关于400台主机的网吧如何安排双线路合并带宽的问题

romant

本网吧有400台机器，有两个电信100m线路，两个固定的ip，两个附送的固定ip，一共四个ip，分别为：218.90.159.xx1218.90.159.xx2218.90.159.xx3218.90.159.xx4现在想用两条线路，两个固定ip做带宽的合并，不知道如何实现？并且如果划分vlan的话需要如何配置可以使两个ip段连通，尽量不要用路由的转发功能，最好能实现的情况下达到双100m线路的最大化利用，避免网络风暴的产生！不胜感激！

romant

难道没有人知道吗？

jk0wg

用一条100M的线路就足够用了.. 我用C800    SD 128M   2*8139    10M电信光纤.Redhat9做NAT带200台网吧客户机都还绰绰有余!!  速度也不慢..  你的100M如果机器配置好点.. 带1000台客户机没问题.. 除非是你的带宽不是真正100M 或者是水分太大   你真要用两条的话.. 就只有使用负载均衡来做了.. 这个我也没做过.. 但是复杂了点...

liusimin

记得以前的帖子有讲请参见ROUTEROS专区的多线路负载均衡和数据分流技术

jk0wg

QUOTE (liusimin @ Jan 10 2005, 07:36 PM)
记得以前的帖子有讲请参见ROUTEROS专区的多线路负载均衡和数据分流技术   
  除了ROUTEROS外.. 别的还有做多线路负载均衡和数据分流的吗???LINUX也可以.. 但是实施起来复杂.. 头大晕`~~~

samhui

可以的，不过很难！要很多时间去试！

jk0wg

有多难啊??  我这里三条WAN线.. 固定IP   想用一台LINUX来做负载均衡..  要怎么实施??

心想事成

QUOTE (jk0wg @ Jan 14 2005, 05:22 PM)
  有多难啊??  我这里三条WAN线.. 固定IP   想用一台LINUX来做负载均衡..  要怎么实施??  
  用freebsd5.3来做很简单的．

jk0wg

QUOTE (wsgtrsys @ Jan 14 2005, 08:13 PM)


QUOTE (jk0wg @ Jan 14 2005, 05:22 PM)
  有多难啊???我这里三条WAN线.. 固定IP? 想用一台LINUX来做负载均衡..?要怎么实施??
用freebsd5.3来做很简单的．
能说具体一点吗??  我是看在LINUX兼容性好.freeBSD兼容性问题.. 所以没考虑用它

心想事成

你先将freebsd5.3按mini方式安装好.并安装好cvsup,下载最新的系统核心源代码.因为要支持负载平衡的话,必须重新编译内核.我一会儿回去把内核的配置文件发一份给你.其实负载平衡在openbsd3.5前用PF就可以实现了,但是我为什么推荐用freebsd5.3呢.因为freebsd5.3有很多的新特性.如支持polling,也就是轮询,相当于linux中的napi.内核使用了抢先式的调度器.最重要的是将openbsd的pf包过滤器合并到了内核之中.PF支持做认证网关.支持流量altq队列流量控制.实现的命令很简单.例 :我想保证a IP的带宽保证在全部带宽的30%,b IP占用70%,而且可以设置当a 没有流量的时候,b可以借用a的带宽.用PF可以轻易做到.不过话又说回来,pf的过滤功能没有iptables强大.不能做到对ftp连接动态跟踪.让pf支持ftp是采用一种巧妙的笨办法.另:单线路多ip做负载平衡是没有实用价值的.负载平衡应当在多线路之间做.

jk0wg

freeBSD5.3我已经下了.. 我都没用过,, 只用过LINUX  ,听你说的好像还是复杂...不过相信在你的指导下应该没问题了`~     (mini)最小化安装freeBSD就行了吗??   用以下的配置行吗？C 800MSD 128M PC10040G 72008139*3(虽然有三条WAN线路，但我用两条。另一条带一台独立的服务器，所以用3块网卡)所带客户机：200台一台二层的中心交换机

心想事成

freebsd 5.3的新内核配置文件：

CODE
machine  i386cpu  I586_CPUcpu  I686_CPUident  GENERICdevice      pfdevice      pflogdevice      pfsyncoptions     ALTQoptions     ALTQ_CBQ# To statically compile in device wiring instead of /boot/device.hintsoptions  PANIC_REBOOT_WAIT_TIME=0 #内核异常时立即重起options  DEVICE_POLLING          #改善网络响应时间options  HZ=1000          #man 4 pollingoptions  IPSTEALTH  #支持秘密IP转发#options  RANDOM_IP_ID  #随机IP ID  阻止信息泄漏options  TCP_DROP_SYNFIN  #抛弃SYN+FIN包，阻止检测服务器options  SCHED_4BSD  # 4BSD scheduleroptions  INET          # InterNETworkingoptions  FFS          # Berkeley Fast Filesystemoptions  SOFTUPDATES  # Enable FFS soft updates supportoptions  MD_ROOT          # MD is a potential root deviceoptions  PROCFS          # Process filesystem (requires PSEUDOFS)options  PSEUDOFS  # Pseudo-filesystem frameworkoptions  COMPAT_43  # Compatible with BSD 4.3 [KEEP THIS!]options  SYSVSHM          # SYSV-style shared memoryoptions  SYSVMSG          # SYSV-style message queuesoptions  SYSVSEM          # SYSV-style semaphoresoptions  _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensionsoptions  KBD_INSTALL_CDEV        # install a CDEV entry in /devdevice  apic  # I/O APIC# Bus support.  Do not remove isa, even if you have no isa slotsdevice  isadevice  pci# ATA and ATAPI devicesdevice  atadevice  atadisk  # ATA disk drivesoptions  ATA_STATIC_ID        # Static device numbering# SCSI peripheralsdevice  scbus  # SCSI bus (required for SCSI)device  da  # Direct Access (disks)# atkbdc0 controls both the keyboard and the PS/2 mousedevice  atkbdc  # AT keyboard controllerdevice  atkbd  # AT keyboarddevice  vga  # VGA video card driverdevice  splash  # Splash screen and screen saver support# syscons is the default console driver, resembling an SCO consoledevice  sc# Floating point support - do not disable.device  npx# Serial (COM) portsdevice  sio  # 8250, 16[45]50 based serial ports# PCI Ethernet NICs.device  de  # DEC/Intel DC21x4x (``Tulip'')device  em  # Intel PRO/1000 adapter Gigabit Ethernet Carddevice  ixgb  # Intel PRO/10GbE Ethernet Carddevice  txp  # 3Com 3cR990 (``Typhoon'')device  vx  # 3Com 3c590, 3c595 (``Vortex'')# PCI Ethernet NICs that use the common MII bus controller code.# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!device  miibus  # MII bus supportdevice  bfe  # Broadcom BCM440x 10/100 Ethernetdevice  bge  # Broadcom BCM570xx Gigabit Ethernetdevice  dc  # DEC/Intel 21143 and various workalikesdevice  fxp  # Intel EtherExpress PRO/100B (82557, 82558)device  lge  # Level 1 LXT1001 gigabit ethernetdevice  nge  # NatSemi DP83820 gigabit ethernetdevice  pcn  # AMD Am79C97x PCI 10/100 (precedence over 'lnc')device  re  # RealTek 8139C+/8169/8169S/8110Sdevice  rl  # RealTek 8129/8139device  sf  # Adaptec AIC-6915 (``Starfire'')device  sis  # Silicon Integrated Systems SiS 900/SiS 7016device  sk  # SysKonnect SK-984x & SK-982x gigabit Ethernetdevice  ste  # Sundance ST201 (D-Link DFE-550TX)device  ti  # Alteon Networks Tigon I/II gigabit Ethernetdevice  tl  # Texas Instruments ThunderLANdevice  tx  # SMC EtherPower II (83c170 ``EPIC'')device  vge  # VIA VT612x gigabit ethernetdevice  vr  # VIA Rhine, Rhine IIdevice  wb  # Winbond W89C840Fdevice  xl  # 3Com 3c90x (``Boomerang'', ``Cyclone'')# ISA Ethernet NICs.  pccard NICs included.device  cs  # Crystal Semiconductor CS89x0 NIC# 'device ed' requires 'device miibus'device  ed  # NE[12]000, SMC Ultra, 3c503, DS8390 cardsdevice  ex  # Intel EtherExpress Pro/10 and Pro/10+device  ep  # Etherlink III based cardsdevice  fe  # Fujitsu MB8696x based cardsdevice  ie  # EtherExpress 8/16, 3C507, StarLAN 10 etc.device  lnc  # NE2100, NE32-VL Lance Ethernet cardsdevice  sn  # SMC's 9000 series of Ethernet chipsdevice  xe  # Xircom pccard Ethernet# ISA devices that use the old ISA shims#device  le# Pseudo devices.device  loop  # Network loopbackdevice  mem  # Memory and kernel memory devicesdevice  io  # I/O devicedevice  random  # Entropy devicedevice  ether  # Ethernet supportdevice  ppp  # Kernel PPPdevice  tun  # Packet tunnel.device  pty  # Pseudo-ttys (telnet etc)device  md  # Memory "disks"device  gif  # IPv6 and IPv4 tunneling# The `bpf' device enables the Berkeley Packet Filter.# Be aware of the administrative consequences of enabling this!device  bpf  # Berkeley packet filter# USB supportdevice  uhci  # UHCI PCI->USB interfacedevice  ohci  # OHCI PCI->USB interfacedevice  usb  # USB Bus (required)device  ugen  # Genericdevice  ukbd  # Keyboarddevice  umass  # Disks/Mass storage - Requires scbus and dadevice  ums  # Mouseoptions         NETGRAPH                #netgraph(4) systemoptions         NETGRAPH_ETHERoptions         NETGRAPH_PPPOEoptions         NETGRAPH_SOCKETdevice            vlan  # IEEE 802.1Q VLAN Support

jk0wg

用你的这个内核就行了吗??  NAT方面要怎么设置呢??

心想事成

/etc/pf.conf配置：

CODE
lan_net = "192.168.0.0/24"int_if  = "dc0"ext_if1 = "fxp0"ext_if2 = "fxp1"ext_gw1 = "68.146.224.1"ext_gw2 = "142.59.76.1"#  nat outgoing connections on each internet interfacenat on $ext_if1 from $lan_net to any -> ($ext_if1)nat on $ext_if2 from $lan_net to any -> ($ext_if2)#  default denyblock in  from any to anyblock out from any to any#  pass all outgoing packets on internal interfacepass out on $int_if from any to $lan_net#  pass in quick any packets destined for the gateway itselfpass in quick on $int_if from $lan_net to $int_if#  load balance outgoing tcp traffic from internal network. pass in on $int_if route-to \    { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \    proto tcp from $lan_net to any flags S/SA modulate state#  load balance outgoing udp and icmp traffic from internal networkpass in on $int_if route-to \    { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \    proto { udp, icmp } from $lan_net to any keep state#  general "pass out" rules for external interfacespass out on $ext_if1 proto tcp from any to any flags S/SA modulate statepass out on $ext_if1 proto { udp, icmp } from any to any keep statepass out on $ext_if2 proto tcp from any to any flags S/SA modulate statepass out on $ext_if2 proto { udp, icmp } from any to any keep state#  route packets from any IPs on $ext_if1 to $ext_gw1 and the same for#  $ext_if2 and $ext_gw2pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any

心想事成

根据你自己的情况，主要更改lan_net = "192.168.0.0/24"int_if  = "dc0"ext_if1 = "fxp0"ext_if2 = "fxp1"ext_gw1 = "68.146.224.1"ext_gw2 = "142.59.76.1"这一段的设置，就行了．你再看看这篇文章，http://freebsd.ntut.idv.tw/document/freebsd_pf_nat.html照着配置就行了．