User Tools

Site Tools


использование_двух_isp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
использование_двух_isp [2011/01/28 17:20]
val
использование_двух_isp [2017/09/20 13:30]
val [Использование двух ISP]
Line 1: Line 1:
 ====== Использование двух ISP ====== ====== Использование двух ISP ======
  
-===== Исходная настройка ​стенда =====+  * [[http://​www.anticisco.ru/​blogs/​2011/​05/​введение-в-cisco-oerpfr/​|Введение в Cisco OER/PfR]] 
 +  * [[https://​habrahabr.ru/​post/​81424/​|Немного об ip sla / rtr в Cisco…]] 
 +===== Настройка ​роутера на использование ​двух провайдеров ​=====
 <​code>​ <​code>​
-router(config)#​ip name-server ​172.16.1.254 +interface FastEthernet0/​0 
-router(config)#​ip name-server 172.16.2.254+ ​description connect to ISP2 
 + ​duplex full 
 + ip address ​172.16.2.X 255.255.255.
 + ip nat outside 
 + no shutdown
  
-router(config)#​ip dhcp pool LAN +ip name-server 172.16.2.254
-router(dhcp-config)#​dns-server ​172.16.1.254 ​172.16.2.254+
  
-server# cat /​etc/​resolv.conf 
-search corpX.un 
-nameserver 172.16.1.254 
-nameserver 172.16.2.254 
-</​code>​ 
- 
-===== Настройка роутера на использование двух провайдеров ===== 
-<​code>​ 
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
 ip access-list standard ACL_REDIRECT_ISP2 ip access-list standard ACL_REDIRECT_ISP2
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 +
 +no ip nat inside source list ACL_NAT interface FastEthernet1/​1 overload
  
 ip nat inside source list ACL_REDIRECT_ISP1 interface FastEthernet1/​1 overload ip nat inside source list ACL_REDIRECT_ISP1 interface FastEthernet1/​1 overload
Line 35: Line 34:
  
 interface FastEthernet1/​0 interface FastEthernet1/​0
- ​description connetc to LAN 
- ip address 192.168.X.1 255.255.255.0 
- ip nat inside 
  ip policy route-map RM_REDIRECT_ISP  ip policy route-map RM_REDIRECT_ISP
- 
-interface FastEthernet1/​1 
- ​description connect to ISP1 
- ip address 172.16.1.X 255.255.255.0 
- ip nat outside 
- 
-interface FastEthernet0/​0 
- ​description connect to ISP2 
- ip address 172.16.2.X 255.255.255.0 
- ip nat outside 
 </​code>​ </​code>​
  
 ===== Переключение каналов ===== ===== Переключение каналов =====
- 
-==== Тестирование провайдеров с роутера ==== 
-<​code>​ 
-server# cat route_isp1.cfg 
-no ip route 0.0.0.0 0.0.0.0 172.16.2.254 
-ip route 0.0.0.0 0.0.0.0 172.16.1.254 
- 
-server# cat route_isp2.cfg 
-no ip route 0.0.0.0 0.0.0.0 172.16.1.254 
-ip route 0.0.0.0 0.0.0.0 172.16.2.254 
- 
-server# rcp route_isp1.cfg router:​running-config 
-server# rsh router ping ya.ru 
- 
-server# rcp route_isp2.cfg router:​running-config 
-server# rsh router ping ya.ru 
-</​code>​ 
  
 ==== Фрагменты конфигураций роутера ==== ==== Фрагменты конфигураций роутера ====
  
-=== Доступен ISP1 ===+=== Доступны оба ISP ===
 <​code>​ <​code>​
-server# cat isp1.cfg+server# cat isp1_isp2.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
 + deny any
 +ip access-list standard ACL_REDIRECT_ISP2
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
-ip access-list standard ACL_REDIRECT_ISP2 
  deny any  deny any
 end end
 </​code>​ </​code>​
-=== Доступен ​ISP2 ===+=== Доступен ​ISP1 ===
 <​code>​ <​code>​
-server# cat isp2.cfg+server# cat isp1.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
- deny any 
-ip access-list standard ACL_REDIRECT_ISP2 
  ​permit 192.168.X.0 0.0.0.255  ​permit 192.168.X.0 0.0.0.255
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 +ip access-list standard ACL_REDIRECT_ISP2
 + deny any
 end end
 </​code>​ </​code>​
-=== Доступны оба ISP ===+=== Доступен ISP2 ===
 <​code>​ <​code>​
-server# cat isp1_isp2.cfg+server# cat isp2.cfg 
 +</​code><​code>​
 no ip access-list standard ACL_REDIRECT_ISP1 no ip access-list standard ACL_REDIRECT_ISP1
 no ip access-list standard ACL_REDIRECT_ISP2 no ip access-list standard ACL_REDIRECT_ISP2
 ip access-list standard ACL_REDIRECT_ISP1 ip access-list standard ACL_REDIRECT_ISP1
- permit 192.168.X.0 0.0.0.255+ deny any
 ip access-list standard ACL_REDIRECT_ISP2 ip access-list standard ACL_REDIRECT_ISP2
 + ​permit 192.168.X.0 0.0.0.255
  ​permit 192.168.100+X.0 0.0.0.255  ​permit 192.168.100+X.0 0.0.0.255
 end end
 </​code>​ </​code>​
 +
  
 ==== Переключение в ручном режиме ==== ==== Переключение в ручном режиме ====
 <​code>​ <​code>​
-server# rsh router ​"clear ip nat tr *" +cat /​etc/​resolv.conf 
 +</​code><​code>​ 
 +... 
 +nameserver 172.16.1.254 
 +nameserver 172.16.2.254 
 +</​code><​code>​ 
 +cat /​etc/​hosts 
 +</​code><​code>​ 
 +... 
 +192.168.X.1 ​    router 
 +</​code><​code>​
 server# rcp isp1.cfg router:​running-config server# rcp isp1.cfg router:​running-config
  
Line 117: Line 101:
  
 server# rcp isp1_isp2.cfg router:​running-config server# rcp isp1_isp2.cfg router:​running-config
 +
 +server# rsh router "clear ip nat tr *"
 +</​code>​
 +
 +==== Тестирование провайдеров с роутера ====
 +<​code>​
 +server# cat route_isp1.cfg
 +</​code><​code>​
 +no ip route 0.0.0.0 0.0.0.0 172.16.2.254
 +ip route 0.0.0.0 0.0.0.0 172.16.1.254
 +end
 +</​code><​code>​
 +server# cat route_isp2.cfg
 +</​code><​code>​
 +no ip route 0.0.0.0 0.0.0.0 172.16.1.254
 +ip route 0.0.0.0 0.0.0.0 172.16.2.254
 +end
 +</​code><​code>​
 +server# rcp route_isp1.cfg router:​running-config
 +server# rsh router ping ya.ru
 +
 +server# rcp route_isp2.cfg router:​running-config
 +server# rsh router ping ya.ru
 </​code>​ </​code>​
  
Line 123: Line 130:
 <​code>​ <​code>​
 server# cat select_isp.sh server# cat select_isp.sh
 +</​code><​code>​
 #!/bin/sh #!/bin/sh
  
Line 145: Line 153:
  
 echo $conf_name > /​tmp/​conf_name echo $conf_name > /​tmp/​conf_name
 +
 +rcp /​root/​$conf_name router:​running-config
  
 rsh router "clear ip nat tr *" rsh router "clear ip nat tr *"
  
-rcp /​root/​$conf_name router:​running-config 
 exit 0 exit 0
 </​code><​code>​ </​code><​code>​
 +server# chmod +x select_isp.sh
 +
 +server# echo isp1_isp2.cfg > /​tmp/​conf_name
 +
 server# crontab -e server# crontab -e
 +</​code><​code>​
 */5 * * * * /​root/​select_isp.sh */5 * * * * /​root/​select_isp.sh
 </​code>​ </​code>​
- 
использование_двух_isp.txt · Last modified: 2017/09/20 13:30 by val