已閱讀過的文件slaroute mapeembind9實(shí)現(xiàn)負(fù)載均衡_第1頁
已閱讀過的文件slaroute mapeembind9實(shí)現(xiàn)負(fù)載均衡_第2頁
已閱讀過的文件slaroute mapeembind9實(shí)現(xiàn)負(fù)載均衡_第3頁
已閱讀5頁,還剩5頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

1、SLA+ROUTE-MAP+EEM+BIND9 實(shí)現(xiàn)真正負(fù)載均衡測(cè)試時(shí)間:2010-2-21.1 網(wǎng)絡(luò)拓?fù)鋱D:218.108.10.20202.192.100.32202.107.22.10/29router1124.150.32.34/29192.168.1.1/24DNS192.168.1.2/24WEB192.168.1.0/24192.168.1.10/24192.168.1.11/241.2 地址分配1.3 任務(wù)1、內(nèi)部用戶互聯(lián)網(wǎng)時(shí),網(wǎng)通流量通過網(wǎng)通線路進(jìn)行,電信流量設(shè)備名稱接口名稱IP 地址Router1F0/0124.150.32.34/29F0/1202.107.22.10/2

2、9F1/0192.168.1.1/24設(shè)備名稱內(nèi)部 IP 地址IP 地址WEB 服務(wù)器192.168.1.10124.150.32.35192.168.1.11202.107.22.11DNS 服務(wù)器192.168.1.2124.150.32.36192.168.1.3202.107.22.12通過電信線路進(jìn)行,其它流量通過電信線路進(jìn)行;當(dāng)網(wǎng)通鏈路出現(xiàn)故障時(shí),將所有流量遷移至電信鏈路。當(dāng)電信鏈路出現(xiàn)故障時(shí),將所有流量遷移至網(wǎng)通鏈路。2、網(wǎng)通用戶通過網(wǎng)通線路WEB 服務(wù)器,電信用戶通過電信線路訪問 WEB 服務(wù)器。當(dāng)網(wǎng)通鏈路出現(xiàn)故障時(shí),則所有用戶通過電信鏈路進(jìn)行,當(dāng)電信鏈路出現(xiàn)故障時(shí),則所有用戶

3、通過網(wǎng)通鏈路進(jìn)行訪問。1.4 實(shí)現(xiàn)思路1、內(nèi)部互聯(lián)網(wǎng)流量實(shí)現(xiàn)雙 ISP 負(fù)載均衡及冗余備份,通過采用SLA+ROUTE-MAP 即可實(shí)現(xiàn);2、互聯(lián)網(wǎng)用戶對(duì)外提供的服務(wù)器業(yè)務(wù),實(shí)現(xiàn)雙 ISP 負(fù)載均衡及冗余備份,需要內(nèi)部建立一個(gè) DNS 服務(wù)器,通過 BIND9 的 view 功能,實(shí)現(xiàn)對(duì)網(wǎng)通和電問服務(wù)器地址的。另外通過 SLA+EEM,實(shí)現(xiàn)對(duì)當(dāng)鏈路DNS 業(yè)務(wù)源地址為私有地址,而 DNS 服務(wù)器故障時(shí),將所有根據(jù)這私有地址來相應(yīng)的服務(wù)器地址。1.5 內(nèi)部ip cef互聯(lián)網(wǎng)流量負(fù)載分擔(dān)配置!/SLA 鏈路檢測(cè)配置ip sla monitor 10type echo protocol ipIcmp

4、Echo 124.150.32.33 source-interface FastEthernet0/0ip sla monitor schedule 10 start-time nowip sla monitor 20type echo protocol ipIcmpEcho 202.107.22.9 source-interface FastEthernet0/1ip sla monitor schedule 20 start-time now!track 1 rtr 10 reachability!第 2 頁,共 10 頁track 2 rtr 20 reachability!/接口配置i

5、nterface FastEthernet0/0ip address 124.150.32.34 255.255.255.248ip nat outside!interface FastEthernet0/1ip address 202.107.22.10 255.255.255.248ip nat outside!interface FastEthernet1/0ip address 192.168.1.1 255.255.255.0ip nat inside!/靜態(tài)路由配置ip route 0.0.0.0 0.0.0.0 124.150.32.33 50 track 1/默認(rèn)路由,優(yōu)先級(jí)為

6、 50。ip route 218.108.0.0 255.255.0.0 124.150.32.33 track 1不一一寫列出。/網(wǎng)通地址段,網(wǎng)上可以搜到。這里ip route 0.0.0.0 0.0.0.0 202.107.22.9 10 track 2/默認(rèn)情況下,其它 ISP 的地址段,通過電信線路。ip route 202.192.0.0 255.255.0.0 202.107.22.9 track 2/電信地址段,同樣在網(wǎng)上可以搜到。!/內(nèi)部互聯(lián)網(wǎng)根據(jù) route-map 做 PAT。ip nat inside source route-map cnc interface Fast

7、Ethernet0/0 overloadip nat inside source route-map telecom interface FastEthernet0/1 overload!access-list 100 permit ip 192.168.1.0 0.0.0.255 any!/配置 route-map。第 3 頁,共 10 頁route-map telecom permit 10match ip address 100match interface FastEthernet0/1!route-map cnc permit 10match ip address 100match

8、interface FastEthernet0/0!1.6互聯(lián)網(wǎng)對(duì)外服務(wù)器負(fù)載均衡配置/互聯(lián)網(wǎng)DNS 服務(wù)器時(shí),配置內(nèi)部 IP 地址池ip nat pool cnc_dns 192.168.10.1 192.168.10.250 netmask 255.255.255.0ip nat pool telecom_dns 192.168.20.1 192.168.20.250 netmask 255.255.255.0!/WEB 服務(wù)器配置兩個(gè)內(nèi)部 IP 地址,分別一個(gè)網(wǎng)通地址和一個(gè)電信地址。ip nat inside source static 192.168.1.10 124.150.32.3

9、5ip nat inside source static 192.168.1.11 202.107.22.11!/DNS 服務(wù)器同樣配置兩個(gè)內(nèi)部 IP 地址,分別一個(gè)網(wǎng)通地址和一個(gè)電信地址。ip nat inside source static 192.168.1.2 124.150.32.36ip nat inside source static 192.168.1.3 202.107.22.12!/將互聯(lián)網(wǎng)DNS 時(shí),轉(zhuǎn)換為內(nèi)部 IP 地址。ip nat outside source list cnc pool cnc_dnsip nat outside source list telec

10、om pool telecom_dns!ip access-list extended cncdenyip any anypermit ip any host 124.150.32.36ip access-list extended telecom第 4 頁,共 10 頁denyip any anypermit ip any host 202.107.22.12!/配置 EEM,當(dāng)網(wǎng)通鏈路斷開時(shí)和恢復(fù)時(shí)作相應(yīng)調(diào)整。event manager applet cnc_link_downevent syslog pattern rtr 10 reachability Up-Downaction 1.

11、1 syslog msg cnc link is downaction 2 cli command enableaction 2.1 cli command config taction 2.2 cli command ip access-list extended telecomaction 2.3 cli command no 5action 2.4 cli command ip route 192.168.20.0 255.255.255.0 202.107.22.9action 3 syslog msg cnc link is down,traffic transfer to tele

12、com linkevent manager applet cnc_link_upevent syslog pattern rtr 10 reachability Down-Upaction 1.1 syslog msg cnc link is upaction 2 cli command enableaction 2.1 cli command config taction 2.2 cli command ip access-list extended telecomaction 2.3 cli command 5 deny ip any anyaction 2.4 cli command n

13、o ip route 192.168.20.0 255.255.255.0 202.107.22.9action 2.5 cli command endaction 2.6 cli command clear ip nat translation *action 3 syslog msg cnc link is recovery/配置 EEM,當(dāng)電信鏈路斷開時(shí)和恢復(fù)時(shí)作相應(yīng)調(diào)整。event manager applet telecom_link_downevent syslog pattern rtr 20 reachability Up-Downaction 1.1 syslog msg t

14、elecom link is downaction 2 cli command enableaction 2.1 cli command config t第 5 頁,共 10 頁action 2.2 cli command ip access-list extended cncaction 2.3 cli command no 5action 2.4 cli command ip route 192.168.10.0 255.255.255.0 124.150.32.33action 3 syslog msg telecom link is down,traffic transfer to c

15、nc linkevent manager applet telecom_link_upevent syslog pattern rtr 20 reachability Down-Upaction 1.1 syslog msg telecom link is upaction 2 cli command enableaction 2.1 cli command config taction 2.2 cli command ip access-list extended cncaction 2.3 cli command 5 deny ip any anyaction 2.4 cli comman

16、d no ip route 192.168.10.0 255.255.255.0 124.150.32.33action 2.5 cli command endaction 2.6 cli command clear ip nat translation *action 3 syslog msg telecom link is recovery1.7設(shè)備詳細(xì)配置ip cef!ip sla monitor 10type echo protocol ipIcmpEcho 124.150.32.33 source-interface FastEthernet0/0timeout 1000freque

17、ncy 5ip sla monitor schedule 10 start-time now!ip sla monitor 20type echo protocol ipIcmpEcho 202.107.22.9 source-interface FastEthernet0/1timeout 1000frequency 5ip sla monitor schedule 20 start-time now第 6 頁,共 10 頁!track 1 rtr 10 reachability!track 2 rtr 20 reachability!interface FastEthernet0/0ip

18、address 124.150.32.34 255.255.255.248ip nat outside!interface FastEthernet0/1ip address 202.107.22.10 255.255.255.248ip nat outside!interface FastEthernet1/0ip address 192.168.1.1 255.255.255.0ip nat inside!ip route 0.0.0.0 0.0.0.0 124.150.32.33 50 track 1ip route 218.108.0.0 255.255.0.0 124.150.32.

19、33 track 1ip route 0.0.0.0 0.0.0.0 202.107.22.9 10 track 2ip route 202.192.0.0 255.255.0.0 202.107.22.9 track 2!ip nat pool cnc_dns 192.168.10.1 192.168.10.250 netmask 255.255.255.0ip nat pool telecom_dns 192.168.20.1 192.168.20.250 netmask 255.255.255.0ip nat inside source route-map cnc interface F

20、astEthernet0/0 overloadip nat inside source route-map telecom interface FastEthernet0/1 overloadip nat inside source static 192.168.1.2 124.150.32.36ip nat inside source static 192.168.1.3 202.107.22.12ip nat outside source list cnc pool cnc_dnsip nat outside source list telecom pool telecom_dns第 7

21、頁,共 10 頁!ip access-list extended cncdenyip any anypermit ip any host 124.150.32.36ip access-list extended telecomdenyip any anypermit ip any host 202.107.22.12!access-list 1 permit 124.150.32.33access-list 2 permit 202.107.22.9access-list 100 permit ip 192.168.1.0 0.0.0.255 any!route-map telecom per

22、mit 10match ip address 100match interface FastEthernet0/1!route-map cnc permit 10match ip address 100match interface FastEthernet0/0!event manager applet cnc_link_downevent syslog pattern rtr 10 reachability Up-Downaction 1.1 syslog msg cnc link is downaction 2 cli command enableaction 2.1 cli comma

23、nd config taction 2.2 cli command ip access-list extended telecomaction 2.3 cli command no 5action 2.4 cli command ip route 192.168.20.0 255.255.255.0 202.107.22.9action 3 syslog msg cnc link is down,traffic transfer to telecom link第 8 頁,共 10 頁event manager applet cnc_link_upevent syslog pattern rtr

24、 10 reachability Down-Upaction 1.1 syslog msg cnc link is upaction 2 cli command enableaction 2.1 cli command config taction 2.2 cli command ip access-list extended telecomaction 2.3 cli command 5 deny ip any anyaction 2.4 cli command no ip route 192.168.20.0 255.255.255.0 202.107.22.9action 2.5 cli command endaction 2.6 cli command clear ip nat translation *action 3 syslog msg cnc link is recoveryevent manager applet telecom_link_downevent syslog pattern rtr 20 reachability Up-Downaction 1.1 syslog msg telecom link is downaction

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

最新文檔

評(píng)論

0/150

提交評(píng)論