Aida estou com problemas. Minha configuração está assim. eth0: link de entrada 1 eth1: link de entrada 2 eth2: link da minha rede interna
Eu quero balancear o minha entrada 1 e 2 com minha eth2 Se eu der um ping esta tudo ok nas duas interfaces de entrada. ping www.uol.com.br -I eth0 ping www.uol.com.br -I eth1 Quando eu tento navegar ou pingar na rede 192.168.0, nada.... # bash -x router.sh + ipt=iptables + LINK1_WAN_INTERFACE=200.235.0.1 + LINK2_WAN_INTERFACE=200.195.0.1 + LINK1_WAN_IP=192.168.0.1 + LINK2_WAN_IP=192.168.0.1 + iptables -P INPUT ACCEPT + iptables -P FORWARD ACCEPT + iptables -P OUTPUT ACCEPT + iptables -F + iptables -X + iptables -t nat -F + iptables -t nat -X + iptables -t mangle -F + iptables -t mangle -X + ip route add default via 192.168.6.1 table link1 + ip route add default via 200.195.95.97 table link2 + ip rule add fwmark 1 table link1 + ip rule add fwmark 2 table link2 + iptables -t mangle -A PREROUTING -m state --state new -j MARK --set-mark 2 + iptables -t mangle -A PREROUTING -m state --state new -m statistic --mode random --probability 0.5 -j MARK --set-mark 1 + iptables -t nat -A POSTROUTING -o 200.235.0.1 -j SNAT --to 192.168.0.1 + iptables -t nat -A POSTROUTING -o 200.195.0.1 -j SNAT --to 192.168.0.1 #!/bin/bash #-------------------------------------------------------------- ipt=iptables LINK1_WAN_INTERFACE=200.235.0.1 LINK2_WAN_INTERFACE=200.195.0.1 LINK1_WAN_IP=192.168.0.1 LINK2_WAN_IP=192.168.0.1 #-------------------------------------------------------------- $ipt -P INPUT ACCEPT $ipt -P FORWARD ACCEPT $ipt -P OUTPUT ACCEPT #-------------------------------------------------------------- $ipt -F $ipt -X $ipt -t nat -F $ipt -t nat -X $ipt -t mangle -F $ipt -t mangle -X #-------------------------------------------------------------- ip route add default via 200.235.0.1 table link1 ip route add default via 200.195.0.1 table link2 #-------------------------------------------------------------- ip rule add fwmark 1 table link1 ip rule add fwmark 2 table link2 #-------------------------------------------------------------- $ipt -t mangle -A PREROUTING -m state --state new -j MARK --set-mark 2 $ipt -t mangle -A PREROUTING -m state --state new -m statistic --mode random --probability 0.5 -j MARK --set-mark 1 #-------------------------------------------------------------- $ipt -t nat -A POSTROUTING -o $LINK1_WAN_INTERFACE -j SNAT --to $LINK1_WAN_IP $ipt -t nat -A POSTROUTING -o $LINK2_WAN_INTERFACE -j SNAT --to $LINK2_WAN_IP Em 17 de outubro de 2012 14:31, Gabriel Ricardo <[email protected]>escreveu: > no começo do script tem que declarar elas, não são do sistema essa... > > LINK1_WAN_IP="seu_ip"; > > e assim com o resto... > > Atenciosamente, > *Gabriel Ricardo.* > www.tinotapa.com.br > > > > Em 17 de outubro de 2012 11:05, Márcio Erli <[email protected]>escreveu: > > As variáveis: *200 link1 *e* 201 link2* estão declaradas em >> /etc/iproute2/rt_tables. >> Já as variáveis *$LINK1_WAN_INTERFACE *e* $LINK1_WAN_IP* Não estão >> declaradas em lugar algum. Como proceder com estas duas? >> >> >> >> Em 16 de outubro de 2012 17:29, Gabriel Ricardo >> <[email protected]>escreveu: >> >> ele não está passando as variaveis corretamente. >>> >>> onde você seta essas variaveis? >>> >>> Atenciosamente, >>> *Gabriel Ricardo.* >>> www.tinotapa.com.br >>> >>> >>> >>> Em 16 de outubro de 2012 17:23, Márcio Erli <[email protected]>escreveu: >>> >>> # bash -x ./router.sh >>>> + ip route add default via 192.168.6.1 table link1 >>>> RTNETLINK answers: File exists >>>> + ip route add default via 192.168.5.1 table link2 >>>> RTNETLINK answers: No such process >>>> + ip rule add fwmark 1 table link1 >>>> + ip rule add fwmark 2 table link2 >>>> + iptables -t mangle -A PREROUTING -j MARK --set-mark 1 >>>> + iptables -t mangle -A PREROUTING -m state --state new -j MARK >>>> --set-mark 2 >>>> + iptables -t mangle -A PREROUTING -m state --state new -m statistic >>>> --mode random --probability 0,5 -j MARK --set-mark 1 >>>> + iptables -t nat -A POSTROUTING -o -j SNAT --to >>>> Bad argument `SNAT' >>>> Try `iptables -h' or 'iptables --help' for more information. >>>> + iptables -t nat -A POSTROUTING -o -j SNAT --to >>>> Bad argument `SNAT' >>>> Try `iptables -h' or 'iptables --help' for more information. >>>> + echo 'Script carregado com sucesso...' >>>> Script carregado com sucesso... >>>> >>>> >>>> Em 16 de outubro de 2012 17:03, Gabriel Ricardo >>>> <[email protected]>escreveu: >>>> >>>> execute o script com bash -x para saber onde extamente está ocorrendo o >>>>> erro. >>>>> >>>>> Atenciosamente, >>>>> *Gabriel Ricardo.* >>>>> www.tinotapa.com.br >>>>> >>>>> >>>>> >>>>> Em 16 de outubro de 2012 16:56, Márcio Erli >>>>> <[email protected]>escreveu: >>>>> >>>>> Sempre que executo o script a baixo, me retorna o seguinte erro. >>>>>> *Bad argument `SNAT'* >>>>>> *Try `iptables -h' or `iptables --help' for more information* >>>>>> >>>>>> #!/bin/bash >>>>>> ip route add default via 200.235.xx.xx table link1 >>>>>> ip route add default via 200.195.xx.xx table link2 >>>>>> ip rule add fwmark 1 table link1 >>>>>> ip rule add fwmark 2 table link2 >>>>>> iptables -t mangle -A PREROUTING -j MARK --set-mark 1 >>>>>> iptables -t mangle -A PREROUTING -m state --state new -j MARK >>>>>> --set-mark 2 >>>>>> iptables -t mangle -A PREROUTING -m state --state new -m statistic >>>>>> --mode random --probability 0,5 -j MARK --set-mark 1 >>>>>> iptables -t nat -A POSTROUTING -o $LINK1_WAN_INTERFACE -j SNAT --to >>>>>> $LINK1_WAN_IP >>>>>> iptables -t nat -A POSTROUTING -o $LINK2_WAN_INTERFACE -j SNAT --to >>>>>> $LINK2_WAN_IP >>>>>> >>>>>> Em 16 de outubro de 2012 10:10, paulo bruck >>>>>> <[email protected]>escreveu: >>>>>> >>>>>> Bom dia >>>>>>> >>>>>>> Em 16 de outubro de 2012 09:45, Márcio Erli >>>>>>> <[email protected]>escreveu: >>>>>>> >>>>>>> Quando executo o comando a baixo da o seguinte erro: bad argument >>>>>>>> `snat`. Alguém sabe como resolver isso? >>>>>>>> >>>>>>>> # iptables -t nat -A POSTROUTING -o $LINK1_WAN_INTERFACE -j SNAT >>>>>>>> –to $LINK1_WAN_IP >>>>>>>> >>>>>>>> >>>>>>> humm não seria >>>>>>> iptables -t nat -A POSTROUTING -o $LINK1_WAN_INTERFACE -j SNAT --to >>>>>>> $LINK1_WAN_IP >>>>>>> >>>>>>> ( - - to : com dois sinais de "-" ???) >>>>>>> >>>>>>> verifique tambem se existem as variaveis LINK1_WAN_INTERFACE e >>>>>>> >>>>>>> Basta fazer um echo antes assim: >>>>>>> >>>>>>> echo $LINK1_WAN_INTERFACE >>>>>>> echo $LINK1_WAN_IP >>>>>>> >>>>>>> ats >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Estou tentando implementar a solução de balanceamento de carga >>>>>>>> deste link >>>>>>>> http://www.diegolima.org/wordpress/?p=38 >>>>>>>> >>>>>>>> -- >>>>>>>> Atenciosamente, >>>>>>>> Márcio Erli >>>>>>>> Programador de Sist. de Computadores >>>>>>>> Analista de Redes >>>>>>>> E-Mail: [email protected] >>>>>>>> Site: www.marcioerli.com.br >>>>>>>> MSN: [email protected] >>>>>>>> Skype: merlipaula >>>>>>>> Telefone: (31) 8864-4917 >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Atenciosamente, >>>>>> Márcio Erli >>>>>> Programador de Sist. de Computadores >>>>>> Analista de Redes >>>>>> E-Mail: [email protected] >>>>>> Site: www.marcioerli.com.br >>>>>> MSN: [email protected] >>>>>> Skype: merlipaula >>>>>> Telefone: (31) 8864-4917 >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Atenciosamente, >>>> Márcio Erli >>>> Programador de Sist. de Computadores >>>> Analista de Redes >>>> E-Mail: [email protected] >>>> Site: www.marcioerli.com.br >>>> MSN: [email protected] >>>> Skype: merlipaula >>>> Telefone: (31) 8864-4917 >>>> >>> >>> >> >> >> -- >> Atenciosamente, >> Márcio Erli >> Programador de Sist. de Computadores >> Analista de Redes >> E-Mail: [email protected] >> Site: www.marcioerli.com.br >> MSN: [email protected] >> Skype: merlipaula >> Telefone: (31) 8864-4917 >> > > -- Atenciosamente, Márcio Erli Programador de Sist. de Computadores Analista de Redes E-Mail: [email protected] Site: www.marcioerli.com.br MSN: [email protected] Skype: merlipaula Telefone: (31) 8864-4917
