Linux Policy Routing Instance resolution

1. Preface

The company's servers use dual ISP access in order to avoid a single point of failure. That is, Unicom and telecommunications are connected. Unicom's line is 100M, as the first choice, the telecommunications line for 30M, when the Unicom line failure, the first switch to the telecommunications line emergency.

But because the telecommunications line idle is wasted, combined with the needs of the business, in a master server at the same time configured the public IP and a private network IP, the private network IP mapping is the public network of Unicom IP.

Then the problem arises, how to configure the route, when there is data need to transfer, he will choose which line to go out, if you are equipped with two gateways, will there be a problem? Linux is obviously not that smart. This is when strategic routing shines.

2. Operation

(1) Configure IP

bond0:192.168.0.36 mapped Unicom IP, gateway for 192.168.0.1 (link aggregation done here, not repeat)

Eth1:1.202.xxx. Xx

Network card as configured above, mapped network card file has gateway option, directly configured public IP address is not configured gateway

[Email protected] network-scripts]# vim ifcfg-bond0

DEVICE=BOND0//Do link aggregation, not repeat
ipaddr=192.168.0.3//IP Address
netmask=255.255.255.0//Subnet mask
gateway=192.168.0.1//Gateway
BROADCAST=192.168.0.255//Broadcast address
Nm_controlled=yes//Allow NetworkManager management (graphical interface)
Onboot=yes//Start-up
Bootproto=none//Static IP
Type=ethernet//Type Ethernet
Ipv6init=no//ipv6 not allowed
Userctl=no//Do not allow non-root users to control the device

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/83/60/wKioL1dx47SBcicuAAAh-snIu1U526.png "title=" Sogou 20160628104022.png "alt=" Wkiol1dx47sbcicuaaah-sniu1u526.png "/>

[Email protected] network-scripts]# vim ifcfg-eth1

Device=eth1
Hwaddr=78:2b:cb:69:39:77
Nm_controlled=yes
Onboot=yes
ipaddr=1.202.197.87
Bootproto=none
netmask=255.255.255.240
Type=ethernet
dns1=202.106.0.20
Ipv6init=no
Userctl=no

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/83/61/wKiom1dx5D6id0dlAAAhsSCwi9E116.png "title=" Sogou 20160628104242.png "alt=" Wkiom1dx5d6id0dlaaahsscwi9e116.png "/>

(2) Increase the routing table

[Email protected] ~]# Vim/etc/iproute2/rt_tables

251 CNC//Add a routing table CNC with a priority of 251
252 Tel//Add a route table Tel with a priority of 252

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/83/61/wKiom1dx5iTjVbaVAAADgWL8tTc229.png "title=" Sogou 20160628105047.png "alt=" Wkiom1dx5itjvbavaaadgwl8ttc229.png "/>

(3) Configure routing

IP route add default via 192.168.0.1 dev bond0 table cnc//Add route entry in CNC table
IP route add default via 1.202.XXX. XX Dev eth1 Table Tel//Add a route entry in the Tel table
IP rule add from 192.168.0.0/24 table CNC//192.168.0.0/24 using the CNC routing table
IP rule add from 1.202.XXX. XX/28 Table Tel//1.202.xxx. XX/28 using the Tel routing table

(4) View the routing table

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/83/60/wKioL1dx6d6yEXLpAAAx4bhl_Ds813.png "title=" Sogou 20160628110641.png "alt=" Wkiol1dx6d6yexlpaaax4bhl_ds813.png "/>

This article is from the "Court of the Odd Tree" blog, please be sure to keep this source http://zhangdl.blog.51cto.com/11050780/1793546

Linux Policy Routing Instance resolution