Linux dual-Network Policy Routing script instance-(better)
Source: Internet
Author: User
Linux dual-Network Policy Routing script instance-(better)-Linux Enterprise Application-Linux server application information, the following is a detailed description. The dual-network architecture is much more complex than the single-network architecture.
First install the Linux advanced route package and use the ip commands in it.
# Apt-get install iproute
Create two tables first
Modify
/Etc/iproute2/rt_tables:
Add t1 user-defined number 10
Add t2 custom number 20
Code:
########################################
#
# Reserved values
#
255 local
254 main
253 default
0 unspec
#
# Local
#
10 T1
20 T2
########################################
Then copy the cnc_1_net and ctc_1_net in the attachment to the/etc directory, because the following script will be used.
Cnc_w.net is the ip address segment of China Netcom.
Ctc_w.net is the ip address segment of China Telecom.
We need to edit a script.
########################################
#! /Bin/sh
# IF1 is the network interface of China Netcom
IF1 = "eth0"
# IF2 is an Intranet Network Interface
IF2 = "eth2"
# IF0 is the network interface of China Telecom
IF0 = "eth1"
# IP1 is the IP address of China Netcom
IP1 = "221.8.60.54"
# IP2 is the Telecom IP Address
IP2 = "222.1611.186"
# P1 is the gateway of China Netcom
P1 = "221.8.60.53"
# P2 is the gateway of China Telecom
P2 = "222.1611.185"
# P1_NET is the network segment of China Netcom. The netmask 30 indicates that four ip addresses are assigned. If the ip address is 8, 29 is required.
P1_NET = "221.8.60.52/30"
# P2_NET is the China Telecom CIDR Block
P2_NET = "222.1611.184/30"
# P0_NET is an intranet segment
P0_NET = "192.168.0.0/24"
Ip rule list | grep T | while read line; do
POS4 = 'echo $ line | awk \ '{print $4 }\''
If ["$ POS4" = "to"]
Then
DST = 'echo $ line | awk \ '{print $5 }\''
RT = 'echo $ line | awk \ '{print $7 }\''
Ip rule del to $ DST table $ RT
Fi
If ["$ POS4" = "lookup"]
Then
SRC = 'echo $ line | awk \ '{print $3 }\''
RT = 'echo $ line | awk \ '{print $5 }\''
Ip rule del from $ SRC table $ RT
Fi
Done
If [! -Z $ IP1]
Then
Ip route replace $ P1_NET dev $ IF1 src $ IP1
Ip route add $ P1_NET dev $ IF1 src $ IP1 table T1
Ip route add $ P0_NET dev $ IF0 table T1
Ip route add 127.0.0.0/8 dev lo table T1
Ip route add $ P1_NET dev $ IF1 table T2
Ip route replace default via $ P1 dev $ IF1 table T1
Ip rule add from $ IP1 table T1
WAN_RT1 = "nexthop via $ P1 dev $ IF1 weight 1"
Fi
If [! -Z $ IP2]
Then
Ip route replace $ P2_NET dev $ IF2 src $ IP2
Ip route add $ P2_NET dev $ IF2 src $ IP2 table T2
Ip route add $ P0_NET dev $ IF0 table T2
Ip route add 127.0.0.0/8 dev lo table T2
Ip route add $ P2_NET dev $ IF2 table T1
Ip route replace default via $ P2 dev $ IF2 table T2
Ip rule add from $ IP2 table T2
WAN_RT2 = "nexthop via $ P2 dev $ IF2 weight 1"
Fi
WAN_RT3 = "$ WAN_RT1 $ WAN_RT2"
# Use China Netcom as the default gateway. For China Telecom, change $ WAN_RT1 to $ WAN_RT2.
Ip route replace default scope global $ WAN_RT1
# Use two gateways for Load Balancing (generally not needed)
# Ip route replace default equalize scope global $ WAN_RT3
Ip route flush cache
If [-s/etc/ctc_1_net]
Then
While read LINE
Do
Case $ LINE in
\\#*);;
*)
Ip rule add to $ LINE table T2
;;
Esac
Done </etc/ctc_javasnet
Fi
If [-s/etc/cnc_1_net]
Then
While read LINE
Do
Case $ LINE in
\\#*);;
*)
Ip rule add to $ LINE table T1
;;
Esac
Done </etc/cnc_1_net
Fi
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.