Project 2 - Web and Proxy Redundancy
Plan of Attack
- OPT Network set
- 10.0.6 Going
- NAT, DNS
- VRRP
- Web02 Setup
- Httpd
- All other config stuff
- Create web pages for web01 and web02
- HAproxy
- Keepalived for HAproxy
- Update nat for web server
OPT Setup
HA01 & HA02
Setup Networking HA01: 6.11 and HA02: 6.12
sudo nano /etc/netplan/00-installer-config.yaml
To apply netplan:
sudo netplan try
Set Hostname and Add Paul user
sudo hostnamectl set-hostname ha0X-paul
sudo passwd champuser
sudo adduser paul
sudo usermod -aG sudo paul
VYOS01 and 02 OPT Setup
Setup NAT for OPT to WAN
set nat source rule 20 description 'NAT FROM OPT to WAN'
set nat source rule 20 outband-interface eth0
set nat source rule 20 source address 10.0.6.0/24
set nat source rule 20 translation address masquerade
Setup DNS for OPT to WAN
set service dns forwarding allow-from 10.0.6.0/24
set service dns forwarding listen-address 10.0.6.1
WEB02 Setup
change root passwd and make paul user
Set ip using nmtui
Setup httpd
sudo yum install httpd
nano /var/www/html/index.html
Change Firewall Rules
Setup HAproxy
Install HAproxy
sudo apt install haproxy
Changed environment variable
nano /etc/default/haproxy
Add the following line
ENABLED=1
Edit the /etc/haproxy/haproxy.cfg
Now do
sudo systemctl restart haproxy
Setup Keepalived
HA01 Config
HA02 Config
Change VYOS Rules:
Delete old nat rule
delete nat destination rule 20
Add new nat rule
set nat destination rule 20 destination address 10.0.17.106
set nat destination rule 20 destination port 80
set nat destination rule 20 inbound-interface eth0
set nat destination rule 20 protocol tcp
set nat destination rule 20 translation address 10.0.6.10
set nat destination rule 20 translation port 80
set nat destination rule 20 description HTTP->HAVRRP