電腦上網;
4.三塊網卡分別為eth0,eth1,eth2;eth0的IP為192.168.2.254,接192.168.2.1;eth2的IP為
172.16.1.2,接光纖網關172.16.1.1;eth1為內部網關,IP為10.10.20.1
4.聯通ADSL內部網關為192.168.2.1,鐵通光纖內部網關為172.16.1.1。 二.根據要求串連網線
三.配置網卡(只給eth0配置網關,其他兩個網卡只有IP)
# cat
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0BOOTPROTO=static
ONBOOT=yes
HWADDR=00:0c:29:0b:17:bd
GATEWAY=192.168.2.1
IPADDR=192.168.2.254
NETMASK=255.255.255.0 # cat
/etc/sysconfig/network-scripts/ifcfg-eth2DEVICE=eth2
BOOTPROTO=static
ONBOOT=yes
HWADDR=00:0c:29:0b:17:d1
IPADDR=172.16.1.2
NETMASK=255.255.255.0 # cat
/etc/sysconfig/network-scripts/ifcfg-eth1DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
HWADDR=00:0c:29:0b:17:c7
IPADDR=10.10.20.1
NETMASK=255.255.255.0
配置完網卡後重啟網路
#
/etc/init.d/network resatrt
查看路由表# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
有一條是169.254.0.0/24的路由不用管,是網卡內建的,也可以刪了。
此時測試網路的連通性,在這台linux路由上應該是可以上網的,走192.168.2.1網關。
三.添加靜態路由,達到雙線接入,按目的地址走不同的網關的目的。
1.命令添加
# route add -net 59.151.100.0 netmask 255.255.255.0 dev eth2
# route add -host 219.232.254.162 gw 172.16.1.1
第一條添加通往網段的靜態路由
第二條添加通往主機的靜態路由
2.設定檔添加
寫入設定檔,linux靜態路由的設定檔預設是不存的,要建立這個檔案static-routes,位置在/etc/sysconfig/static-routes,寫入設定檔後,開機自動載入。格式為:
any|內部主機地址 net|host 目的IP|目的網段 [netmask] gw 網關IP
[root@localhost ~]# cat /etc/sysconfig/static-routes
any net 59.151.100.0 netmask 255.255.255.0 gw 172.16.1.1
any host 219.232.254.162 gw 172.16.1.1
3.再查看路由表:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
219.232.254.162 172.16.1.1 255.255.255.255 UGH 0 0 0 eth2
10.10.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
59.151.100.0 172.16.1.1 255.255.255.0 UG 0 0 0 eth2
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
發現多了兩條路由,一個主機路由,一個網段路由
4.在這台linux路由上測試:
先測試連接59.151.100.0/24網段的一台機器,發現走的是光纖網關。
[root@localhost ~]# tracert 59.151.100.210
traceroute to 59.151.100.210 (59.151.100.210), 30 hops max, 40 byte packets
1 localhost (172.16.1.1) 2.531 ms 2.197 ms 2.164 ms
2 localhost (192.168.2.252) 3.526 ms 3.497 ms 3.099 ms
3 localhost (10.60.32.254) 6.996 ms 7.016 ms 7.357 ms
4 localhost (10.0.30.9) 6.448 ms 6.171 ms 6.142 ms
5 localhost (10.0.30.34) 6.496 ms 6.502 ms 6.492 ms
6 localhost (172.16.0.254) 6.018 ms 1.881 ms 3.086 ms
7 localhost (192.168.1.13) 2.913 ms 4.565 ms 4.006 ms
8 218.240.255.10 (218.240.255.10) 2.600 ms 2.517 ms 3.047 ms
9 218.240.255.241 (218.240.255.241) 2.105 ms 2.974 ms 2.652 ms
10 218.240.255.26 (218.240.255.26) 4.926 ms 5.082 ms 4.586 ms
11 219.232.59.1 (219.232.59.1) 4.097 ms 3.225 ms 2.919 ms
12 59.108.1.102 (59.108.1.102) 3.628 ms * *
13 59.108.1.90 (59.108.1.90) 4.589 ms * *
14 * * *
15 * * *
16 * * *
17 * 59.151.96.66 (59.151.96.66) 3.852 ms 5.057 ms
18 59.151.100.210 (59.151.100.210) 6.729 ms 6.731 ms 6.049 ms
測試連接219.232.254.162主機,發現走的也是光纖網關。
traceroute to 219.232.254.162 (219.232.254.162), 30 hops max, 40 byte packets
1 localhost (172.16.1.1) 1.980 ms 1.469 ms 1.926 ms
2 localhost (192.168.2.252) 5.869 ms 5.841 ms 5.812 ms
3 localhost (10.60.32.254) 5.918 ms 5.913 ms 5.924 ms
4 localhost (10.0.30.9) 5.686 ms 5.792 ms 5.387 ms
5 localhost (10.0.30.34) 6.322 ms 6.406 ms 6.223 ms
6 localhost (172.16.0.254) 5.669 ms 3.413 ms 3.287 ms
7 localhost (192.168.1.13) 2.791 ms 5.075 ms 5.023 ms
8 218.240.255.10 (218.240.255.10) 2.984 ms 3.417 ms 3.188 ms
9 218.240.255.241 (218.240.255.241) 3.097 ms 2.916 ms 4.389 ms
10 218.240.255.26 (218.240.255.26) 3.922 ms 4.137 ms 3.616 ms
11 219.232.59.1 (219.232.59.1) 2.870 ms 3.733 ms 3.167 ms
12 59.108.2.1 (59.108.2.1) 6.004 ms 3.801 ms 4.136 ms
13 59.108.1.33 (59.108.1.33) 5.308 ms 6.610 ms 7.619 ms
14 61.51.26.233 (61.51.26.233) 2.846 ms 4.393 ms 4.551 ms
15 211.154.208.189 (211.154.208.189) 4.015 ms 4.671 ms 3.869 ms
16 124.65.58.129 (124.65.58.129) 3.639 ms 4.204 ms 4.020 ms
17 61.148.156.221 (61.148.156.221) 4.437 ms 6.424 ms 4.802 ms
18 61.148.143.22 (61.148.143.22) 3.644 ms 5.328 ms 4.989 ms
19 202.96.8.242 (202.96.8.242) 6.387 ms 3.118 ms 3.102 ms
20 210.74.178.206 (210.74.178.206) 3.464 ms 3.643 ms 3.948 ms
21 * * *
22 124.238.226.70 (124.238.226.70) 8.913 ms 8.960 ms 9.608 ms
23 124.238.226.38 (124.238.226.38) 18.139 ms 22.649 ms 18.481 ms
24 124.238.225.142 (124.238.225.142) 10.596 ms 15.792 ms *
25 (219.232.254.162) 8.709 ms 8.678 ms 8.230 ms
再測試其他公網的一個網路,發現走的是ADSL
[root@localhost ~]# tracert
www.qq.com
traceroute to www.qq.com (61.135.167.36), 30 hops max, 40 byte packets
1 localhost (192.168.2.1) 4.677 ms 5.108 ms 6.052 ms
2 125.34.48.1 (125.34.48.1) 27.930 ms 28.141 ms 29.223 ms
3 61.148.16.105 (61.148.16.105) 17.638 ms 18.765 ms 21.330 ms
4 61.148.4.101 (61.148.4.101) 22.597 ms 23.585 ms 24.703 ms
5 bt-228-069.bta.net.cn (202.106.228.69) 28.633 ms 30.101 ms *
6 * 61.148.155.226 (61.148.155.226) 12.302 ms 14.001 ms
7 202.106.43.18 (202.106.43.18) 14.700 ms 16.148 ms 17.596 ms
8 61.135.167.36 (61.135.167.36) 18.788 ms 20.160 ms 22.228 ms
四.添加iptable規則,讓內網機器也能按不同目的地址走不同網關,從面達到最終目的。
1.把內網的機器IP設定成10.10.20.0/24網段,網關為10.10.20.1,並串連網路,發現串連不了,因為沒有到達外網的路由。
2.添加iptables規則,做IP偽裝。
# cat iptables_squid.sh
#!/bin/bash
echo "1" >
/proc/sys/net/ipv4/ip_forward
iptables -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -s 10.10.20.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.10.20.0/24 -o eth2 -j MASQUERADE
# eth0,eth2為兩個外網介面,為出口
五.添加完成之後在內網機器上再測試
C:\Documents and Settings\Administrator>ipconfig
Windows IP Configuration
Ethernet adapter 本地串連:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.10.20.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.20.1
C:\Documents and Settings\Administrator>tracert 59.151.100.21
Tracing route to 59.151.100.210 over a maximum of 30 hops
1 1 ms <1 ms <1 ms localhost [10.10.20.1]
2 1 ms 1 ms <1 ms localhost [172.16.1.1]
3 1 ms <1 ms <1 ms localhost [192.168.2.252]
4 1 ms <1 ms 1 ms localhost [10.60.32.254]
5 2 ms 1 ms 1 ms localhost [10.0.30.9]
6 1 ms <1 ms <1 ms localhost [10.0.30.34]
7 <1 ms <1 ms <1 ms localhost [172.16.0.254]
8 1 ms 1 ms 1 ms localhost [192.168.1.13]
9 1 ms 1 ms 1 ms 218.240.255.10
10 1 ms 1 ms 1 ms 218.240.255.241
11 1 ms 1 ms 1 ms 218.240.255.26
12 1 ms 1 ms 1 ms 219.232.59.1
13 4 ms 2 ms 3 ms 59.108.1.102
14 2 ms 2 ms 2 ms 59.108.1.90
15 2 ms 2 ms 1 ms 211.151.224.154
16 2 ms 3 ms 1 ms 211.151.227.218
17 2 ms 2 ms 2 ms 211.151.227.46
18 3 ms 2 ms 3 ms 59.151.96.66
19 2 ms 3 ms 2 ms 59.151.100.210
Trace complete.
與在linux路由上相比,增加了一跳,共19跳,並且出口網關為172.16.1.1,正確!
C:\Documents and Settings\Administrator>tracert www.qq.com
Tracing route to www.qq.com [61.135.167.36]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms localhost [10.10.20.1]
2 2 ms 1 ms <1 ms localhost [192.168.2.1]
3 66 ms 36 ms 30 ms 125.34.48.1
4 20 ms 18 ms 18 ms 61.148.16.105
5 21 ms 28 ms 18 ms 61.148.4.101
6 18 ms 19 ms 19 ms bt-228-069.bta.net.cn [202.106.228.69]
7 26 ms 42 ms 21 ms 61.148.155.226
8 22 ms 19 ms 19 ms 202.106.43.18
9 24 ms 20 ms 33 ms 61.135.167.36
Trace complete.
與在linux路由上相比,增加了一跳,共9跳,並且出口網關為192.168.2.1,正確!
六.可以根據自己的需求再添加靜態路由!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
