多WAN IP NAT
isp给了3个不连续不在一个网络的外网IP:10.0.0.10/24 gw:10.0.0.1
20.0.0.10/24 gw:20.0.0.1
30.0.0.10/24 gw:30.0.0.1
该如何做才能实现在vyatta/vyos上实现3个外网IP的NAT呢?试过用masquerade,不过设置masquerade之后,nat只会用接口上的第一个IP,其他两个从来没有nat了。
wolf@Quadranet# show interfaces ethernet eth1
address 10.0.0.10/24
address 20.0.0.10/24
address 30.0.0.10/24
duplex auto
hw-id fe:a1:79:f1:72:66
smp_affinity auto
speed auto
wolf@Quadranet#
wolf@Quadranet# show protocols static
route 0.0.0.0/0 {
next-hop 10.0.0.1 {
}
next-hop 20.0.0.1 {
}
next-hop 30.0.0.1{
}
}
wolf@Quadranet#
经过多次试验证明,masquerade确实可以根据网关选择外网IP来NAT,问题解决了。
wolf@Quadranet:~$ show conntrack table ipv4
TCP state codes: SS - SYN SENT, SR - SYN RECEIVED, ES - ESTABLISHED,
FW - FIN WAIT, CW - CLOSE WAIT, LA - LAST ACK,
TW - TIME WAIT, CL - CLOSE, LI - LISTEN
CONN ID Source Destination Protocol TIMEOUT
396079616192.168.180.10 224.0.0.5 ospfigp 596
459563008104.223.10.232:17500 104.223.10.255:17500 udp 11
391761280192.168.180.6 192.168.180.5 ospfigp 594
391763872212.83.191.243:5063 204.44.67.83:5060 udp 2989
459568480192.168.88.246:48428 74.125.204.100:443 tcp ES 431956
459564160155.94.161.150:138 155.94.161.255:138 udp 1
459566176192.168.180.5:37561 199.59.148.85:443 tcp ES 431987
391760992192.168.180.1:36718 8.8.8.8:53 udp 178
390501728192.168.180.9 224.0.0.5 ospfigp 599
390502016192.168.180.5 224.0.0.5 ospfigp 599
459570208192.168.88.246:61238 74.125.204.100:443 udp 0
390497120118.244.217.63:10141 204.44.67.83:10141 udp 178
459570496192.69.120.18:34218 104.223.10.56:23 tcp LA 17
391758976192.168.180.2 192.168.180.1 ospfigp 316
392957888212.83.188.161:5127 204.44.67.83:5060 udp 388
396079040192.168.180.6 224.0.0.5 ospfigp 598
459566752192.168.180.5:36718 8.8.4.4:53 udp 23
390498560118.244.217.63:10143 104.223.10.56:10143 udp 179
390499712192.168.180.1 224.0.0.5 ospfigp 599
390498848118.244.217.63:10142 155.94.161.109:10142 udp 178
459568768192.168.180.1:52848 74.125.224.122:443 tcp ES 431965
459569056192.168.180.5:57501 199.59.150.39:443 tcp ES 431997
459565600119.119.232.204:7346 155.94.161.109:22 tcp ES 299
391762720192.168.180.9:36718 8.8.8.8:53 udp 168
391758688192.168.180.5:36718 8.8.8.8:53 udp 162
459563584104.223.10.45:138 104.223.10.255:138 udp 15
459563296192.168.180.5:34465 199.59.150.42:443 tcp ES 431987
459567904192.168.180.5:57497 199.59.150.39:443 tcp ES 431947
396078464192.168.180.2 224.0.0.5 ospfigp 596
459569920192.168.88.246:48376 173.194.72.91:443 tcp ES 93
391765312192.168.180.10 192.168.180.9 ospfigp 594
459568192204.44.67.230:17500 204.44.67.255:17500 udp 11
390501152119.119.232.204:6287 155.94.161.109:22 tcp ES 430905
459565312192.168.88.246:48432 216.58.221.227:80 tcp ES 431820
459565888104.223.10.62:138 104.223.10.255:138 udp 1
459563872204.44.67.46:17500 255.255.255.255:17500udp 11
wolf@Quadranet:~$ show nat source translations
Pre-NAT Post-NAT ProtTimeout
192.168.88.246 155.94.161.109 tcp 36
192.168.88.246 204.44.67.83 tcp 431977
192.168.88.246 155.94.161.109 tcp 16
192.168.180.1 204.44.67.83 udp 178
192.168.88.246 204.44.67.83 tcp 27
192.168.88.246 104.223.10.56 tcp 34
192.168.88.246 155.94.161.109 udp 156
192.168.88.249 155.94.161.109 tcp 431989
192.168.88.246 204.44.67.83 tcp 23
192.168.88.246 204.44.67.83 tcp 52
192.168.88.246 104.223.10.56 tcp 19
192.168.88.246 104.223.10.56 tcp 25
192.168.180.33 204.44.67.83 tcp 431999
192.168.88.246 104.223.10.56 tcp 95
192.168.88.246 204.44.67.83 tcp 15
192.168.180.9 155.94.161.109 udp 178
192.168.180.5:36718155.94.161.109:1026udp 178
192.168.88.246 104.223.10.56 tcp 26
192.168.88.246 155.94.161.109 tcp 15
192.168.88.246 104.223.10.56 tcp 22
192.168.172.12 155.94.161.109 udp 13
192.168.88.246 155.94.161.109 tcp 105
192.168.88.246 155.94.161.109 tcp 249
192.168.88.246 104.223.10.56 tcp 16
192.168.88.246 104.223.10.56 tcp 431976
192.168.88.246 204.44.67.83 tcp 117
125.88.219.97 125.88.219.97 icmp0
看看还不错谢谢分享
页:
[1]