ΤޤޤҤȤĤΥեˤ٤ƤΥȥ񤭽ФƤޤȡWAN̾褷Ȥ˥ץ饤١ȥɥ쥹֤Ƥޤǽ롣ޤ̾ʤΤǼ³ʤä㡼ʤɡäȤä

ޤƱ̾WAN鸫LAN鸫̤Υɥ쥹֤⤢

WANLAN줾bindΩƤƤ⤤ɤ⡢ʤȤˤbind9viewǽȤȤȤƤWANLAN줾Υ󥿡եۥȤnamedưꡣ

named.confǡޤLANȤǧ륢ɥ쥹ӰaclǶڤäƤ롣

acl localnet {
        127.0.0.1;
        ::1;
        192.168.0.0/16;
};

viewڤäLANWANΥ򤽤줾쵭ܡʲǤϡ饤ȤIPɥ쥹ǻꤷlocalnetƤacl˴ޤޤˤlocalȤviewʳǤworldȤviewŬѤ롣

view "local" {
        match-clients { localnet; };
        zone "example.jp" {
                type master;
                file "example.jp.local"; LAN
        };
}
view "world" {
        match-clients { any; };
        zone "example.jp" {
                type master;
                file "example.jp.world";
        };
}
# 󤳤Ǥnamed.confȤƤԽʬʤΤǡ¾˺줺ˡ

λȡexample.jp.localexample.jp.world줾LANWANΥեˤʤ롣줾ˤ٤ƤΥۥȥȥ򵭺ܤƤ⤤ɡ¿ơ⤽ΤۤȤɤLANǤWANǤⶦ̤ƤäꤹȴɤʤȤˤ$INCLUDEȤäƤ(ˤäƤ)ڤ

LAN example.jp.local

$INCLUDE example.jp.common

;LANΥɥ쥹򵭺
ns0            IN      A       192.168.1.53
ns1            IN      A       192.168.1.54
www            IN      A       192.168.1.80
pc0            IN      A       192.168.1.128
pc1            IN      A       192.168.1.129

WAN example.jp.world

$INCLUDE example.jp.common

;WANΥɥ쥹򵭺
ns0            IN      A       123.45.67.89
ns1            IN      A       123.45.67.90
www            IN      A       123.45.67.91

̤Υȥ example.jp.common

$TTL 86400
@       IN      SOA     example.jp. root.example.jp.  (
                                2006060301 ; Serial
                                3600    ; Refresh
                                900     ; Retry
                                604800  ; Expire
                                3600 )  ; Minimum

               IN      NS  ns0
               IN      NS  ns1
               IN      MX  mail
mail           IN      A       123.45.67.25
host0          IN      A       123.45.67.1
host1          IN      A       123.45.67.2
host2          IN      A       123.45.67.3

ݥȤSOḀեˡns0ns1ϸ̤ΥǻꤷƤ뤳Ȥns0ϼʬȤΥɥ쥹ns1Ϥ줾ΥͥåȥǤΥꥵФꤹʤ

SOA϶̥ե˴ޤޤΤǡȤLANΥǤ⡢̥եSerialäƤɬפΤաSOAWANLAN̡˴Ϥ󤽤줾˵ܤƤ⹽ʤ٤϶̥ե򹹿ˤ줾SerialäΤ˺ʤ褦ˡTTLϤɤǴƤʤ

ns0ns1WANLANʬɬפΤϡLAN䤤碌ˤLANDNSХɥ쥹WAN䤤碌ˤWANΥɥ쥹֤Ƥ뤿ᡣLANǤWANDNS䤤碌Ƥޤȡ(NATȤƯƤФ)view worldȤƽ줿̤֤äƤƤޤ

IPv6ξϥץ饤١ȥɥ쥹ȤǰʤΤ(ȥ륢ɥ쥹ѻߤä)ͥåȥڤäơñ˸ΡʤΤǹͤ롣

ɤƤȤ³ʤФʤʤ

ɤˤǤOSΥ˥륳(饤Ѥ)󤷤ȤƷϤ롣ȥ˥󥰥ȤʬޤǤʤʤɡΤ⤬줿­Ǥ㤦äƾʤʤ()

ʤ櫓ǡŪû饤եLinuxǥȥӥ塼¤ݤߤƤʤʤä礭ʤä֤櫓Ǥ

http://www.fedoralegacy.org/
ȤɤȤơʤ꤬ץȤäΤȤRedHat7.3RedHat9FedoraCore13ݡȤƤ褦

ǤLinux⤽ʤΥ뤫顢Τȼ֤뤳ȤϤȤƤͭΥݡԥӥäƤƤȤϤ뤱ɡOSƳääơ饤ѤȤݡѤȤŪβǽ˹⤤櫓ǡƳ񤷤¿Ȼפ

ʤMicrsftιߤˤʤäʡ

Ǥ饤Ѥ⥵ݡѤ⤫ʤ衪ǯ˿絬ϥåץǡȤʤƤäƤ¾衪ȤˤϡCentOSΤ褦⤢餷ͭRedHatEnterprizeLinuxΥǡGPL򺬵RHELΥꤷƺƥѥ롢ۤƤΤʤƥåץǡȤRHELǥ꡼줿Τˤɽƥ꡼餷Ѥ򤷤ˤͭϸʤ󤸤ʤï⥵ݡȤƤʤɡ

SECURITY ADVISORIESƤ

http://security.freebsd.org/advisories/FreeBSD-SA-06:16.smbfs.asc
http://security.freebsd.org/advisories/FreeBSD-SA-06:15.ypserv.asc

ɤľܴطʤ

RELENG_4_105ǥƥʥ󥹽λȻפ䡢ߥդǹ줿ߤ줬ǸˤʤΤʡ

SIGUSR1򿩤ähttpd夬äƤʤ

ˤФеꡣä


Jun 1 00:00:00 ns newsyslog[92788]: logfile turned over

[Thu Jun 01 00:00:03 2006] [notice] seg fault or similar nasty error detected in the parent process




newsyslogǥơ󤹤SIGUSR1(ʥ30)äơե뵭һҤƤɬפɡǾ夬äƤʤ



äƤߤɤPHP4äݤʷϵФƤ
http://www.freebsd.org/cgi/query-pr.cgi?pr=64904
http://bugs.php.net/bug.php?id=27899
http://bugs.php.net/bug.php?id=27810

Ȥ褦ȻפΩäɡäѤ⤦̲鿲롣(Ȥäޤ֤)