Allow multiple computers to access the Internet and configure routes for multiple connected ISPs
Source: Internet
Author: User
Article title: Route settings for connecting multiple computers to the Internet and connecting multiple ISPs. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
If you have two ISPs, use the following method to bind the two ISPs and perform load balancing to increase the bandwidth.
That is to say, if we have two monthly ADSL lines, we can change the bandwidth to 1 Mbps!
This involves two tasks.
1. traffic segmentation First, how to ensure that the same ISP is still used to respond to data packets from a certain ISP. Let's define some symbols first.
The name of the first Nic (if1) is $ IF1, and the second Nic is $ IF2.
Set $ IF1 to $ IP1 and $ IF2 to $ ip2.
In addition, set ISP1's Gateway address to $ P1 and ISP2's Gateway address to $ P2.
Finally, set the network address of $ P1 to $ P1_NET, and the network address of $ P2 to $ P2_NET.
Create two route tables, T1 and T2. Add to/etc/iproute2/rt_tables.
Set the routes in the two route tables as follows:
Ip route add $ P1_NET dev $ IF1 src $ IP1 table T1
Ip route add default via $ P1 table T1
Ip route add $ P2_NET dev $ IF2 src $ IP2 table T2
Ip route add default via $ P2 table T2
It's no big deal, but it just sets up a route to the Gateway and makes it the default gateway. it is responsible for a separate upstream stream, and this configuration is made for both ISPs.
It should be noted that the network route is necessary because it allows us to find the host in that subnet, including the Gateway above.
Next, set the "main" route table. It is a good way to route packets directly to the LAN connected to the NIC through the NIC. Pay attention to the "src" parameter, which ensures that the correct egress IP address is selected.
Ip route add $ P1_NET dev $ IF1 src $ IP1
Ip route add $ P2_NET dev $ IF2 src $ IP2
Then, set your default route:
Ip route add default via $ P1
Then, set the routing rules. In fact, the route table is used for routing. You need to check whether the corresponding source address exists when you route data packets from a given interface: What you need to ensure is that if you already have the corresponding source address, you should route the data packets from the corresponding Nic:
Ip rule add from $ IP1 table T1
Ip rule add from $ IP2 table T2
The above Command ensures that all response data will be returned from the original path of the network card from which they came. Now, the basic configuration is complete. This will work for all processes running on the vro, and will also work for the local LAN after the IP is disguised. If you do not pretend to be an ISP, you either have two ISP addresses or want to disguise one of the two ISPs. In either case, you must add rules based on the IP address of the packet sending host in the Lan and select the ISP route from.
2. server load balancer The second problem is how to balance the load of data flowing out through two ISPs. If you have successfully achieved traffic segmentation, this is not difficult. Different from selecting one of the two ISPs as the default route, this time the default route is set as a multi-channel route. In the default kernel, the two ISP routes are balanced.
As shown below (based on the previous traffic segmentation experiment ): Ip route add default scope global nexthop via $ P1 dev $ IF1 weight 1 nexthop via $ P2 dev $ IF2 weight 1 In this way, the routes of the two ISPs can be balanced. By adjusting the "weight" parameter, we can specify that the priority of one ISP is higher than that of the other.
It should be pointed out that the balance is based on routing, and the routing is buffered, so such a balance is not 100% accurate. That is to say, the same ISP is always used for a site that is frequently accessed. If you are not satisfied with this, you may need to refer to the following kernel patches of Julian Anastasov: Http://www.ssi.bg /~ Ja/ Julian's route patch makes up for the above defects. (It seems that I want to re-compile the kernel. I am not sure to PATCH it)
Is a common configuration. the same LAN (or even the same computer) is connected to the Internet through two ISPs.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.