Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Balanceamento de Carga: # Aptitude Update # Aptitude Install Iproute

    Hochgeladen von

    kleberwilliam
    24 Ansichten4 Seiten
    This document describes how to configure load balancing across two internet connections on a Debian system. It involves installing iproute2, configuring two network interfaces connected to different gateways, adding routing tables, and using iptables firewall rules to distribute traffic evenly. A script is also provided to monitor the links and dynamically change the default route if one link goes down, restoring traffic to the remaining link for high availability.

    Originalbeschreibung:

    Originaltitel

    balanceamento_failover

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    ODT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    This document describes how to configure load balancing across two internet connections on a Debian system. It involves installing iproute2, configuring two network interfaces connected to different gateways, adding routing tables, and using iptables firewall rules to distribute traffic evenly. A script is also provided to monitor the links and dynamically change the default route if one link goes down, restoring traffic to the remaining link for high availability.

    Copyright:

    © All Rights Reserved
    Als ODT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    24 Ansichten4 Seiten

    Balanceamento de Carga: # Aptitude Update # Aptitude Install Iproute

    Hochgeladen von

    kleberwilliam
    This document describes how to configure load balancing across two internet connections on a Debian system. It involves installing iproute2, configuring two network interfaces connected to different gateways, adding routing tables, and using iptables firewall rules to distribute traffic evenly. A script is also provided to monitor the links and dynamically change the default route if one link goes down, restoring traffic to the remaining link for high availability.

    Copyright:

    © All Rights Reserved
    Als ODT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    Balanceamento de Carga

    Este tuto foi feito em cima da distribuio Debian 5, com dois links de mesma velocidade.
    Neste exemplo teremos 3 interface [eth !"#.!$%.!.! e eth! !"#.!$%.#.! as duas internet& [eth#
    !"#.!$%.3.! rede local&
    'rimeiramente instalamos o pacote iproute #
    ( aptitude update
    ( aptitude install iproute
    )p*s confi+ure as tabelas,
    ( vim -etc-iproute#-rt.tables
    )dicione essas duas linhas no final do ar/uivo,
    # uplink!
    #! uplink#
    0amos confi+urar nossa interface onde em eth !"#.!$%.!.! - eth! !"#.!$%.#.! so os +ate1a2s
    ( vim -etc-net1ork-interfaces
    # LOCALHOST
    auto lo
    iface lo inet loopback

    # LINK 1

    auto eth0
    iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0

    post-up ip route add 192.168.1.1/32 dev eth1 src 192.168.1.100 table
    uplink1
    post-up ip route add default via 192.168.1.1 table uplink1
    post-up ip rule add from 192.168.1.100 table uplink1
    post-down ip rule del from 192.168.1.100 table uplink1

    # LINK 2

    auto eth1
    iface eth1 inet static
    address 192.168.2.100
    netmask 255.255.255.0

    post-up ip route add 192.168.2.1/32 dev eth1 src 192.168.2.210 table
    uplink2
    post-up ip route add default via 192.168.2.1 table uplink2
    post-up ip rule add from 192.168.2.210 table uplink2
    post-down ip rule del from 192.168.2.210 table uplink2

    # REDE CLIENTE
    auto eth2
    iface eth2 inet static
    address 192.168.3.1
    netmask 255.255.255.0
    3einicie o servio,
    ( -etc-init.d-net1orkin+ restart
    )+ora vamos criar um fire1all, criaremos as rotas.
    #! /bin/sh

    # Ativa forwar
    echo 1 &!t" /proc/s#s/net/ipv$/ip%forward

    # Li!"a r#$ras
    /sbin/iptables -&
    /sbin/iptables -'
    /sbin/iptables -t nat -&
    /sbin/iptables -' -t nat
    /sbin/iptables -& -t man!le
    /sbin/iptables -' -t man!le

    # Carr#$a !o%&os
    /sbin/modprobe iptable%nat
    /sbin/modprobe ip%conntrack%ftp
    /sbin/modprobe ip%nat%ftp
    /sbin/modprobe ipt%()*
    /sbin/modprobe ipt%+,-,./
    /sbin/modprobe ipt%01234,+15,

    #Lib#ra nav#$a'ao nas int#rfa'#s
    /sbin/iptables -t nat -1 6)2/+)4/78* -s 192.168.30/2$ -o eth0 -9 01234,+15,
    /sbin/iptables -t nat -1 6)2/+)4/78* -s 192.168.30/2$ -o eth1 -9 01234,+15,

    # Confi$%ra()#s *ro+,
    # /sbin/i"tab&#s -t nat -A *RERO.TIN/ -i #th2 -" t'" --"ort 01 -2 REDIRECT
    --to-"ort 3120
    # /sbin/i"tab&#s -A *RERO.TIN/ -t !an$&# -s 14251605351/27 - 1/1 -2 8ARK
    --s#t-!ar9 3
    # /sbin/i"tab&#s -t !an$&# -A O.T*.T -" TC* - ! 14251605351/27 --"ort 01 -!
    own#r --%i-own#r 23 -2 8ARK --s#t-!ar9 3

    # :a; 'o! <%# o s#rvi'o ns fa'a 'ons%&tas "#&o o%tro &in9
    /sbin/iptables -t man!le -1 )4/64/ -p 456 --dport 53 -m owner --uid-owner 25 -9
    01+: --set-mark 2

    # D#&#ta rotas
    route del default

    # Loa ba&an'#
    ip route add default scope !lobal ne;thop via 192.168.1.1 dev eth0 wei!ht 1
    ne;thop via 192.168.2.1 dev eth1 wei!ht 1

    # Li!"a 'a'h#
    ip route flush cached
    ( ip route sho1 table main
    !"#.!$%.!.!-#4 dev eth proto kernel scope link src !"#.!$%.!.!
    192.168.2.1/24 dev eth1 proto kernel scope link src 192.168.2.100
    192.168.3.1/24 dev eth2 proto kernel scope link src 192.168.3.1
    default
    nexthop via 192.168.1.100 dev eth0 weight 1
    nexthop via 192.168.2.100 dev eth1 weight 1
    )dicione no cron o comando para limpar o cache dos dns a cada ! min
    ( vim -etc-crontab
    55"-! 6 6 6 6 root ip route flush cached
    )/ui fi7 o si+uinte script para verificar se al+um dos link cai, assim refa7endo a rota e deixadondo
    para o /ue estiver online.
    ( vim -root-uplink.sh
    #! /bin/sh
    # - - - - - - - - - - - - - - - #
    # Script por Rudimar Remontti #
    # www.remontti.com.br #
    # - - - - - - - - - - - - - - - #
    echo -e '\e[33;1mVerifcando Links: \e[m'

    # - - - - - - - - - - - #
    # Confguracoes #
    # - - - - - - - - - - - #
    GTW_1<192.168.1.1
    ITF_1<eth0
    GTW_2<192.168.2.1
    ITF_2<eth1
    RT_RT_1<200.1=6.3.1$2 # Ip do terra.com.br ele ira pingar p/ verifcar se responde
    RT_RT_2<200.1=6.3.1$2 # Ip do terra.com.br...
    # - - - - - - - - - - - #

    echo
    echo -e !\e[3";1mLink 1: #GTW_1\e[m!
    echo -e !\e[3";1mLink 2: #GTW_2\e[m!
    echo

    # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #
    $I%G_1<`ping #RT_RT_1 -I #ITF_1 -c 1 |grep packets |cut -c 2&`
    $I%G_2<`ping #RT_RT_2 -I #ITF_2 -c 1 |grep packets |cut -c 2&`
    # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #

    '$<`echo !(#$I%G_1 ) #$I%G_2*! | bc`
    if [ #'$ < 2 ]" then

    route del default
    ip route add default scope !lobal ne;thop via #GTW_1 dev #ITF_1 wei!ht 1 ne;thop
    via #GTW_2 dev #ITF_2 wei!ht 1
    ip route flush cached

    echo -n 'Link 1 e Link 2 +,a,-s: '
    echo -e '\e[32;1m[ .% / \e[m'
    echo

    elif [ #'$ < " ]" then

    route del default
    ip route add default scope !lobal ne;thop via #GTW_1 dev #ITF_1 wei!ht 1 ne;thop
    via #GTW_2 dev #ITF_2 wei!ht 1
    ip route flush cached

    echo
    echo -n (ink 1>
    echo -e '\e[32;1m [ .012 / \e[m'
    echo -n (ink 2>
    echo -e '\e[32;1m [ .012 / \e[m'
    echo

    elif [ #'$ < 1 ]" then
    echo
    if [ #$I%G_1 < 1 ]" then
    echo -n (ink 1>
    echo -e '\e[32;1m [ .012 / \e[m'
    else
    route del default
    ip route add default scope !lobal ne;thop via #GTW_2 dev #ITF_2 wei!ht
    1
    ip route flush cached
    da,a<`date`
    echo !#da,a -34,; Link 1 .FF! &!t"&!t" /root/links.lo!
    echo -n (ink 1>
    echo -e '\e[31;1m [ .FF / \e[m'
    f
    if [ #$I%G_2 < 1 ]" then
    echo -n (ink 2>
    echo -e '\e[32;1m [ .012 / \e[m'
    else
    route del default
    ip route add default scope !lobal ne;thop via #GTW_1 dev #ITF_1 wei!ht
    1
    ip route flush cached
    da,a<`date`
    echo !#da,a -34,; Link 2 .FF! &!t"&!t" /root/links.lo!
    echo -n (ink 2>
    echo -e '\e[31;1m [ .FF / \e[m'

    f
    echo
    if [ #$I%G_1 < " ]" then
    echo -e '\e[3";1mRo,as reconf4-rada5 4a,6a7 a,ra89s do Link 2:\e[m'
    R.T;<`ip route show |grep default |cut -c <-1""`
    echo -e !\e[3";1m#R.T;\e[m!

    elif [ #$I%G_2 < " ]" then
    echo -e '\e[3";1mRo,as reconf4-rada5 4a,6a7 a,ra89s do Link 1:\e[m'
    R.T;<`ip route show |grep default |cut -c <-1""`
    echo -e !\e[3";1m#R.T;\e[m!
    f
    else
    echo ,++)!
    f
    # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #
    echo
    ip route show |grep ne;thop
    echo
    ( chmod 855 -root-uplink.sh
    )dicionamos ao cron 95min:
    ( vim -etc-crontab
    55"-5 6 6 6 6 root -root-uplink.sh
    ;arre+ue seu fire1all na iniciali7ao do sistema, utili7e o iptraf para ver o trafe+o saindo pelas
    duas interfaces.
    <e vc tem dois link com car+as diferente altere o 1ei+ht.
    http,--111.remontti.com.br-blo+-archives-3#%

    Das könnte Ihnen auch gefallen