Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
использование_двух_isp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
использование_двух_isp [2011/01/28 16:50]
val 		использование_двух_isp [2017/09/20 12:53]
val [Использование двух ISP]
Line 1: Line 1:
 ====== Использование двух ISP ====== ====== Использование двух ISP ======
  
-===== Исходная настройка стенда ===== +  * [[http://​www.anticisco.ru/​blogs/​2011/​05/​введение-в-cisco-oerpfr/|Введение в Cisco OER/PfR]]
-<​code>​ +
-router(config)#​ip name-server 172.16.1.254 +
-router(config)#​ip name-server 172.16.2.254 +
- +
-router(config)#​ip dhcp pool LAN +
-router(dhcp-config)#​dns-server 172.16.1.254 172.16.2.254 +
- +
-server# cat /etc/​resolv.conf +
-search corpX.un +
-nameserver 172.16.1.254 +
-nameserver 172.16.2.254 +
-</code>+
  
 ===== Настройка роутера на использование двух провайдеров ===== ===== Настройка роутера на использование двух провайдеров =====
 <​code>​ <​code>​
 +interface FastEthernet0/​0
 + ​description connect to ISP2
 + ​duplex full
 + ip address 172.16.2.X 255.255.255.0
 + ip nat outside
 + no shutdown
 +
 +ip name-server 172.16.2.254
 +
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
 ip access-list standard ACL_REDIRECT_ISP2 ip access-list standard ACL_REDIRECT_ISP2
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 +
 +no ip nat inside source list ACL_NAT interface FastEthernet1/​1 overload
  
 ip nat inside source list ACL_REDIRECT_ISP1 interface FastEthernet1/​1 overload ip nat inside source list ACL_REDIRECT_ISP1 interface FastEthernet1/​1 overload
Line 35: Line 34:
  
 interface FastEthernet1/​0 interface FastEthernet1/​0
- ​description connetc to LAN 
- ip address 192.168.X.1 255.255.255.0 
- ip nat inside 
  ip policy route-map RM_REDIRECT_ISP  ip policy route-map RM_REDIRECT_ISP
- 
-interface FastEthernet1/​1 
- ​description connect to ISP1 
- ip address 172.16.1.X 255.255.255.0 
- ip nat outside 
- 
-interface FastEthernet0/​0 
- ​description connect to ISP2 
- ip address 172.16.2.X 255.255.255.0 
- ip nat outside 
 </​code>​ </​code>​
  
 ===== Переключение каналов ===== ===== Переключение каналов =====
- 
-==== Тестирование провайдеров с роутера ==== 
-<​code>​ 
-server# cat route_isp1.cfg 
-no ip route 0.0.0.0 0.0.0.0 172.16.2.254 
-ip route 0.0.0.0 0.0.0.0 172.16.1.254 
- 
-server# cat route_isp2.cfg 
-no ip route 0.0.0.0 0.0.0.0 172.16.1.254 
-ip route 0.0.0.0 0.0.0.0 172.16.2.254 
- 
-server# rcp route_isp1.cfg router:​running-config 
-server# rsh router ping ya.ru 
- 
-server# rcp route_isp2.cfg router:​running-config 
-server# rsh router ping ya.ru 
-</​code>​ 
  
 ==== Фрагменты конфигураций роутера ==== ==== Фрагменты конфигураций роутера ====
  
-=== Доступен ISP1 ===+=== Доступны оба ISP ===
 <​code>​ <​code>​
-server# cat isp1.cfg+server# cat isp1_isp2.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
- permit 192.168.100+X.0 0.0.0.255+ deny any
 ip access-list standard ACL_REDIRECT_ISP2 ip access-list standard ACL_REDIRECT_ISP2
 + ​permit 192.168.100+X.0 0.0.0.255
  deny any  deny any
 end end
 </​code>​ </​code>​
-=== Доступен ​ISP2 ===+=== Доступен ​ISP1 ===
 <​code>​ <​code>​
-server# cat isp2.cfg+server# cat isp1.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
- deny any 
-ip access-list standard ACL_REDIRECT_ISP2 
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 +ip access-list standard ACL_REDIRECT_ISP2
 + deny any
 end end
 </​code>​ </​code>​
-=== Доступны оба ISP ===+=== Доступен ISP2 ===
 <​code>​ <​code>​
-server# cat isp1_isp2.cfg+server# cat isp2.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
- permit 192.168.X.0 0.0.0.255+ deny any
 ip access-list standard ACL_REDIRECT_ISP2 ip access-list standard ACL_REDIRECT_ISP2
 + ​permit 192.168.X.0 0.0.0.255
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 end end
 </​code>​ </​code>​
 +
  
 ==== Переключение в ручном режиме ==== ==== Переключение в ручном режиме ====
 <​code>​ <​code>​
-server# rsh router ​"clear ip nat tr *" +cat /​etc/​resolv.conf 
 +</​code><​code>​ 
 +... 
 +nameserver 172.16.1.254 
 +nameserver 172.16.2.254 
 +</​code><​code>​ 
 +cat /​etc/​hosts 
 +</​code><​code>​ 
 +... 
 +192.168.X.1 ​    router 
 +</​code><​code>​
 server# rcp isp1.cfg router:​running-config server# rcp isp1.cfg router:​running-config
  
Line 117: Line 101:
  
 server# rcp isp1_isp2.cfg router:​running-config server# rcp isp1_isp2.cfg router:​running-config
 +
 +server# rsh router "clear ip nat tr *"
 +</​code>​
 +
 +==== Тестирование провайдеров с роутера ====
 +<​code>​
 +server# cat route_isp1.cfg
 +</​code><​code>​
 +no ip route 0.0.0.0 0.0.0.0 172.16.2.254
 +ip route 0.0.0.0 0.0.0.0 172.16.1.254
 +end
 +</​code><​code>​
 +server# cat route_isp2.cfg
 +</​code><​code>​
 +no ip route 0.0.0.0 0.0.0.0 172.16.1.254
 +ip route 0.0.0.0 0.0.0.0 172.16.2.254
 +end
 +</​code><​code>​
 +server# rcp route_isp1.cfg router:​running-config
 +server# rsh router ping ya.ru
 +
 +server# rcp route_isp2.cfg router:​running-config
 +server# rsh router ping ya.ru
 </​code>​ </​code>​
  
Line 123: Line 130:
 <​code>​ <​code>​
 server# cat select_isp.sh server# cat select_isp.sh
 +</​code><​code>​
 #!/bin/sh #!/bin/sh
 +
 +touch /​tmp/​conf_name
  
 rcp /​root/​route_isp1.cfg router:​running-config rcp /​root/​route_isp1.cfg router:​running-config
Line 139: Line 149:
 # echo /​root/​$conf_name # echo /​root/​$conf_name
 # exit 0 # exit 0
 +
 +test $conf_name = "`cat /​tmp/​conf_name`"​ && exit 0
 +
 +echo $conf_name > /​tmp/​conf_name
  
 rcp /​root/​$conf_name router:​running-config rcp /​root/​$conf_name router:​running-config
 +
 +rsh router "clear ip nat tr *"
 +
 exit 0 exit 0
 </​code><​code>​ </​code><​code>​
 +server# chmod +x select_isp.sh
 +
 +server# echo isp1_isp2.cfg > /​tmp/​conf_name
 +
 server# crontab -e server# crontab -e
 +</​code><​code>​
 */5 * * * * /​root/​select_isp.sh */5 * * * * /​root/​select_isp.sh
 </​code>​ </​code>​
- 
использование_двух_isp.txt · Last modified: 2017/09/20 13:30 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki