|
天堂之光 人间希望
你我共同品味
JAVA的浓香.
Linux的清芬. |
| « | July 2026 | » | | 日 | 一 | 二 | 三 | 四 | 五 | 六 | | | | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | | |
| 链接 |
联系我
msn:zhanglincon@hotmail.com |
| Blog信息 |
|
blog名称: 日志总数:99 评论数量:281 留言数量:4 访问次数:829216 建立时间:2005年11月17日 |

| |
|
网通与电信双线服务器实施的配置 文章收藏, 软件技术
zhanglincon 发表于 2006/12/21 15:46:15 |
|
公司开发网站,为解决南北访问的问题,我把服务器托管到一个双线机房。经过反复调试,终于完成相应的配置。现将配置过程简明记录如下,供大家参考。一、服务器状态网通使用第一块网卡(eth0):IP:218.57.200.242掩码:255.255.255.0网关:218.57.200.1DNS1:202.102.152.3DNS2:202.102.128.68电信使用第二块网卡(eth1):IP:222.173.254.21掩码:255.255.255.240网关:222.173.254.17DNS1:219.146.0.130DNS2:219.150.32.132二、配置网卡:# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0ONBOOT=yesBOOTPROTO=noneIPADDR=218.57.200.242NETMASK=255.255.255.0GATEWAY=218.57.200.1TYPE=EthernetUSERCTL=noIPV6INIT=noPEERDNS=yes#vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth1ONBOOT=yesBOOTPROTO=noneIPADDR=222.173.254.21NETMASK=255.255.255.240GATEWAY=222.173.254.17TYPE=EthernetUSERCTL=noIPV6INIT=noPEERDNS=yes# vi /etc/sysconfig/network-scripts/route-eth1GATEWAY0=218.57.200.1NETMASK0=255.255.255.0ADDRESS0=218.57.200.242# vi /etc/sysconfig/networking/profiles/default/resolv.confnameserver 202.102.152.3nameserver 202.102.128.68三、配置路由表# vi /etc/iproute2/rt_tables,增加网通和电信两个路由表252 cnc251 tel设置网通的路由表# ip route add 218.57.200.0/24 via 218.57.200.242 dev eth0 table cnc# ip route add 127.0.0.0/8 dev lo table cnc# ip route add default via 218.57.200.1 dev eth0 table cnc设置电信的路由表ip route add 222.173.254.0/24 via 222.173.254.21 dev eth1 table telip route add 127.0.0.0/8 dev lo table telip route add default via 222.173.254.17 dev eth1 table tel制定策略,让222.173.254.21的回应数据包走电信的路由表路由,218.57.200.242的回应数据包走网通的路由表路由ip rule add from 222.173.254.21 table telip rule add from 218.57.200.242 table cnc修改IP转发文件# vi /etc/sysctl.confnet.ipv4.ip_forward = 1net.ipv4.conf.default.rp_filter = 1kernel.sysrq = 0设置静态路由表文件# vi /etc/sysconfig/static-routeseth0 net 218.57.200.242 netmask 255.255.255.0 gw 218.57.200.1eth1 net 222.173.254.21 netmask 255.255.255.240 gw 222.173.254.17将从两个WAN口出去的数据包进行IP伪装masquerade# /sbin/modprobe ip_conntrack_ftp# /sbin/modprobe ip_nat_ftp# /sbin/iptables -t nat -A postrouting -o eth0 -j masquerade# /sbin/iptables -t nat -A postrouting -o eth1 -j masquerade设置默认网关为网通# route add default gw 222.173.254.17增加出口路由策略,客户端是网通的走网通线路,其余走电信线路。ip rule add to 121.16.0.0/13 table cncip rule add to 121.24.0.0/14 table cncip rule add to 121.28.0.0/15 table cncip rule add to 121.30.0.0/16 table cncip rule add to 121.31.0.0/16 table cnc其余省略...刷新路由表ip route flush cache四、配置DNS在服务器上配置自己的DNS解析,将域名服务器商处的域名解析指向服务器。这样,来自网通的查询,将反馈网站网通的IP,其余反馈电信的IP。配置named.confview "cnc" {match-clients {121.16.0.0/13;121.24.0.0/14;121.28.0.0/15;121.30.0.0/16;121.31.0.0/16;121.47.0.0/16;121.76.0.0/16;121.77.0.0/16;122.192.0.0/14;122.198.192.0/18;123.199.128.0/20;124.108.40.0/21;124.128.0.0/13;124.160.0.0/16;124.161.0.0/16;124.162.0.0/16;124.163.0.0/16;其余省略...;}recursion yes;zone "zhyh.org" {type master;file "/var/named/zhyh.org.cnc";};}; view "other" {match-clients { any; };recursion no;zone "zhyh.org" {type master;file "/var/named/zhyh.org";};};配置zhyh.org.cnc,对应网通IP$TTL 86400@ IN SOA zhyh.org. root (2006111800 ; Serial28800 ; Refresh14400 ; Retry3600000 ; Expire86400 ) ; MinimumIN NS zhyh.org.IN A 218.57.200.242IN MX 10 mailwww IN A 218.57.200.242ns1 IN A 218.57.200.242ns IN A 222.173.254.21mail IN A 218.57.200.2421 IN PTR localhost.配置zhyh.org,对应电信IP$TTL 86400@ IN SOA zhyh.org. root (2006111800 ; Serial28800 ; Refresh14400 ; Retry3600000 ; Expire86400 ) ; MinimumIN NS zhyh.org.IN A 222.173.254.21IN MX 10 mailwww IN A 222.173.254.21ns IN A 222.173.254.21ns1 IN A 218.57.200.242mail IN A 222.173.254.211 IN PTR localhost.配置222.173.254.zone、218.57.200.zone做反向解析;$TTL 86400@ IN SOA zhyh.org. root.zhyh.org. (200611181336007200360000086400 )IN NS localhost.242 IN PTR www.zhyh.org.242 IN PTR ns1.zhyh.org.242 IN PTR mail.zhyh.org.五、配置apache,做好虚拟主机设置# vi /usr/local/apache/conf/httpd.confNameVirtualHost 218.57.200.242:80NameVirtualHost 222.173.254.21:80ServerName xxx.comDocumentRoot /www/html/ServerAdmin webmaster@xxx.com
ErrorLog logs/zhyh.org-error_logServerName www.zhyh.orgDocumentRoot /var/www/html/zhyh.orgServerAdmin webmaster@zhyh.orgErrorLog logs/zhyh.org-error_logCustomLog "|/usr/local/sbin/cronolog /var/log/httpd/zhyh.org-access_log.%Y%m%d" combined |
|
|