Teach you how to use LINUX as an Internet cafe dual-line access server
Source: Internet
Author: User
Teach you how to use LINUX as the internet cafe dual-line access server-Linux Enterprise Application-Linux server application information. The following is a detailed description. On the Internet, I often see many friends asking a lot about how to set up an Internet cafe server on the linux platform. in the true sense, there are not many answers, after reading a lot of articles, we finally succeeded after continuous testing. So with this article, let's get started. I use the RED9 version, and the others are similar.
The installation process is very simple. After installation, we need to modify the following files:
The network file indicates the master network setting file.
Ifcfg-eth0 eth0 this file means Nic settings file
Ifcfg-eth1 eth1 this file means Nic settings file
Hosts indicates the network host name configuration.
Static-routes indicates a static route table file.
Rc. local IPTABLES indicates a script.
In sysctl. conf Linux, this file indicates that kernel IP Forwarding is enabled.
The directories corresponding to these files are:
/Etc/sysconfig/network
/Etc/sysconfig/network-scripts/ifcfg-eth0
/Etc/sysconfig/network-scripts/ifcfg-eth1
/Etc/hosts
/Etc/sysconfig/static-routes
/Etc/rc. d/rc. local
/Etc/sysctl. conf
First we modify the ifcfg-eth2 (we later connected to Netcom IP: 11.11.11.11) ifcfg-eth1 (Telecommunications IP: 22.22.22.22) and ifcfg-eth0 (Intranet) three files. This is the IP address file of the Nic!
The ifcfg-eth0 corresponds to your intranet IP address and gateway (of course, these can be set according to your actual situation, you want to make that do Intranet is no problem) and ifcfg-eth1 and ifcfg-eth2 is the Internet IP address and gateway.
Here is the content:
DEVICE = eth1 hardware DEVICE name
BOOTPROTO = static configuration method
BROADCAST = 192.168.0.255 BROADCAST address
IPADDR = 192.168.0.1 is your IP address
NETMASK = 255.255.255.0 Subnet Mask
NETWORK = 192.168.0.0 IP address of the entire NETWORK segment
GATEWAY = GATEWAY of 192.168.0.1
ONBOOT = yes whether to enable NIC (usually enabled by default)
Other network card settings are similar, so I will not talk nonsense.
After the settings are complete, set the host file, that is, set the Working Group.
After the above work is done, we modify sysctl. conf, that is, the IP Forwarding file. Here we must use IP forwarding. It can be written as follows:
Net. ipv4.ip _ forward = 1
Net. ipv4.conf. default. rp_filter = 1
Kernel. sysrq = 0
Then there is the static-routes file. This file is a static route table file! This file must be added! The syntax is as follows:
Next, modify the resolv file. This file is the address file of your DNS server. Syntax:
Nameserver (DNS server) 10.0.0.1
These are general setup problems, which are actually very simple. The following will make everyone better, that is, the two-line access strategy we need.
First, the IP address disguised as masquerade is used for packets sent from two WAN ports.
(The A mentioned above indicates append, append, and-I can also be used, but I is insert, Which is insert, which is inserted to the first entry by default)
Then, add a route table marked as 11 to the system and a default gateway, which is the gateway provided by China Netcom.
Ip route add 0/0 via 11.11.11.11table 11
Configure the gateway for the system's main route table. The Gateway is a telecom gateway.
Ip route add 0/0 via 22.22.22.22
Then add a routing rule to mark all the data queries to the network as the 11 route table:
Ip rule add to 60.0.0.0/13 table 11
Ip rule add to 60.8.0.0/15 table 11
Ip rule add to 60.10.0.0/16 table 11
..........
These rules can be used to learn from routeros. There are a lot of online rules, so I won't talk about them. If I don't have any, I can ask for them. I have MMS, and it should be comprehensive.
After setting all the data to access China Netcom, We will query route table 11, and the data to other places will go to China Telecom. (If there are other lines, you can add a route table and a policy)
Note that When configuring the network card, do not configure the gateway, do not use the old ifconfig command to configure the gateway, but use iproute2 to configure the gateway. Otherwise, a conflict may occur, alternatively, use the ip route replace command to replace the ip route add command.
Iptables-t nat-a postrouting-s 192.168.0.0/24-j SNAT -- to 218.62.3.3
In this way, a CIDR block can be automatically switched over to China Telecom.
Preliminary test: If the ip address is switched separately, the Intranet will coexist with two gateways, 192.168.0.254/24 192.168.2.254/24. The speed is stable and the expected effect can be achieved.
# Echo "200 DIANXIN" >;>;/etc/iproute2/rt_table (this is added to the file and can be executed once)
# Ip route replace default via 222.161.2 table DIANXIN
# Ip rule add fwmark 1 table DIANXIN (this attention sequence can be viewed using ip rule)
# Iptables-t nat-a postrouting-s 192.168.0.0/24-j SNAT -- to $ address for connecting to the network card of the China Netcom line
# Ip route flush cache
As a result, access 222.222.5.0/15 and 222.240.0.0/13 to go through the China Telecom Nic and China Telecom route, disguised as the China Telecom egress address.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
