ros多線路疊加策略pcc超詳細(xì)教程圖文_第1頁
ros多線路疊加策略pcc超詳細(xì)教程圖文_第2頁
ros多線路疊加策略pcc超詳細(xì)教程圖文_第3頁
ros多線路疊加策略pcc超詳細(xì)教程圖文_第4頁
ros多線路疊加策略pcc超詳細(xì)教程圖文_第5頁
已閱讀5頁,還剩3頁未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

PCC的負(fù)載均衡<互聯(lián)網(wǎng)共享人人為我我為人人>這是ros最根本最重要的應(yīng)用,網(wǎng)絡(luò)上很多教程都比擬籠統(tǒng),新手根本看不懂!

此教程,詳細(xì)圖文+腳本,新手老手都可以借鑒.

通分組源地址和源端口實(shí)現(xiàn)負(fù)載平衡,這里我們建立2個(gè)WAN出口分別是wan1和wan2,網(wǎng)接口是lan1網(wǎng)絡(luò)環(huán)境如下:ISP1地址10.200.15.99/24,網(wǎng)關(guān):10.200.15.1;ISP2地址10.200.100.99/24,網(wǎng)關(guān):10.200.100.2;網(wǎng)IP地址192.168.100.1/24;啟用DNS緩存功能,用192.168.100.1作網(wǎng)DNS解析;根本配置首先進(jìn)入ipaddress配置IP地址:Mangle標(biāo)記配置接下來我們進(jìn)入ipfirewallmangle標(biāo)記連接和路由,我們使用per-connection-classifier雙向地址進(jìn)展分類做連接分類標(biāo)記。首先我們需要將進(jìn)入路由的的進(jìn)展標(biāo)記如下列圖,我們進(jìn)入一條mangle規(guī)則,中的advanced標(biāo)簽容可以看到per-connection-classifier分類器,選擇both-addresses的分類:然后選擇dst-address-type=!local,即除了目標(biāo)地址是本地以前的地址:注:2條線的分類代碼定義是第一條線為2/0,第二條為2/1同樣選擇一下地址類型:下面命令是提取走第一條線路的連接標(biāo)記取名位1st_conn,并從連接里提取路由標(biāo)記名位1st_route,設(shè)置:per-connection-classifier=both-addresses:2/0,設(shè)置in-interface=lan/ipfirewallmangle

addaction=mark-connectionchain=preroutingment=""disabled=no\

in-interface=lannew-connection-mark=1st_connpassthrough=yes\

per-connection-classifier=both-addresses:2/0

addaction=mark-routingchain=preroutingment=""connection-mark=1st_conn\

disabled=noin-interface=lannew-routing-mark=1st_routepassthrough=yes提取走第二條線路的連接標(biāo)記取名位2nd_conn,并從連接里提取路由標(biāo)記名位2nd_route,設(shè)置:per-connection-classifier=both-addresses:2/1,設(shè)置in-interface=lan:/ipfirewallmangle

addaction=mark-connectionchain=preroutingment=""disabled=no\

in-interface=lannew-connection-mark=2nd_connpassthrough=yes\

per-connection-classifier=both-addresses:2/1

addaction=mark-routingchain=preroutingment=""connection-mark=2nd_conn\

disabled=noin-interface=lannew-routing-mark=2nd_routepassthrough=yes在winbo*在mangle中設(shè)置完成后如下:回程路由設(shè)置我們需要將從那個(gè)口進(jìn)入就從相應(yīng)的口回去,即保證每個(gè)外網(wǎng)口的數(shù)據(jù)能得到正確的路由/ipfirewallmangle

addchain=inputin-interface=wan1action=mark-connectionnew-connection-mark=1st_conn

addchain=inputin-interface=wan2action=mark-connectionnew-connection-mark=2nd_connwinbo*設(shè)置標(biāo)記完進(jìn)入接口的后,將這些指定到相應(yīng)的路由標(biāo)記上:addchain=outputconnection-mark=1st_connaction=mark-routingnew-routing-mark=1st_route

addchain=outputconnection-mark=2nd_connaction=mark-routingnew-routing-mark=2nd_routewinbo*設(shè)置路由配置配置完標(biāo)記后路由后,我們進(jìn)入iproute配置路由,首先設(shè)置負(fù)載均衡的標(biāo)記路由,首先設(shè)置第一條線路的路由標(biāo)記,設(shè)置routing-mark=1st_route:設(shè)置第二條線路的路由標(biāo)記,設(shè)置routing-mark=2nd_route:配置默認(rèn)網(wǎng)關(guān)和備份網(wǎng)關(guān),默認(rèn)網(wǎng)關(guān)的distance設(shè)置為1,并設(shè)置check-gateway=ping,通過ping監(jiān)測網(wǎng)關(guān)狀態(tài):備份網(wǎng)關(guān)的distance設(shè)置為2,并設(shè)置check-gateway=ping,通過ping監(jiān)測網(wǎng)關(guān)狀態(tài):配置完成后的路由標(biāo)如下列圖:配置nat最后配置nat轉(zhuǎn)換規(guī)則,進(jìn)入ipfirewallnat中配置action=masquerade,分別對2條線路做偽裝:/ipfirewallnat

addaction=masqueradechain=sratout-interface=wan1

addaction=masqueradechain=sratout-interface=wan2命令代碼如下:*添加ADSL1的pppoe-out密碼并取取消自動(dòng)添加網(wǎng)關(guān)及DNS

/interfacepppoe-clientaddname="pppoe-out1"interface="wan1"user="adsl1name"password="adsl1pass"add-default-route=nodisabled=no

/interfacepppoe-clientaddname="pppoe-out2"interface="wan2"user="adsl2name"password="adsl2pass"add-default-route=nodisabled=no*激活pppoe-out撥號(hào)

/interfacepppoe-clientenablepppoe-out1

/interfacepppoe-clientenablepppoe-out2*添加本地連接配置

/ipaddressaddaddress=192.168.1.254/255.255.255.0interface=lan1ment="LAN1"*設(shè)置DNS緩存

/ipdnssetprimary-dns="202.103.224.68"secondary-dns="202.103.225.68"allow-remote-requests=yes*設(shè)置MSS值為1440

/ipfirewallmangleaddaction="change-mss"chain="forward"ment="change-mss"disabled=nonew-mss="1440"protocol="tcp"tcp-flags="syn"*設(shè)置input

/ipfirewallmangleaddaction="mark-connection"chain="input"ment=""disabled=noin-interface="pppoe-out1"new-connection-mark="pppoe-out1_conn"passthrough=yes

/ipfirewallmangleaddaction="mark-connection"chain="input"ment=""disabled=noin-interface="pppoe-out2"new-connection-mark="pppoe-out2_conn"passthrough=yes*設(shè)置output

/ipfirewallmangleaddaction="mark-routing"chain="output"ment=""connection-mark="pppoe-out1_conn"disabled=nonew-routing-mark="to_pppoe-out1"passthrough=yes

/ipfirewallmangleaddaction="mark-routing"chain="output"ment=""connection-mark="pppoe-out2_conn"disabled=nonew-routing-mark="to_pppoe-out2"passthrough=yes*PCC設(shè)置

/ipfirewallmangleaddaction="mark-connection"chain="prerouting"ment=""disabled=nodst-address-type="!local"in-interface="lan1"new-connection-mark="pppoe-out1_conn"passthrough=yesper-connection-classifier="both-addresses:2/0"src-address="192.168.1.0/24"

/ipfirewallmangleaddaction="mark-connection"chain="prerouting"ment=""disabled=nodst-address-type="!local"in-interface="lan1"new-connection-mark="pppoe-out2_conn"passthrough=yesper-connection-classifier="both-addresses:2/1"src-address="192.168.1.0/24"/ipfirewallmangleaddaction="mark-routing"chain=preroutingment=""connection-mark="pppoe-out1_conn"disabled=noin-interface="lan1"new-routing-mark="to_pppoe-out1"passthrough=yessrc-address="192.168.1.0/24"

/ipfirewallmangleaddaction="mark-routing"chain=preroutingment=""connection-mark="pppoe-out2_conn"disabled=noin-interface="lan1"new-routing-mark="to_pppoe-out2"passthrough=yessrc-address="192.168.1.0/24"/iprouteaddment=1disabled=nodistance=1dst-address="0.0.0.0/0"gateway="pppoe-out1"routing-mark="to_pppoe-out1"check-gateway="ping"

/iprouteaddment=2disabled=nodistance=1dst-address="0.0.0.0/0"gateway="pppoe-out2"routing-mark="to_pppoe-out2"check-gateway="ping"/iprouteaddcheck-gateway="ping"ment="pppoe-out1"disabled=nodistance="10"dst-address="0.0.0.0/0"gateway="pppoe-out1"

/iprouteaddcheck-gateway="ping"ment="pppoe-out2"disabled=nodistan

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

最新文檔

評論

0/150

提交評論