Recently, the company has a need to use multiple ADSL access to a Linux server and do NAT use, but also to achieve bandwidth load balancing. After searching for some information on the Internet. Record the important points in the process and stay in standby.
1. Need to install RP-PPPOE, dialing required
2. Create a dial-up configuration file, take/etc/sysconfig/network-scripts/ifcfg-ppp309 as an example, do not need to copy according to the actual situation:)
Shell Command Example
[root@***** ~]# cat/etc/sysconfig/network-scripts/ifcfg-ppp309
Userctl=yes
Bootproto=dialup
name=dslppp309
device=ppp309
Type=xdsl
Onboot=no
Pidfile=/var/run/pppoe-adsl309.pid
Firewall=none
Ping=.
Pppoe_timeout=80
Lcp_failure=3
Lcp_interval=20
clampmss=1412
Connect_poll=6
Connect_timeout=60
Defroute=yes
Synchronous=no
Eth=eth4 #这里我使用物理网卡ETH4, remember to plug the cat's network cable into this network card, so that you can dial
provider=dslppp309
User=xxxxx #ADSL帐号
Peerdns=no
Demand=no
3. Create a dial-up password file
?
Shell Command Example
[root@**** ~]# Cat/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# Client Server Secret IP addresses
####### Redhat-config-network would overwrite this part!!! (BEGIN) ##########
####### Redhat-config-network would overwrite this part!!! (end) ############
"ADSL Account" * "Password"
4. Plug all the cats into a different physical network card. Follow the 2,3 step to add the profile and password at once.
5. Test dialing Now (then test the different profiles once, equal to test whether the different accounts can be dialed successfully, pay attention to whether the cat is loaded power, the network cable is inserted well)
?
Shell Command Example
/sbin/adsl-start/etc/sysconfig/network-scripts/ifcfg-ppp309
If the dial-up success, ifconfig after the display of PPP0 related information (note that there is no other physical network card information, you understand, but the actual combat does not affect the effect)
?
Shell Command Example
[root@**** ~] #ifconfig
Ppp0 Link Encap:point-to-point Protocol
inet addr:121.34.103.105 p-t-p:121.34.100.1 mask:255.255.255.255
Up Pointopoint RUNNING noarp multicast mtu:1492 metric:1
RX packets:54809 errors:0 dropped:0 overruns:0 frame:0
TX packets:57439 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 Txqueuelen:3
RX bytes:47257780 (45.0 MiB) TX bytes:4184643 (3.9 MiB)
Disconnect a dial-up connection
?
Shell Command Example
/sbin/adsl-stop/etc/sysconfig/network-scripts/ifcfg-ppp309
6. After all dial-up success, create the iptables rule now to allow the server to provide NAT (there are 4 adsl,ppp0~ppp3)
?
Shell Command Example
Iptables-t nat-f
Iptables-t Nat-x
Iptables-t nat-p prerouting ACCEPT
Iptables-t nat-p postrouting ACCEPT
Iptables-t nat-p OUTPUT ACCEPT
Iptables-t mangle-f
Iptables-t Mangle-x
Iptables-t mangle-p prerouting ACCEPT
Iptables-t mangle-p INPUT ACCEPT
Iptables-t mangle-p FORWARD ACCEPT
Iptables-t mangle-p OUTPUT ACCEPT
Iptables-t mangle-p postrouting ACCEPT
Iptables-f
Iptables-x
Iptables-p FORWARD ACCEPT
Iptables-p INPUT ACCEPT
Iptables-p OUTPUT ACCEPT
Iptables-t raw-f
Iptables-t Raw-x
Iptables-t raw-p prerouting ACCEPT
Iptables-t raw-p OUTPUT ACCEPT
####
Modprobe Ip_conntrack hashsize=30000
Iptables-t nat-a postrouting-s 10.13.0.0/255.255.0.0-o ppp0-j Masquerade
Iptables-t nat-a postrouting-s 10.13.0.0/255.255.0.0-o ppp1-j Masquerade
Iptables-t nat-a postrouting-s 10.13.0.0/255.255.0.0-o ppp2-j Masquerade
Iptables-t nat-a postrouting-s 10.13.0.0/255.255.0.0-o ppp3-j Masquerade
Iptables-t nat-a postrouting-s 10.13.0.0/255.255.0.0-o eth0-j Masquerade # (if ADSL fails, let's go to the default ETH0, standby strategy)
Iptables-a forward-s 10.13.0.0/16-j ACCEPT
Iptables-a forward-d 10.13.0.0/16-j ACCEPT
###
Iptables-a input-s 10.13.0.0/16-p icmp-j ACCEPT
Iptables-a input-m State--state related,established-j ACCEPT
Iptables-a input-s 127.0.0.1-j ACCEPT
Iptables-a input-d 127.0.0.1-j ACCEPT
IP route
7. To the current location, there is still a problem unresolved, how bandwidth of the load balance?
In fact, the main command can be done, you need to add a number of gateways ... Hey
?
Shell Command Example
IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop de V ppp3 weight 1
But there is still a problem ah, in case the ADSL down a swollen mody do it?
This problem, let the following script to solve it.
How the script works: every 5 seconds to detect the current ADSL connection status, if there is a drop line, the line kicked out of the Gateway collection (here 4 lines, you have a few on their own to modify the script ah, do not copy ... )
?
Shell Command Example
#!/bin/bash
#check PPP Status
#date: 2013-03-29
#by Minyoni
#
#
##########################################################################################################
IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop de V ppp3 weight 1
active_ppp_status= "15"
while (true)
Todo
ppp_status= "0"
If ["' Ifconfig | Awk-f "[:]" "/ppp0/{print" "" = "ppp0"]; Then
ppp_status= ' expr $PPP _status + 1 '
Fi
#
If ["' Ifconfig | Awk-f "[:]" "/ppp1/{print" "" = "ppp1"]; Then
ppp_status= ' expr $PPP _status + 2 '
Fi
#
If ["' Ifconfig | Awk-f "[:]" "/ppp2/{print" "" = "ppp2"]; Then
ppp_status= ' expr $PPP _status + 4 '
Fi
#
If ["' Ifconfig | Awk-f "[:]" "/ppp3/{print" "" = "ppp3"]; Then
ppp_status= ' expr $PPP _status + 8 '
Fi
###
If [$ACTIVE _ppp_status-ne $PPP _status]; Then
Case "$PPP _status" in
0)/root/check-ppp-status.sh
;;
1) IP route replace default via 120.197.94.1
;;
2) IP route replace default via 120.197.94.1
;;
3) IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev Ppp1 weight 1
;;
4) IP route replace default via 120.197.94.1
;;
5) IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp2 weight 1
;;
6) IP route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1
;;
7) IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1
;;
8) IP route replace default via 120.197.94.1
;;
9) IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
IP route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 Next Hop Dev ppp3 weight 1
;;
Esac
IP route Flush Cache
Fi
active_ppp_status= "$PPP _status"
Sleep 5
Done
Then, put it in the background to deal with the ...
?
Shell Command Example
1
Nohup SH You created the script name &
8. A number of subsequent explanations ...
View current routing conditions and gateways
?
Shell Command Example
IP route
Check the ADSL connection situation
Shell Command Example
IP link ls
In fact, you can modify the above script, if there is an abnormal connection, you can do email or SMS alarm, the main whether there is additional demand.
Yes, all right!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
