本网吧有400台机器,有两个电信100m线路,两个固定的ip,两个附送的固定ip,一共四个ip,分别为:218.90.159.xx1218.90.159.xx2218.90.159.xx3218.90.159.xx4现在想用两条线路,两个固定ip做带宽的合并,不知道如何实现?并且如果划分vlan的话需要如何配置可以使两个ip段连通,尽量不要用路由的转发功能,最好能实现的情况下达到双100m线路的最大化利用,避免网络风暴的产生!不胜感激!
难道没有人知道吗?
用一条100M的线路就足够用了.. 我用C800 SD 128M 2*8139 10M电信光纤.Redhat9做NAT带200台网吧客户机都还绰绰有余!!速度也不慢..你的100M如果机器配置好点.. 带1000台客户机没问题.. 除非是你的带宽不是真正100M 或者是水分太大 你真要用两条的话.. 就只有使用负载均衡来做了.. 这个我也没做过.. 但是复杂了点...
记得以前的帖子有讲请参见ROUTEROS专区的多线路负载均衡和数据分流技术
QUOTE (liusimin @ Jan 10 2005, 07:36 PM)
记得以前的帖子有讲请参见ROUTEROS专区的多线路负载均衡和数据分流技术
除了ROUTEROS外.. 别的还有做多线路负载均衡和数据分流的吗???LINUX也可以.. 但是实施起来复杂.. 头大晕`~~~
可以的,不过很难!要很多时间去试!
有多难啊??我这里三条WAN线.. 固定IP 想用一台LINUX来做负载均衡..要怎么实施??
QUOTE (jk0wg @ Jan 14 2005, 05:22 PM)
有多难啊??我这里三条WAN线.. 固定IP 想用一台LINUX来做负载均衡..要怎么实施??
用freebsd5.3来做很简单的.
QUOTE (wsgtrsys @ Jan 14 2005, 08:13 PM)
QUOTE (jk0wg @ Jan 14 2005, 05:22 PM)
有多难啊???我这里三条WAN线.. 固定IP? 想用一台LINUX来做负载均衡..?要怎么实施??
用freebsd5.3来做很简单的.
能说具体一点吗??我是看在LINUX兼容性好.freeBSD兼容性问题.. 所以没考虑用它
你先将freebsd5.3按mini方式安装好.并安装好cvsup,下载最新的系统核心源代码.因为要支持负载平衡的话,必须重新编译内核.我一会儿回去把内核的配置文件发一份给你.其实负载平衡在openbsd3.5前用PF就可以实现了,但是我为什么推荐用freebsd5.3呢.因为freebsd5.3有很多的新特性.如支持polling,也就是轮询,相当于linux中的napi.内核使用了抢先式的调度器.最重要的是将openbsd的pf包过滤器合并到了内核之中.PF支持做认证网关.支持流量altq队列流量控制.实现的命令很简单.例 :我想保证a IP的带宽保证在全部带宽的30%,b IP占用70%,而且可以设置当a 没有流量的时候,b可以借用a的带宽.用PF可以轻易做到.不过话又说回来,pf的过滤功能没有iptables强大.不能做到对ftp连接动态跟踪.让pf支持ftp是采用一种巧妙的笨办法.另:单线路多ip做负载平衡是没有实用价值的.负载平衡应当在多线路之间做.
freeBSD5.3我已经下了.. 我都没用过,, 只用过LINUX,听你说的好像还是复杂...不过相信在你的指导下应该没问题了`~ (mini)最小化安装freeBSD就行了吗?? 用以下的配置行吗?C 800MSD 128M PC10040G 72008139*3(虽然有三条WAN线路,但我用两条。另一条带一台独立的服务器,所以用3块网卡)所带客户机:200台一台二层的中心交换机
freebsd 5.3的新内核配置文件:
CODE
machinei386cpuI586_CPUcpuI686_CPUidentGENERICdevice pfdevice pflogdevice pfsyncoptions ALTQoptions ALTQ_CBQ# To statically compile in device wiring instead of /boot/device.hintsoptionsPANIC_REBOOT_WAIT_TIME=0 #内核异常时立即重起optionsDEVICE_POLLING #改善网络响应时间optionsHZ=1000 #man 4 pollingoptionsIPSTEALTH#支持秘密IP转发#optionsRANDOM_IP_ID#随机IP ID阻止信息泄漏optionsTCP_DROP_SYNFIN#抛弃SYN+FIN包,阻止检测服务器optionsSCHED_4BSD# 4BSD scheduleroptionsINET # InterNETworkingoptionsFFS # Berkeley Fast FilesystemoptionsSOFTUPDATES# Enable FFS soft updates supportoptionsMD_ROOT # MD is a potential root deviceoptionsPROCFS # Process filesystem (requires PSEUDOFS)optionsPSEUDOFS# Pseudo-filesystem frameworkoptionsCOMPAT_43# Compatible with BSD 4.3 optionsSYSVSHM # SYSV-style shared memoryoptionsSYSVMSG # SYSV-style message queuesoptionsSYSVSEM # SYSV-style semaphoresoptions_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensionsoptionsKBD_INSTALL_CDEV # install a CDEV entry in /devdeviceapic# I/O APIC# Bus support.Do not remove isa, even if you have no isa slotsdeviceisadevicepci# ATA and ATAPI devicesdeviceatadeviceatadisk# ATA disk drivesoptionsATA_STATIC_ID # Static device numbering# SCSI peripheralsdevicescbus# SCSI bus (required for SCSI)deviceda# Direct Access (disks)# atkbdc0 controls both the keyboard and the PS/2 mousedeviceatkbdc# AT keyboard controllerdeviceatkbd# AT keyboarddevicevga# VGA video card driverdevicesplash# Splash screen and screen saver support# syscons is the default console driver, resembling an SCO consoledevicesc# Floating point support - do not disable.devicenpx# Serial (COM) portsdevicesio# 8250, 1650 based serial ports# PCI Ethernet NICs.devicede# DEC/Intel DC21x4x (``Tulip'')deviceem# Intel PRO/1000 adapter Gigabit Ethernet Carddeviceixgb# Intel PRO/10GbE Ethernet Carddevicetxp# 3Com 3cR990 (``Typhoon'')devicevx# 3Com 3c590, 3c595 (``Vortex'')# PCI Ethernet NICs that use the common MII bus controller code.# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!devicemiibus# MII bus supportdevicebfe# Broadcom BCM440x 10/100 Ethernetdevicebge# Broadcom BCM570xx Gigabit Ethernetdevicedc# DEC/Intel 21143 and various workalikesdevicefxp# Intel EtherExpress PRO/100B (82557, 82558)devicelge# Level 1 LXT1001 gigabit ethernetdevicenge# NatSemi DP83820 gigabit ethernetdevicepcn# AMD Am79C97x PCI 10/100 (precedence over 'lnc')devicere# RealTek 8139C+/8169/8169S/8110Sdevicerl# RealTek 8129/8139devicesf# Adaptec AIC-6915 (``Starfire'')devicesis# Silicon Integrated Systems SiS 900/SiS 7016devicesk# SysKonnect SK-984x & SK-982x gigabit Ethernetdeviceste# Sundance ST201 (D-Link DFE-550TX)deviceti# Alteon Networks Tigon I/II gigabit Ethernetdevicetl# Texas Instruments ThunderLANdevicetx# SMC EtherPower II (83c170 ``EPIC'')devicevge# VIA VT612x gigabit ethernetdevicevr# VIA Rhine, Rhine IIdevicewb# Winbond W89C840Fdevicexl# 3Com 3c90x (``Boomerang'', ``Cyclone'')# ISA Ethernet NICs.pccard NICs included.devicecs# Crystal Semiconductor CS89x0 NIC# 'device ed' requires 'device miibus'deviceed# NE000, SMC Ultra, 3c503, DS8390 cardsdeviceex# Intel EtherExpress Pro/10 and Pro/10+deviceep# Etherlink III based cardsdevicefe# Fujitsu MB8696x based cardsdeviceie# EtherExpress 8/16, 3C507, StarLAN 10 etc.devicelnc# NE2100, NE32-VL Lance Ethernet cardsdevicesn# SMC's 9000 series of Ethernet chipsdevicexe# Xircom pccard Ethernet# ISA devices that use the old ISA shims#devicele# Pseudo devices.deviceloop# Network loopbackdevicemem# Memory and kernel memory devicesdeviceio# I/O devicedevicerandom# Entropy devicedeviceether# Ethernet supportdeviceppp# Kernel PPPdevicetun# Packet tunnel.devicepty# Pseudo-ttys (telnet etc)devicemd# Memory "disks"devicegif# IPv6 and IPv4 tunneling# The `bpf' device enables the Berkeley Packet Filter.# Be aware of the administrative consequences of enabling this!devicebpf# Berkeley packet filter# USB supportdeviceuhci# UHCI PCI->USB interfacedeviceohci# OHCI PCI->USB interfacedeviceusb# USB Bus (required)deviceugen# Genericdeviceukbd# Keyboarddeviceumass# Disks/Mass storage - Requires scbus and dadeviceums# Mouseoptions NETGRAPH #netgraph(4) systemoptions NETGRAPH_ETHERoptions NETGRAPH_PPPOEoptions NETGRAPH_SOCKETdevice vlan# IEEE 802.1Q VLAN Support
用你的这个内核就行了吗??NAT方面要怎么设置呢??
/etc/pf.conf配置:
CODE
lan_net = "192.168.0.0/24"int_if= "dc0"ext_if1 = "fxp0"ext_if2 = "fxp1"ext_gw1 = "68.146.224.1"ext_gw2 = "142.59.76.1"#nat outgoing connections on each internet interfacenat on $ext_if1 from $lan_net to any -> ($ext_if1)nat on $ext_if2 from $lan_net to any -> ($ext_if2)#default denyblock infrom any to anyblock out from any to any#pass all outgoing packets on internal interfacepass out on $int_if from any to $lan_net#pass in quick any packets destined for the gateway itselfpass in quick on $int_if from $lan_net to $int_if#load balance outgoing tcp traffic from internal network. pass in on $int_if route-to \ { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto tcp from $lan_net to any flags S/SA modulate state#load balance outgoing udp and icmp traffic from internal networkpass in on $int_if route-to \ { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto { udp, icmp } from $lan_net to any keep state#general "pass out" rules for external interfacespass out on $ext_if1 proto tcp from any to any flags S/SA modulate statepass out on $ext_if1 proto { udp, icmp } from any to any keep statepass out on $ext_if2 proto tcp from any to any flags S/SA modulate statepass out on $ext_if2 proto { udp, icmp } from any to any keep state#route packets from any IPs on $ext_if1 to $ext_gw1 and the same for#$ext_if2 and $ext_gw2pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
根据你自己的情况,主要更改lan_net = "192.168.0.0/24"int_if= "dc0"ext_if1 = "fxp0"ext_if2 = "fxp1"ext_gw1 = "68.146.224.1"ext_gw2 = "142.59.76.1"这一段的设置,就行了.你再看看这篇文章,http://freebsd.ntut.idv.tw/document/freebsd_pf_nat.html照着配置就行了.