Перейти к содержанию

IP-Балансировка


Рекомендуемые сообщения

есть сервер на mint 12 который имеет два канала интернета, и который должен дальше раздавать на свич

Нашел один, как мне показалось, просто способ балансировки двух каналов (Настройка iproute2 : Создать в /etc/iproute2/rt_tables две таблицы для каждого из провайдеров)

С созданием папок, файлов в etc и запуск скрипта с горем пополам одолел, то с тем, что мне выдает скрипт, не могу((((

Может кто подскажет где ошибка

Мой конфиг

#!/bin/sh

################### CONFIG ############

KadyrovLocal#1="/etc/routing/KadyrovLocal#1.list"

### Home Network

l_eth=eth1

l_ip=192.168.1.23

l_net=255.255.255.0

########### Local ISP Network #########

li_net=192.168.1.4

########### ISP1 ######################

i1_eth=eth2

i1_ip=192.168.1.2

i1_net=255.255.255.0

i1_gw=192.168.1.1

########### ISP2 ######################

i2_eth=eth0

i2_ip=192.168.1.4

i2_net=255.255.255.255

i2_gw=192.168.1.1

#########ip route2 tables##############

t1=101

t2=102

#######################################

########### Flushing ##################

iptables -t mangle -F NEW_OUT_CONN

iptables -t mangle -F PREROUTING

iptables -t mangle -F OUTPUT

iptables -t mangle -X NEW_OUT_CONN

ip route flush table $t2

ip rule del table $t2

ip route flush table $t1

ip rule del table $t1

ip route flush cache

#######################################

iptables -t mangle -N NEW_OUT_CONN

iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 1

iptables -t mangle -A NEW_OUT_CONN -m statistic --mode random

--probability 0.50 -j RETURN

iptables -t mangle -A NEW_OUT_CONN -j CONNMARK --set-mark 2

for file in $KadyrovLocal#1; do

if [ -f "$file" ]; then

{ cat "$file" ; echo ; } | while read ip_addr; do

if [ "$ip_addr" != "" ]; then

echo "Статическая маршрутизация для $ip_addr"

iptables -t mangle -A NEW_OUT_CONN -d $ip_addr -j CONNMARK --set-mark 1

fi

done

fi

done

iptables -t mangle -A PREROUTING -d $l_net -j RETURN

iptables -t mangle -A PREROUTING -d $li_net -j RETURN

iptables -t mangle -A PREROUTING -s $l_net -m state --state

new,related -j NEW_OUT_CONN

iptables -t mangle -A PREROUTING -s $l_net -j CONNMARK --restore-mark

iptables -t mangle -A OUTPUT -d $l_net -j RETURN

iptables -t mangle -A OUTPUT -d $li_net -j RETURN

iptables -t mangle -A OUTPUT -s $l_net -m state --state new,related -j

NEW_OUT_CONN

iptables -t mangle -A OUTPUT -s $li_net -j CONNMARK --restore-mark

ip route add $l_net dev $l_eth scope link table $t1

ip route add $i2_net dev $i2_eth scope link table $t1

ip route add $i1_net dev $i1_eth scope link src $i1_ip table $t1

ip route add 127.0.0.0/8 dev lo scope link table $t1

ip route add default via $i1_gw table $t1

ip rule add prio 51 fwmark 1 table $t1

ip rule add from $i1_ip table $t1

ip route add $l_net dev $l_eth scope link table $t2

ip route add $i1_net dev $i1_eth scope link table $t2

ip route add $i2_net dev $i2_eth scope link src $i2_ip table $t2

ip route add 127.0.0.0/8 dev lo scope link table $t2

ip route add default via $i2_gw table $t2

ip rule add prio 52 fwmark 2 table $t2

ip rule add from $i2_ip table $t2

ip route flush cache

И то что мне выдает скрипт

mit@mit-S2V ~ $ sh sclocal

sclocal: 4: KadyrovLocal#1=/etc/routing/KadyrovLocal#1.list: not found

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

Cannot open "/proc/sys/net/ipv4/route/flush"

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

Could not determine whether revision 1 is supported, assuming it is.

FATAL: Error inserting ip_tables

(/lib/modules/3.0.0-12-generic/kernel/net/ipv4/netfilter/ip_ tables.ko):

Operation not permitted

iptables v1.4.10: can't initialize iptables table `mangle': Permission

denied (you must be root)

Perhaps iptables or your kernel needs to be upgraded.

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

RTNETLINK answers: Operation not permitted

Cannot open "/proc/sys/net/ipv4/route/flush"

mit@mit-S2V ~ $

Ссылка на комментарий
Поделиться на другие сайты

с правильным запуском скрипта (root) уже разобрался, но он все рамно продолжает ругаться Sad

что я напутал в переменных скрипта, если у меня

провайдер№1(динамический ip)(eth1) ip 192.168.1.23, маска подсети 255.255.255.0, маршрут по умолчанию 192.168.1.4, DNS 192.168.1.4

провайдер№2 (динамический ip) (eth2) ip 192.168.1.2, маска подсети 255.255.255.0, маршрут по умолчанию 192.168.1.1. DNS 192.168.1.1.

локальная сеть (eth0)

Ссылка на комментарий
Поделиться на другие сайты

Присоединяйтесь к обсуждению

Вы можете написать сейчас и зарегистрироваться позже. Если у вас есть аккаунт, авторизуйтесь, чтобы опубликовать от имени своего аккаунта.

Гость
Ответить в этой теме...

×   Вставлено с форматированием.   Вставить как обычный текст

  Разрешено использовать не более 75 эмодзи.

×   Ваша ссылка была автоматически встроена.   Отображать как обычную ссылку

×   Ваш предыдущий контент был восстановлен.   Очистить редактор

×   Вы не можете вставлять изображения напрямую. Загружайте или вставляйте изображения по ссылке.

Загрузка...
×
×
  • Создать...