Linux Telecom China Netcom dual-line policy-Linux Enterprise Application-Linux server application information. The following is a detailed description. The current method is as follows: three NICs, eth0 is the LAN port, eth1 is the first WAN port, connect to the telecom line, eth2 is the second WAN port, and connect to the Netcom line. I have configured the IP address based on the fixed IP address. If you want PPPOE, configure the PPPOE part by yourself. Here I will mainly provide you with the policy part.
Then, add a route table marked as 100 to the system and a default gateway, which is the gateway provided by China Netcom. Why is the total number of Route tables in my post 100.
Ip route add 0/0 via 218. 59. *. * table 100
Configure the gateway for the system's main route table. The Gateway is a telecom gateway.
Ip route add 0/0 via 219. 146 .*.*
Then, add a routing rule to mark all the data queries to China Netcom as 100 route tables:
Ip rule add to 60.0.0.0/13 table 100
Ip rule add to 60.8.0.0/15 table 100
Ip rule add to 60.10.0.0/16 table 100
..........
There are many rules. There are more than 100 rules. It should be the complete IP address subnet of China Netcom. I will give the complete rules.
In this way, data destined for China Netcom will query route table 100, while data destined for other places will be directed to China Telecom if China Telecom is specified here. Of course, if there are more complex applications, such as the educational network line, I believe everyone knows how to do it, and then add a route table and a policy.
This configuration method has been used by friends in the north. I hope it will be helpful to you. Note that When configuring the network card, do not configure the gateway, do not use the old ifconfig command to configure the gateway, but use iproute2 to configure the gateway. Otherwise, a conflict may occur, alternatively, use the ip route replace command to replace the ip route add command.
The configuration file is as follows: (the configuration of port filtering is not included. You can configure the configuration as needed.) Actually, attachments can only be uploaded in jpg and gif. I added a. jpg extension to the footer and right-clicked the file to remove it, change it back.
# For ChinaUnix By Fushuyong, Wuhan
#! /Bin/sh
Echo "1">;/proc/sys/net/ipv4/ip_forward
/Sbin/modprobe ip_conntrack_ftp
/Sbin/modprobe ip_nat_ftp
# NAT the two red inte *** ce
/Sbin/iptables-t nat-a postrouting-o eth1-j MASQUERADE
/Sbin/iptables-t nat-a postrouting-o eth2-j MASQUERADE
# Add a route table name 100 for CNC addresses
Ip route add 0/0 via 219. 146 .*.*
Ip route add 0/0 via 218. 59. *. * table 100
# Add the route rules for the CNC addresses
Ip rule add to 60.0.0.0/13 table 100
Ip rule add to 60.8.0.0/15 table 100
Ip rule add to 60.10.0.0/16 table 100
Ip rule add to 60.12.0.0/16 table 100
Ip rule add to 60.13.0.0/18 table 100
Ip rule add to 60.13.128.0/17 table 100
Ip rule add to 60.16.0.0/12 table 100
Ip rule add to 60.208.0.0/13 table 100
Ip rule add to 60.216.0.0/15 tables 100
Ip rule add to 60.220.0.0/14 table 100
Ip rule add to 61.48.0.0/13 table 100
Ip rule add to 61.133.0.0/17 table 100
Ip rule add to 61.135.0.0/16 table 100
Ip rule add to 61.136.64.0/18 table 100
Iprule add to 61.137.128.0/17 table 100
Ip rule add to 61.138.0.0/17 table 100
Ip rule add to 61.138.128.0/18 table 100
Ip rule add to 61.139.128.0/18 table 100
Ip rule add to 61.148.0.0/15 table 100
Ip rule add to 61.156.0.0/16 table 100
Ip rule add to 61.158.128.0/17 table 100
Ip rule add to 61.159.0.0/18 table 100
Ip rule add to 61.161.0.0/18 table 100
Ip rule add to 61.161.128.0/17 table 100
Ip rule add to 61.167.0.0/16 table 100
Ip rule add to 61.168.0.0/16 table 100
Ip rule add to 61.176.0.0/16 table 100
Ip rule add to 61.179.0.0/16 table 100
Ip rule add to 61.180.128.0/17 table 100
Ip rule add to 61.181.0.0/16 table 100
Ip rule add to 61.182.0.0/16 table 100
Ip rule add to 61.189.0.0/17 table 100
Ip rule add to 202.96.0.0/18 table 100
Ip rule add to 202.96.64.0/19 table 100
Ip rule add to 202.97.128.0/17 table 100
Ip rule add to 202.98.0.0/19 table 100
Ip rule add to fig/16 table 100
Ip rule add to 202.102.128.0/18 table 100
Ip rule add to fig/19 table 100
Ip rule add to fig/16 table 100
Ip rule add to 202.107.0.0/17 table 100
Ip rule add to fig/16 table 100
Ip rule add to 202.110.0.0/17 table 100
Ip rule add to 202.110.192.0/18 table 100
Ip rule add to fig/18 table 100
Ip rule add to 218.7.0.0/16 table 100
Ip rule add to 218.8.0.0/14 table 100
Ip rule add to 218.12.0.0/16 table 100
Ip rule add to 218.24.0.0/14 table 100
Ip rule add to 218.28.0.0/15 tables 100
Ip rule add to 218.56.0.0/14 table 100
Ip rule add to 218.60.0.0/15 tables 100
Iprule add to 218.67.128.0/17 table 100
Ip rule add to 218.68.0.0/15 tables 100
Ip rule add to fig/14 table 100
Ip rule add to 221.4.0.0/15 table 100
Ip rule add to fig/16 table 100
Ip rule add to 221.7.0.0/18 table 100
Ip rule add to 221.7.64.0/19 table 100
Ip rule add to 221.7.128.0/17 table 100
Ip rule add to fig/15 table 100
Ip rule add to fig/16 table 100
Iprule add to 221.11.128.0/18 table 100
Ip rule add to fig/17 table 100
Ip rule add to 221.11.192.0/19 table 100
Ip rule add to 221.12.0.0/17 table 100
Ip rule add to 221.12.128.0/18 table 100
Ip rule add to 221.13.0.0/18 table 100
Ip rule add to 221.13.64.0/19 table 100
Ip rule add to 221.13.128.0/17 table 100
Ip rule add to 221.14.0.0/15 table 100
Ip rule add to 221.192.0.0/14 table 100
Ip rule add to 221.196.0.0/15 table 100
Ip rule add to fig/16 table 100
Ip rule add to 221.199.0.0/19 table 100
Ip rule add to 221.199.32.0/20 table 100
Ip rule add to 221.199.128.0/18 table 100
Ip rule add to 221.199.192.0/20 table 100
Ip rule add to 221.200.0.0/14 table 100
Ip rule add to 221.204.0.0/15 table 100
Ip rule add to 221.207.0.0/18 table 100
Ip rule add to 221.208.0.0/14 table 100
Ip rule add to 221.212.0.0/15 table 100
Ip rule add to 221.216.0.0/13 table 100
Ip rule add to 222.128.0.0/12 table 100
Ip rule add to 222.160.0.0/15 table 100
Ip rule add to 222.162.0.0/16 table 100
Ip rule add to 222.163.0.0/19 table 100
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
