开源,几乎代表了无所不能的意思,最近又因为它玩Hi了。。。
因业务发展,需要临时接入300MB的专线和千兆路由器,而公司现有的路由器却是百兆的,出于成本考虑,只能不想更换新的路由器,在网上查了一下可以做Linux路由器,因为是临时的,所以动手做吧。。。
安装系统这事就略过了,直接进入路由器相关配置部分:
一、选择机器
要求不高,双网卡即可,其它根据实际需求配置。
二、网卡设置
编辑文件:/etc/network/interfaces
auto lo
iface lo inet loopback
iface lo inet loopback
# IP只是举例而已,非真实IP
auto eth0
iface eth0 inet static
address 100.100.100.100
gateway 100.100.100.101
netmask 255.255.255.250
auto eth1
iface eth1 inet static
address 10.1.1.1
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
netmask 255.255.255.0
dns-nameservers 10.1.1.1
设置好后保存,重启网卡服务:
sudo /etc/init.d/networking restart
# 或者
sudo service networking restart
# 或者
sudo service networking restart
修改dns,编辑/etc/resolvconf/resolv.conf.d/base和/etc/resolvconf/resolv.conf.d/original
nameserver 8.8.8.8
nameserver 114.114.114.114
nameserver 114.114.114.114
设置完成重启resolvconf服务
sudo /etc/init.d/resolvconf restart
可以通过查看/etc/resolv.conf是否修改成功,如内容如下则成功:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.1.1.1
nameserver 8.8.8.8
nameserver 114.114.114.114
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.1.1.1
nameserver 8.8.8.8
nameserver 114.114.114.114
三、设置路由
查看当前路由:
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 100.100.100.101 0.0.0.0 UG 0 0 0 eth0
10.1.1.0 * 255.255.255.0 U 0 0 0 eth1
$ route del default dev eth1
$ route add default gw 100.100.100.101 dev eth0
$ route add -net 100.100.100.100 netmask 255.255.255.250 dev eth0
$ route add -net 10.1.1.0 netmask 255.255.255.0 dev eth1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 100.100.100.101 0.0.0.0 UG 0 0 0 eth0
10.1.1.0 * 255.255.255.0 U 0 0 0 eth1
100.100.100.100
* 255.255.255.250 U 0 0 0 eth0$ route del default dev eth1
$ route add default gw 100.100.100.101 dev eth0
$ route add -net 100.100.100.100 netmask 255.255.255.250 dev eth0
$ route add -net 10.1.1.0 netmask 255.255.255.0 dev eth1
四、设置IP包转发
$ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
$ sudo vi /etc/sysctl.conf
取消 # net.ipv4.ip_forward = 1 的注释,保存退出
$ sudo iptables -F
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ sudo vi /etc/sysctl.conf
取消 # net.ipv4.ip_forward = 1 的注释,保存退出
$ sudo iptables -F
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
至此,Linux路由的基本功能设置完成,其它更多设置可以参考如下文章: