This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервисы_gateway_и_routing [2020/07/22 08:54] val |
сервисы_gateway_и_routing [2022/07/05 06:53] val [Debian/Ubuntu] |
||
---|---|---|---|
Line 13: | Line 13: | ||
net.ipv4.ip_forward = 1 | net.ipv4.ip_forward = 1 | ||
- | root@gate:~# cat /etc/sysctl.conf | + | root@gate:~# cat /etc/sysctl.d/20-my-forward.conf |
</code><code> | </code><code> | ||
- | ... | ||
net.ipv4.ip_forward=1 | net.ipv4.ip_forward=1 | ||
- | ... | ||
</code><code> | </code><code> | ||
- | root@gate:~# sysctl -f | + | root@gate:~# sysctl -p --system |
</code> | </code> | ||
Line 47: | Line 45: | ||
# ip r add 192.168.Y.0/24 via 172.16.1.Y | # ip r add 192.168.Y.0/24 via 172.16.1.Y | ||
+ | |||
+ | # ip r del 192.168.Y.0/24 | ||
</code> | </code> | ||
Line 123: | Line 123: | ||
=== Установка === | === Установка === | ||
- | |||
- | === FreeBSD === | ||
- | <code> | ||
- | [gate:~] # pkg install quagga | ||
- | |||
- | [gate:~] # cd /usr/local/etc/quagga/ | ||
- | </code> | ||
=== Debian/Ubuntu === | === Debian/Ubuntu === | ||
Line 152: | Line 145: | ||
enable password zebra | enable password zebra | ||
</code> | </code> | ||
- | |||
- | === Запуск === | ||
=== FreeBSD === | === FreeBSD === | ||
<code> | <code> | ||
- | [gate:~] # cat /etc/rc.conf | + | [gate:~] # pkg install quagga |
- | </code><code> | + | |
- | ... | + | [gate:~] # cd /usr/local/etc/quagga/ |
- | quagga_enable="YES" | + | |
- | quagga_daemons="zebra ospfd" | + | |
- | </code><code> | + | |
- | [gate:~] # /usr/local/etc/rc.d/quagga start | + | |
</code> | </code> | ||
- | === Debian === | + | === Запуск === |
+ | |||
+ | === Debian/Ubuntu === | ||
<code> | <code> | ||
# service zebra start | # service zebra start | ||
Line 173: | Line 162: | ||
</code> | </code> | ||
- | === Ubuntu === | + | === FreeBSD === |
<code> | <code> | ||
- | root@gate:~# cat /etc/quagga/daemons | + | [gate:~] # cat /etc/rc.conf |
</code><code> | </code><code> | ||
... | ... | ||
- | zebra=yes | + | quagga_enable="YES" |
- | ... | + | quagga_daemons="zebra ospfd" |
- | ospfd=yes | + | |
- | ... | + | |
</code><code> | </code><code> | ||
- | root@gate:~# chown -R quagga /etc/quagga/ | + | [gate:~] # /usr/local/etc/rc.d/quagga start |
- | + | ||
- | root@gate:~# service quagga start | + | |
</code> | </code> | ||
Line 266: | Line 251: | ||
# ip route show table all #Записи таблицы main отображаются без имени | # ip route show table all #Записи таблицы main отображаются без имени | ||
+ | # ip route show | ||
# ip route show table main #Все пакеты, для которых нет правил, обрабатываются маршрутами таблицы main | # ip route show table main #Все пакеты, для которых нет правил, обрабатываются маршрутами таблицы main | ||
Line 278: | Line 264: | ||
# ip route show table all | grep 'table 10[12]' | # ip route show table all | grep 'table 10[12]' | ||
- | # ip rule add from 192.168.X.0/25 table 101 | + | # ip rule show |
- | # ip rule add from 192.168.X.128/25 table 102 | + | |
- | # ip rule add from 192.168.X.0/24 to 192.168.X.0/24 table main | + | # ip rule add prio 100 from 192.168.X.0/24 to 192.168.X.0/24 table main |
+ | # ip rule add prio 200 from 192.168.X.0/25 table 101 | ||
+ | # ip rule add prio 300 from 192.168.X.128/25 table 102 | ||
# ip rule show | # ip rule show | ||
- | # ip rule del from 192.168.X.0/24 to 192.168.X.0/24 table main | + | # ip rule del prio 300 |
- | # ip rule del from any table 101 | + | # ip rule del prio 200 |
- | # ip rule del from any table 102 | + | # ip rule del prio 100 |
+ | |||
+ | # ip route del default via 172.16.1.254 table 101 | ||
+ | # ip route del default via 172.16.2.254 table 102 | ||
+ | |||
+ | # ip route flush table 101 | ||
+ | # ip route flush table 102 | ||
</code> | </code> | ||
Line 296: | Line 290: | ||
iptables -t nat -A POSTROUTING -o eth1 -s 192.168.X.0/24 -j SNAT --to-source 172.16.1.X | iptables -t nat -A POSTROUTING -o eth1 -s 192.168.X.0/24 -j SNAT --to-source 172.16.1.X | ||
- | iptables -t nat -A POSTROUTING -o eth3 -s 192.168.X.0/24 -j SNAT --to-source 172.16.2.X | + | iptables -t nat -A POSTROUTING -o eth2 -s 192.168.X.0/24 -j SNAT --to-source 172.16.2.X |
conntrack -F | conntrack -F | ||
Line 312: | Line 306: | ||
post-up ip rule add prio 100 from 192.168.X.0/24 to 192.168.X.0/24 table main | post-up ip rule add prio 100 from 192.168.X.0/24 to 192.168.X.0/24 table main | ||
post-up ip rule add prio 200 from 192.168.X.0/25 table 101 | post-up ip rule add prio 200 from 192.168.X.0/25 table 101 | ||
- | post-up ip rule add prio 200 from 192.168.X.128/25 table 102 | + | post-up ip rule add prio 300 from 192.168.X.128/25 table 102 |
| | ||
address 192.168.X.1 | address 192.168.X.1 |