User Tools

Site Tools


сервисы_gateway_и_routing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
сервисы_gateway_и_routing [2021/07/01 11:54]
val [NetFilter iproute2 (Linux)]
сервисы_gateway_и_routing [2022/07/05 06:53] (current)
val [Debian/Ubuntu]
Line 13: Line 13:
 net.ipv4.ip_forward = 1 net.ipv4.ip_forward = 1
  
-root@gate:​~#​ cat /​etc/​sysctl.conf+root@gate:​~#​ cat /etc/sysctl.d/​20-my-forward.conf
 </​code><​code>​ </​code><​code>​
-... 
 net.ipv4.ip_forward=1 net.ipv4.ip_forward=1
-... 
 </​code><​code>​ </​code><​code>​
-root@gate:​~#​ sysctl -f+root@gate:​~#​ sysctl -p --system ​
 </​code>​ </​code>​
  
Line 125: Line 123:
  
 === Установка === === Установка ===
- 
-=== FreeBSD === 
-<​code>​ 
-[gate:~] # pkg install quagga 
- 
-[gate:~] # cd /​usr/​local/​etc/​quagga/​ 
-</​code>​ 
  
 === Debian/​Ubuntu === === Debian/​Ubuntu ===
Line 154: Line 145:
 enable password zebra enable password zebra
 </​code>​ </​code>​
- 
-=== Запуск === 
  
 === FreeBSD === === FreeBSD ===
 <​code>​ <​code>​
-[gate:~] # cat /​etc/​rc.conf +[gate:~] # pkg install quagga 
-</​code><​code>​ + 
-... +[gate:~] # cd /​usr/​local/​etc/​quagga/
-quagga_enable="​YES"​ +
-quagga_daemons="​zebra ospfd"​ +
-</​code><​code>​ +
-[gate:~] # /​usr/​local/​etc/rc.d/​quagga ​start+
 </​code>​ </​code>​
  
-=== Debian ===+=== Запуск === 
 + 
 +=== Debian/​Ubuntu ​===
 <​code>​ <​code>​
 # service zebra start # service zebra start
Line 175: Line 162:
 </​code>​ </​code>​
  
-=== Ubuntu ​===+=== FreeBSD ​===
 <​code>​ <​code>​
-root@gate:~# cat /etc/quagga/​daemons+[gate:~# cat /etc/rc.conf
 </​code><​code>​ </​code><​code>​
 ... ...
-zebra=yes +quagga_enable="​YES"​ 
-... +quagga_daemons="​zebra ​ospfd"
-ospfd=yes +
-...+
 </​code><​code>​ </​code><​code>​
-root@gate:​~# ​chown -R quagga ​/etc/quagga/ +[gate:~/usr/local/etc/rc.d/quagga start
- +
-root@gate:​~#​ service ​quagga start+
 </​code>​ </​code>​
  
Line 281: Line 264:
 # ip route show table all | grep 'table 10[12]'​ # ip route show table all | grep 'table 10[12]'​
  
-# ip rule add from 192.168.X.0/​25 table 101 +# ip rule show 
-# ip rule add from 192.168.X.128/25 table 102 + 
-# ip rule add from 192.168.X.0/24 to 192.168.X.0/​24 ​table main+# ip rule add prio 100 from 192.168.X.0/​24 to 192.168.X.0/​24 ​table main 
 +# ip rule add prio 200 from 192.168.X.0/25 table 101 
 +# ip rule add prio 300 from 192.168.X.128/25 table 102
  
 # ip rule show # ip rule show
  
-# ip rule del from 192.168.X.0/​24 to 192.168.X.0/​24 table main +# ip rule del prio 300 
-# ip rule del from any table 101 +# ip rule del prio 200 
-# ip rule del from any table 102+# ip rule del prio 100
  
 # ip route del default via 172.16.1.254 table 101 # ip route del default via 172.16.1.254 table 101
Line 305: Line 290:
  
 iptables -t nat -A POSTROUTING -o eth1 -s 192.168.X.0/​24 -j SNAT --to-source 172.16.1.X iptables -t nat -A POSTROUTING -o eth1 -s 192.168.X.0/​24 -j SNAT --to-source 172.16.1.X
-iptables -t nat -A POSTROUTING -o eth3 -s 192.168.X.0/​24 -j SNAT --to-source 172.16.2.X+iptables -t nat -A POSTROUTING -o eth2 -s 192.168.X.0/​24 -j SNAT --to-source 172.16.2.X
  
 conntrack -F conntrack -F
Line 321: Line 306:
         post-up ip rule add prio 100 from 192.168.X.0/​24 to 192.168.X.0/​24 table main         post-up ip rule add prio 100 from 192.168.X.0/​24 to 192.168.X.0/​24 table main
         post-up ip rule add prio 200 from 192.168.X.0/​25 table 101         post-up ip rule add prio 200 from 192.168.X.0/​25 table 101
-        post-up ip rule add prio 200 from 192.168.X.128/​25 table 102+        post-up ip rule add prio 300 from 192.168.X.128/​25 table 102
         ​         ​
         address 192.168.X.1         address 192.168.X.1
сервисы_gateway_и_routing.1625129690.txt.gz · Last modified: 2021/07/01 11:54 by val