Dedibox Failover IP on NetBSD/XEN

Warning: this is xen bridge, not xen routing. Therefore no proxy_arp nor ip_forward is needed.

Hardcode your MAC

Dedibox requires you to define your guest’s MAC in their management console. Then hardcode it as such

vif = [ 'bridge=xenbr0,vifname=GUEST.0,mac=00:16:3e:xx:xx:xx' ]

Check that the bridge is in good state

brctl show

and once the guest has booted-up, check your MAC address

ifconfig xennet0 | grep address

Guest system setup

Ping from the outside and validate step-by-step first

fo=212.83.171.255
fogw=62.210.0.1
xenhost=51.15.190.74
#xenhostgw=51.15.190.1

ifconfig xennet0 inet $fo/32 up
route add -net $fogw/32 -link -cloning -iface xennet0
ping -c1 $fogw
route add default $fogw
#route add default $fogw -iface $FAILOVER_IP
netstat -rn -f inet
ping -c1 62.210.16.6
ping -c1 62.210.16.7

And your box should now respond from the public network.

Besides, you can also make a shortcut to reach the XEN host (if you want the return path to be also direct, you will need to tweak the XEN host itself)

route add -net $xenhost/32 -link -cloning -iface xennet0
traceroute $xenhost
ping -c1 $xenhost

While there is really no point of reaching its gateway, though. Otherwise add a route to the whole subnet (both $xenhost and $xenhostgw).

#route add -net $xenhostgw/32 -link -cloning -iface xennet0
#traceroute $xenhostgw
#ping -c1 $xenhostgw

You’re now ready to proceed with this at boot-time

cat > /etc/ifconfig.xennet0 <<-EOF
inet $fo/32 up
!/sbin/route add -net $fogw/32 -link -cloning -iface xennet0
!/sbin/route add default $fogw
!/sbin/route add -net $xenhost/32 -link -cloning -iface xennet0
EOF
cat /etc/ifconfig.xennet0
shutdown -r now

Resources

Failover IP https://www.online.net/en/dedicated-server/adresse-ip-failover-virtual-mac

MAC virtuelles multi-IP https://documentation.online.net/fr/dedicated-server/network/ip-failover/multi-ip-virtual-mac

OBSOLETE https://documentation.online.net/en/dedicated-server/network/ip-failover/ip-failover https://documentation.online.net/en/dedicated-server/network/ip-failover/xen

Networking with a gateway not on the local subnet https://www.netbsd.org/docs/network/#nonsubnetgateway

Add static routes and keep them across boots on NetBSD https://ezunix.org/index.php?title=Add_static_routes_and_keep_them_across_boots_on_NetBSD

Can I prevent a default route being added when bringing up an interface? https://unix.stackexchange.com/questions/182967/can-i-prevent-a-default-route-being-added-when-bringing-up-an-interface

does the gateway have to be on the subnet? https://unix.stackexchange.com/questions/98344/does-the-gateway-have-to-be-on-the-subnet

How to add a route for a specific subnet? https://serverfault.com/questions/597736/how-to-add-a-route-for-a-specific-subnet


Nethence | Pub | Lab | Pbraun | SNE Russia | xhtml