Project 2 - Web and Proxy Redundancy
Plan of Attack
OPT Network set
10.0.6 Going
NAT, DNS
VRRP
Web02 Setup
Httpd
All other config stuff
Create web pages for web01 and web02
Keepalived for HAproxy
Update nat for web server
OPT Setup
HA01 & HA02
Setup Networking HA01: 6.11 and HA02: 6.12
sudo nano /etc/netplan/00-installer-config.yaml
To apply netplan:
sudo netplan trySet Hostname and Add Paul user
sudo hostnamectl set-hostname ha0X-paul
sudo passwd champuser
sudo adduser paul
sudo usermod -aG sudo paulVYOS01 and 02 OPT Setup
Setup NAT for OPT to WAN
set nat source rule 20 description 'NAT FROM OPT to WAN'
set nat source rule 20 outband-interface eth0
set nat source rule 20 source address 10.0.6.0/24
set nat source rule 20 translation address masqueradeSetup DNS for OPT to WAN
set service dns forwarding allow-from 10.0.6.0/24
set service dns forwarding listen-address 10.0.6.1WEB02 Setup
change root passwd and make paul user
Set ip using nmtui
Setup httpd
sudo yum install httpd
nano /var/www/html/index.htmlChange Firewall Rules
Setup HAproxy
Install HAproxy
sudo apt install haproxyChanged environment variable
nano /etc/default/haproxyAdd the following line
ENABLED=1Edit the /etc/haproxy/haproxy.cfg
Now do
sudo systemctl restart haproxySetup Keepalived
HA01 Config
HA02 Config
Change VYOS Rules:
Delete old nat rule
delete nat destination rule 20Add new nat rule
set nat destination rule 20 destination address 10.0.17.106
set nat destination rule 20 destination port 80
set nat destination rule 20 inbound-interface eth0
set nat destination rule 20 protocol tcp
set nat destination rule 20 translation address 10.0.6.10
set nat destination rule 20 translation port 80
set nat destination rule 20 description HTTP->HAVRRPLast updated