services:ipmi
no way to compare when less than two revisions
Différences
Ci-dessous, les différences entre deux révisions de la page.
— | services:ipmi [2020/08/12 18:35] (Version actuelle) – créée - modification externe 127.0.0.1 | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | # IPMI | ||
+ | ## Architecture basique | ||
+ | ``` | ||
+ | +--------+ | ||
+ | | client | | ||
+ | +--------+ | ||
+ | tun | ||
+ | | | ||
+ | | | ||
+ | tun | ||
+ | +---------------+ | ||
+ | | rebond-public | | ||
+ | +---------------+ | ||
+ | eth1 | ||
+ | | | ||
+ | | | ||
+ | | ||
+ | | IPMI | | ||
+ | | ||
+ | ``` | ||
+ | |||
+ | * 172.16.0.0/ | ||
+ | * 172.16.2.0/ | ||
+ | |||
+ | ## Procédure de création de tunnel | ||
+ | ### sur constance | ||
+ | - éditer `/ | ||
+ | - éditer `/ | ||
+ | - redémarrer nsd, quitter constance | ||
+ | - enregistrer les IPs dans l’IPAM | ||
+ | |||
+ | ### sur rebond-public.grifon.fr | ||
+ | #### Cas générique | ||
+ | |||
+ | ```bash | ||
+ | cd / | ||
+ | ln -s openvpn openvpn.${machin} | ||
+ | cd / | ||
+ | openvpn --genkey --secret ${machin}.key | ||
+ | vim ${machin}.conf | ||
+ | lport 11${IPv4} # Dernier octet de l’IPv4 | ||
+ | proto udp6 | ||
+ | dev tun | ||
+ | secret ${machin}.key | ||
+ | daemon ovpn-${machin} | ||
+ | |||
+ | ifconfig 172.16.2.${1ereIP} 172.16.2.{2ndIP} | ||
+ | rc-service openvpn.${machin} start | ||
+ | rc-update add openvpn.${machin} default | ||
+ | iptables -A FORWARD -s ${IPMI}/32 -d ${xco}/31 -j ACCEPT -m comment --comment " | ||
+ | iptables -A FORWARD -s ${xco}/31 -d ${IPMI}/32 -j ACCEPT -m comment --comment " | ||
+ | rc-service iptables save | ||
+ | ``` | ||
+ | |||
+ | #### Exemple alarig | ||
+ | ```bash | ||
+ | cd / | ||
+ | ln -s openvpn openvpn.alarig | ||
+ | cd / | ||
+ | vim alarig.conf | ||
+ | # lport 1127 # cf. IPv4 `host regis.swordarmor.fr` | ||
+ | # proto udp6 | ||
+ | # dev tun | ||
+ | # secret alarig.key | ||
+ | # daemon ovpn-alarig | ||
+ | # | ||
+ | # ifconfig 172.16.2.4 172.16.2.5 | ||
+ | rc-service openvpn.alarig start | ||
+ | rc-update add openvpn.alarig default | ||
+ | iptables -A FORWARD -s 172.16.0.4 -d 172.16.2.4/ | ||
+ | iptables -A FORWARD -s 172.16.2.4/ | ||
+ | rc-service iptables save | ||
+ | ``` | ||
+ | |||
+ | ## Configuration client | ||
+ | ### Générique | ||
+ | ``` | ||
+ | remote rebond-public.grifon.fr ${port} | ||
+ | dev tun | ||
+ | secret ${machin}.key | ||
+ | daemon ovpn-grifon-ipmi | ||
+ | |||
+ | ifconfig 172.16.2.${2ndIP} 172.16.2.${1ereIP} | ||
+ | route 172.16.0.0 255.255.255.0 | ||
+ | ``` | ||
+ | |||
+ | ### Exemple alarig | ||
+ | ``` | ||
+ | remote rebond-public.grifon.fr 1127 | ||
+ | dev tun | ||
+ | secret alarig.key | ||
+ | daemon ovpn-grifon-ipmi | ||
+ | |||
+ | ifconfig 172.16.2.5 172.16.2.4 | ||
+ | route 172.16.0.0 255.255.255.0 | ||
+ | ``` |
services/ipmi.txt · Dernière modification : 2020/08/12 18:35 de 127.0.0.1