本文章給各位同學介紹linux下多條ADSL實現頻寬負載平衡,希望此執行個體對各位同學會有所協助。
最近公司有個需求,需要使用多條 adsl 接入到一台linux 伺服器上並做NAT使用,而且要實現頻寬負載平衡。在網上搜尋一些資料後。把過程中重要點記錄一下,留以備用。
1.需要安裝rp-pppoe,撥號所需
2.建立撥號設定檔,以/etc/sysconfig/network-scripts/ifcfg-ppp309 為例,根據實際情況不必照抄 :)
shell命令範例
[root@***** ~]# cat /etc/sysconfig/network-scripts/ifcfg-ppp309
USERCTL=yes
BOOTPROTO=dialup
NAME=DSLppp309
DEVICE=ppp309
TYPE=xDSL
ONBOOT=no
PIDFILE=/var/run/pppoe-adsl309.pid
FIREWALL=NONE
PING=.
PPPOE_TIMEOUT=80
LCP_FAILURE=3
LCP_INTERVAL=20
CLAMPMSS=1412
CONNECT_POLL=6
CONNECT_TIMEOUT=60
DEFROUTE=yes
SYNCHRONOUS=no
ETH=eth4 #這裡我使用物理網卡ETH4,記得把貓的網線插在這個網卡上,這樣才能撥號
PROVIDER=DSLppp309
USER=XXXXX #ADSL帳號
PEERDNS=no
DEMAND=no
3.建立撥號的密碼檔案
?
shell命令範例
[root@**** ~]# cat /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
####### redhat-config-network will overwrite this part!!! (begin) ##########
####### redhat-config-network will overwrite this part!!! (end) ############
"ADSL帳號" * "密碼"
4.把所有的貓都插在不同的物理網卡上。按照2,3步驟一次添加設定檔和密碼。
5.現在測試撥號(然後一次測試不同設定檔,等同於測試不同的帳號是否都可以撥號成功,注意貓是否都載入電源,網線是否插好)
?
shell命令範例
/sbin/adsl-start /etc/sysconfig/network-scripts/ifcfg-ppp309
若撥號成功,ifconfig後顯示ppp0的相關資訊(注意這裡沒有給出其他物理網卡的資訊,你懂的,但實戰中並不影響效果)
?
shell命令範例
[root@**** ~]#ifconfig
ppp0 Link encap:Point-to-Point Protocol
inet addr:121.34.103.105 P-t-P:121.34.100.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:54809 errors:0 dropped:0 overruns:0 frame:0
TX packets:57439 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:47257780 (45.0 MiB) TX bytes:4184643 (3.9 MiB)
斷開撥號連線
?
shell命令範例
/sbin/adsl-stop /etc/sysconfig/network-scripts/ifcfg-ppp309
6.所有撥號成功後,現在建立iptables規則,讓伺服器提供NAT功能(這裡有4條ADSL,ppp0~ppp3)
?
shell命令範例
iptables -t nat -F
iptables -t nat -X
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -F
iptables -X
iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t raw -F
iptables -t raw -X
iptables -t raw -P PREROUTING ACCEPT
iptables -t raw -P OUTPUT ACCEPT
####
modprobe ip_conntrack hashsize=30000
iptables -t nat -A POSTROUTING -s 10.13.0.0/255.255.0.0 -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.13.0.0/255.255.0.0 -o ppp1 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.13.0.0/255.255.0.0 -o ppp2 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.13.0.0/255.255.0.0 -o ppp3 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.13.0.0/255.255.0.0 -o eth0 -j MASQUERADE #(若ADSL都失效的話,讓起走預設的ETH0,備用策略)
iptables -A FORWARD -s 10.13.0.0/16 -j ACCEPT
iptables -A FORWARD -d 10.13.0.0/16 -j ACCEPT
###
iptables -A INPUT -s 10.13.0.0/16 -p icmp -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -d 127.0.0.1 -j ACCEPT
ip route
7.到目前位置,還有一個問題沒有解決,如何頻寬的負載平衡?
其實主要一個命令即可搞定,需要添加多個網關嘛……嘿嘿
?
shell命令範例
ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
但還是有問題啊,萬一那條ADSL DOWN掉了腫麼辦呢?
這個問題,讓下面這個指令碼來解決吧。
指令碼工作原理:每隔5秒檢測當前ADSL連線的狀態,若有掉線的,將此線路踢出網關集合中(這裡4條線路,你有幾條就自己重新修改指令碼啊,千萬不要照抄……)
?
shell命令範例
#!/bin/bash
#check ppp status
#date:2013-03-29
#by minyoni
#
#
##########################################################################################################
ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
ACTIVE_PPP_STATUS="15"
while (true)
do
PPP_STATUS="0"
if [ "`ifconfig | awk -F"[ :]" '/ppp0/{print $1}'`" = "ppp0" ]; then
PPP_STATUS=`expr $PPP_STATUS + 1`
fi
#
if [ "`ifconfig | awk -F"[ :]" '/ppp1/{print $1}'`" = "ppp1" ]; then
PPP_STATUS=`expr $PPP_STATUS + 2`
fi
#
if [ "`ifconfig | awk -F"[ :]" '/ppp2/{print $1}'`" = "ppp2" ]; then
PPP_STATUS=`expr $PPP_STATUS + 4`
fi
#
if [ "`ifconfig | awk -F"[ :]" '/ppp3/{print $1}'`" = "ppp3" ]; then
PPP_STATUS=`expr $PPP_STATUS + 8`
fi
###
if [ $ACTIVE_PPP_STATUS -ne $PPP_STATUS ]; then
case "$PPP_STATUS" in
0) /root/check-ppp-status.sh
;;
1) ip route replace default via 120.197.94.1
;;
2) ip route replace default via 120.197.94.1
;;
3) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1
;;
4) ip route replace default via 120.197.94.1
;;
5) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp2 weight 1
;;
6) ip route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1
;;
7) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1
;;
8)ip route replace default via 120.197.94.1
;;
9) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp3 weight 1
;;
10) ip route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp3 weight 1
;;
11) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp3 weight 1
;;
12) ip route replace default equalize nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
13) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
14) ip route replace default equalize nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
15) ip route replace default equalize nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1 nexthop dev ppp2 weight 1 nexthop dev ppp3 weight 1
;;
esac
ip route flush cache
fi
ACTIVE_PPP_STATUS="$PPP_STATUS"
sleep 5
done
然後呢,放到後台去處理把……
?
shell命令範例
1
nohup sh 你建立的指令碼名 &
8.後續的一些交代……
察看當前路由情況和網關
?
shell命令範例
ip route
察看ADSL連線情況
shell命令範例
ip link ls
其實,可以修改上面的指令碼,如果有連線異常,可以做發郵件或簡訊警示,主要是否有額外需求了。
恩,好意淫完畢!