اطلاعیه

بستن
No announcement yet.

Linux loadbalancing with the outgoing

بستن
این موضوع بسته شده است.
X
X
 
 • فیلتر کردن
 • زمان
 • نمایش
Clear All
پست های جدید

 • Linux loadbalancing with the outgoing

  کد:
  http://alper.web.tr/2009/12/31/linux-ile-outgoing-loadbalancing/
  To use the output of multiple internet with Linux at the same time, and you are done with the help of iptables, iproute2 based on outgoing loadbalancing. Here's who method ECMP (Equel Cost multipath Routing) also known.

  Though this is configured in a variety of modems in the figure 5 example of link types may be any connection (PPPOE, Cable, MetroEth, GHDSL etc etc). Gateways can be reduced by as much as increments. I'm telling you how to do it through a different interface, but here are 2 different input and output at the point before I applied for a single interface with both (eth0) works as a linux without problems.
  • 1. must be configured properly ipforwarding.

  Chang­ing ip_forward = 1. ipv4 on the net.
  or
  echo "1″ >/proc/sys/net/ipv4/ip_forward
  To make the required settings in the version of linux that you used to be permanent, please note that for example in/etc/sysctl.conf.
  • 2. rt_tables

  Let's create the tables necessary for Multiple Routing table:
  root @: ~ # echo "10 gw1" >> linux/etc/iproute2/rt_tables
  root @: ~ # echo "gw2" >> linux/etc/iproute2/rt_tables
  root @: ~ # echo "30 gw3 22″ >> linux/etc/iproute2/rt_tables
  roo����������������������������������������������� �������������������������������������������������� �������������������������������������������������� �������������������������������������t@linux:~# echo “40 gw4″ >> /etc/iproute2/rt_tables
  root @: ~ # echo "50 gw5 22″ >> linux/etc/iproute2/rt_tables
  We have made to control the process. "cat/etc/iproute2/rt_tables", the information is persistent, there is no need to restart each time we entered. If you have, the more units we geçidimiz how many network.
  • 3. create the configuration alias's


  # our local interface '
  lint = "eth0"
  The # 1 Linux uses to achieve the Internet. -the gateway ip address
  gw1ip = "192.168.0.1"
  # Linux uses to achieve this gateway interface
  gw1int = "eth1"
  # Got to kullanmasakta, which may be the moment to Policie routing
  you're free to use the number that you want the value # fwmark.
  gw1mark = "1″
  # Linux uses to achieve its own 1-gateway to the ip address of eth1 interface
  gw1src = "192.168.0.2"
  # Write the individual disclosing the required settings for the Other gateways gw1
  We believe that, for example, they will have enough to comment #.
  gw2ip = "192.168.1.1"
  gw2int = "eth2"
  gw2mark = "2″
  gw2src = "192.168.1.2"
  # 3-gateway
  gw3ip = "192.0.2.1"
  gw3int = "eth3"
  gw3mark = "3″
  gw3src = "172.20.30.50 22″
  # 4-gateway
  gw4ip = "192.168.3.1 22″
  gw4int = "eth4 22″
  gw4mark = "4"
  gw4src = "192.168.3.2 22″
  # 5-gateway
  gw5ip = "192.168.4.1"
  gw5int = "eth5"
  gw5mark = "5″
  gw5src = "192.168.4.2"

  • 4. Routing tables, the network geçitlerimizi girelim.


  # iproute2 gateway x.x.x.x. uses to achieve this will be written into the rule table ZZ, YY is the interface.
  ip route add default via $ gw1 dev $ gw1int table gw1ip
  ip route add default via $ gw2 dev $ gw2int table gw2ip
  ip route add default via gw3ip dev $ $ gw3int table gw3
  ip route add default via gw4ip dev $ $ gw4int table gw4
  ip route add default via $ gw5ip $ gw5int table gw5-dev

  Note: 5 pieces into multiple routing table by a gateway, but there is still no system has its own gateway, defaultgateway that yapacağımızdan will not be gerekte in the example here, with the iproute2 roundrobbin roundrobbin disable Internet access possible from the Internet, it is important to remember that this machine, the çıkamayacağınızı and ulaşamayacağınızı now allow you to define as the default, which is a network for continuous use. Do not enter your DHCP or manual configuration of the interface to the gateway. If you don't know what you are doing you can make the problem more gateway Virden.
  as an example, the number 1 internet çıkışımızı default config.
  ip route add default via gw1int dev $ $ gw1ip


  • 5. sending packets to the corresponding tables marked with FWMARK


  # send to marklanmış packages for table gw1 gw1.

  ip rule add from all fwmark $ gw1mark table gw1
  # rules for other gateways.
  ip rule add from all fwmark $ gw2 gw2mark table
  ip rule add from all fwmark $ gw3mark table gw3
  ip rule add from all fwmark $ gw4mark table gw4
  ip rule add from all fwmark $ gw5mark table gw5


  There is no need for a simple internet sharing for these stages. Policie routing that will be needed to.

  • 6. to send the routing tables to which they belong, the packages necessary rule, girelim.  This ip addresses from yaptğınızda as this correctly (it is not for the subnetmask in threads) so that you can get the required.
  in the ip address of the outgoing packets to the table in the gw1 # gw1.
  ip rule add from $ gw1 gw1src table
  # gw1 ' from pkaetleri table of ip (this is not much to add, there is no need to assign the gw1 ' reason completely piskolojik
  # teknik bir sebep içermiyor )

  ip rule add to $gw1src table gw1  # diğer ağ geçitleri için kurallar :
  ip rule add from $gw2src table gw2
  ip rule add to $gw2src table gw2
  ip rule add from $gw3src table gw3
  ip rule add to $gw3src table gw3
  ip rule add from $gw4src table gw4
  ip rule add to $gw4src table gw4
  ip rule add from $gw5src table gw5
  ip rule add to $gw5src table gw5

  Kotrolü :

  Tüm interface lerden sırasıyla ping atarak kontrol edebilirsiniz.
  ping -I gw1int www.google.com.tr # veya aynı subnetmask de olmayan bir ip adresi

  • 7. Routing cache de daha önce kalan girdileri temizleyelim.


  ip route flush cache


  • 8. RoundRobbin ile gelen paketleri ağ geçitlerine dağıtalım.  ip route add equalize default scope global \
  nexthop via $gw1ip dev $gw1int weight 1 \
  nexthop via $gw2ip dev $gw2int weight 1 \
  nexthop via $gw3ip dev $gw3int weight 1 \
  nexthop via $gw4ip dev $gw4int weight 1 \
  nexthop via $gw5ip dev $gw5int weight 1

  • 9. NAT (In Masquerade)


  Looking to the İnternet network interface for the çıkışlarımız the following rules for iptables NATD wants a girmeliyiz. istemediğniz interface to do.
  iptables-t nat-j MASQUERADE-o $ gw1int POSTROUTING-A
  iptables-t nat-j MASQUERADE-o $ gw2int POSTROUTING-A
  iptables-t nat-j MASQUERADE-o $ gw3int POSTROUTING-A
  iptables-t nat-j MASQUERADE-o $ gw4int POSTROUTING-A
  iptables-t nat-j MASQUERADE-o $ gw5int POSTROUTING-A

  • 10. Policy Routing
  a) with iptables


  We want what we want to let go of the gateway by using iptables Matches the package işaretleyebiliriz.


  for example, the local interfaceimiz (eth0) to go to https requests from only 1 gateway.


  iptables-A PREROUTING-t mangle-p tcp-dport 443-I $ lint-j MARK--set-mark-$ gw1mark

  b) ip rule

  For example, incoming requests through the gateway ip address 1.1.1.1 1 fixed, we want to avoid.
  ip rule add from 1.1.1.1 to any table in the gw1

  It's been working with our Outgoing Linux router loadbalancer Roundrobbin
  داخل انجمن سوال کنید تا دیگران هم اگر مشکل شما را دارند یا برایشان در آینده پیش بیاید استفاده کنند. پیغام خصوصی برای جواب دادن به سوال نیست.
در حال انجام ...
X