User Tools

Site Tools


использование_двух_isp

This is an old revision of the document!


Использование двух ISP

Исходная настройка стенда

router(config)#ip name-server 172.16.1.254
router(config)#ip name-server 172.16.2.254

router(config)#ip dhcp pool LAN
router(dhcp-config)#dns-server 172.16.1.254 172.16.2.254

server# cat /etc/resolv.conf
search corpX.un
nameserver 172.16.1.254
nameserver 172.16.2.254

Настройка роутера на использование двух провайдеров

ip access-list standard ACL_REDIRECT_ISP1
 permit 192.168.X.0 0.0.0.255
ip access-list standard ACL_REDIRECT_ISP2
 permit 192.168.100+X.0 0.0.0.255

ip nat inside source list ACL_REDIRECT_ISP1 interface FastEthernet1/1 overload

ip nat inside source list ACL_REDIRECT_ISP2 interface FastEthernet0/0 overload

route-map RM_REDIRECT_ISP permit 10
 match ip address ACL_REDIRECT_ISP1
 set ip next-hop 172.16.1.254
!
route-map RM_REDIRECT_ISP permit 20
 match ip address ACL_REDIRECT_ISP2 
 set ip next-hop 172.16.2.254

interface FastEthernet1/0
 description connetc to LAN
 ip address 192.168.X.1 255.255.255.0
 ip nat inside
 ip policy route-map RM_REDIRECT_ISP

interface FastEthernet1/1
 description connect to ISP1
 ip address 172.16.1.X 255.255.255.0
 ip nat outside

interface FastEthernet0/0
 description connect to ISP2
 ip address 172.16.2.X 255.255.255.0
 ip nat outside

Переключение каналов

Тестирование провайдеров с роутера

server# cat route_isp1.cfg
no ip route 0.0.0.0 0.0.0.0 172.16.2.254
ip route 0.0.0.0 0.0.0.0 172.16.1.254

server# cat route_isp2.cfg
no ip route 0.0.0.0 0.0.0.0 172.16.1.254
ip route 0.0.0.0 0.0.0.0 172.16.2.254

server# rcp route_isp1.cfg router:running-config
server# rsh router ping ya.ru

server# rcp route_isp2.cfg router:running-config
server# rsh router ping ya.ru

Фрагменты конфигураций роутера

Доступен ISP1

server# cat isp1.cfg
no ip access-list standard ACL_REDIRECT_ISP1
no ip access-list standard ACL_REDIRECT_ISP2
ip access-list standard ACL_REDIRECT_ISP1
 permit 192.168.X.0 0.0.0.255
 permit 192.168.100+X.0 0.0.0.255
ip access-list standard ACL_REDIRECT_ISP2
 deny any
end

Доступен ISP2

server# cat isp2.cfg
no ip access-list standard ACL_REDIRECT_ISP1
no ip access-list standard ACL_REDIRECT_ISP2
ip access-list standard ACL_REDIRECT_ISP1
 deny any
ip access-list standard ACL_REDIRECT_ISP2
 permit 192.168.X.0 0.0.0.255
 permit 192.168.100+X.0 0.0.0.255
end

Доступны оба ISP

server# cat isp1_isp2.cfg
no ip access-list standard ACL_REDIRECT_ISP1
no ip access-list standard ACL_REDIRECT_ISP2
ip access-list standard ACL_REDIRECT_ISP1
 permit 192.168.X.0 0.0.0.255
ip access-list standard ACL_REDIRECT_ISP2
 permit 192.168.100+X.0 0.0.0.255
end

Переключение в ручном режиме

server# rsh router "clear ip nat tr *"

server# rcp isp1.cfg router:running-config

server# rcp isp2.cfg router:running-config

server# rcp isp1_isp2.cfg router:running-config

Автоматизация переключения на резервный канал

server# cat select_isp.sh
#!/bin/sh

touch /tmp/conf_name

rcp /root/route_isp1.cfg router:running-config
rsh router ping ya.ru | grep -q '!'
ALIVE1=$?

rcp /root/route_isp2.cfg router:running-config
rsh router ping ya.ru | grep -q '!'
ALIVE2=$?

test $ALIVE1 -eq 0 && conf_name="isp1.cfg"
test $ALIVE2 -eq 0 && conf_name="isp2.cfg"
test $ALIVE1 -eq 0 && test $ALIVE2 -eq 0 && conf_name="isp1_isp2.cfg"

# echo /root/$conf_name
# exit 0

test $conf_name = "`cat /tmp/conf_name`" && exit 0

echo $conf_name > /tmp/conf_name

rsh router "clear ip nat tr *"

rcp /root/$conf_name router:running-config
exit 0
server# crontab -e
*/5 * * * * /root/select_isp.sh
использование_двух_isp.1296224401.txt.gz · Last modified: 2013/05/22 13:50 (external edit)