Jump to content
Sign in to follow this  
sat12

IP-Балансировка

Recommended Posts

есть сервер на mint 12 который имеет два канала интернета, и который должен дальше раздавать на свич

Нашел один, как мне показалось, просто способ балансировки двух каналов (Настройка iproute2 : Создать в /etc/iproute2/rt_tables две таблицы для каждого из провайдеров)

С созданием папок, файлов в etc и запуск скрипта с горем пополам одолел, то с тем, что мне выдает скрипт, не могу((((

Может кто подскажет где ошибка

Мой конфиг

#!/bin/sh

################### CONFIG ############

KadyrovLocal#1="/etc/routing/KadyrovLocal#1.list"

### Home Network

l_eth=eth1

l_ip=192.168.1.23

l_net=255.255.255.0

########### Local ISP Network #########

li_net=192.168.1.4

########### ISP1 ######################

i1_eth=eth2

i1_ip=192.168.1.2

i1_net=255.255.255.0

i1_gw=192.168.1.1

########### ISP2 ######################

i2_eth=eth0

i2_ip=192.168.1.4

i2_net=255.255.255.255

i2_gw=192.168.1.1

#########ip route2 tables##############

t1=101

t2=102

#######################################

########### Flushing ##################

iptables -t mangle -F NEW_OUT_CONN

iptables -t mangle -F PREROUTING

iptables -t mangle -F OUTPUT

iptables -t mangle -X NEW_OUT_CONN

ip route flush table $t2

ip rule del table $t2

ip route flush table $t1

ip rule del table $t1

ip route flush cache

#######################################

iptables -t mangle -N NEW_OUT_CONN

iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 1

iptables -t mangle -A NEW_OUT_CONN -m statistic --mode random

--probability 0.50 -j RETURN

iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 2

for file in $KadyrovLocal#1; do

if [ -f "$file" ]; then

{ cat "$file" ; echo ; } | while read ip_addr; do

if [ "$ip_addr" != "" ]; then

echo "Статическая маршрутизация для $ip_addr"

iptables -t mangle -A NEW_OUT_CONN -d $ip_addr -j CONNMARK --set-mark 1

fi

done

fi

done

iptables -t mangle -A PREROUTING -d $l_net -j RETURN

iptables -t mangle -A PREROUTING -d $li_net -j RETURN

iptables -t mangle -A PREROUTING -s $l_net -m state --state

new,related -j NEW_OUT_CONN

iptables -t mangle -A PREROUTING -s $l_net -j CONNMARK --restore-mark

iptables -t mangle -A OUTPUT -d $l_net -j RETURN

iptables -t mangle -A OUTPUT -d $li_net -j RETURN

iptables -t mangle -A OUTPUT -s $l_net -m state --state new,related -j

NEW_OUT_CONN

iptables -t mangle -A OUTPUT -s $li_net -j CONNMARK --restore-mark

ip route add $l_net dev $l_eth scope link table $t1

ip route add $i2_net dev $i2_eth scope link table $t1

ip route add $i1_net dev $i1_eth scope link src $i1_ip table $t1

ip route add 127.0.0.0/8 dev lo scope link table $t1

ip route add default via $i1_gw table $t1

ip rule add prio 51 fwmark 1 table $t1

ip rule add from $i1_ip table $t1

ip route add $l_net dev $l_eth scope link table $t2

ip route add $i1_net dev $i1_eth scope link table $t2

ip route add $i2_net dev $i2_eth scope link src $i2_ip table $t2

ip route add 127.0.0.0/8 dev lo scope link table $t2

ip route add default via $i2_gw table $t2

ip rule add prio 52 fwmark 2 table $t2

ip rule add from $i2_ip table $t2

ip route flush cache

И то что мне выдает скрипт

mit@mit-S2V ~ $ sh sclocal

sclocal: 4: KadyrovLocal#1=/etc/routing/KadyrovLocal#1.list: not found

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

Cannot open "/proc/sys/net/ipv4/route/flush"

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

Cannot open "/proc/sys/net/ipv4/route/flush"

mit@mit-S2V ~ $

Share this post


Link to post
Share on other sites

с правильным запуском скрипта (root) уже разобрался, но он все рамно продолжает ругаться Sad

что я напутал в переменных скрипта, если у меня

провайдер№1(динамический ip)(eth1) ip 192.168.1.23, маска подсети 255.255.255.0, маршрут по умолчанию 192.168.1.4, DNS 192.168.1.4

провайдер№2 (динамический ip) (eth2) ip 192.168.1.2, маска подсети 255.255.255.0, маршрут по умолчанию 192.168.1.1. DNS 192.168.1.1.

локальная сеть (eth0)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...