≡ 分类 ≡
≡ 推荐 ≡
- Jquery+ajax返回的数据类型为script,且含有多个变量
- PHP类使用详解
- jQuery AJAX success 回调中的返回值处理
- PHP解压缩Gzip文件方法总结
- JavaScript Promise 用法详解
- PHP PDO 导出指定表数据(导入前清空表)
- PHP 中使用 try-catch 捕获错误信息
- JavaScript数组求平均值方法总结
- MySQL 5.7 忘记 root 密码解决方法
- HTML 图片异步加载
- 根据某数组,在另一个数组中检索并输出对应值
- 弹出Div右侧边缘与控件右侧对齐
- 分页的时候从url中移除page页码(多种方案)
- PHP函数之htmlspecialchars的用法
- Qt Designer窗体,QScrollArea里label不能完全撑开
- 用vscode搭建原生app开发环境
≡ 热点 ≡
- 用Javascript为图片img添加onclick事件
- 图解Windows Installer制作软件安装包
- 轻型数据库SQLite结合PHP的研发
- 在没有MySQL支持的虚拟主机,在PHP中使用文本数据库
- PHP之glob函数
- DIY服务器硬盘RAID选用
- PHP代码优化及PHP相关问题总结
- Windows操作系统发展历史二
- 用PHP函数解决SQL injection
- ISP如何在网内部署BGP路由协议
- Div+CSS:absolute与relative
- Photoshop CS3:为美女刷出亮白牙齿
- PHP CURL 发送和接收XML数据
- 采集cz88.net免费代理的小程序
- Fireworks打造热力四射手机广告
- 记录搜索蜘蛛爬行记录的Asp代码
H3C 路由器配置:1台服务器做双出口NAT server的配置
作者:未知, 来源:网络, 阅读:148, 发布时间:2014-06-29
这里使用的AR46-20做的实验,所有中低端路由器都可以这样做。
• 用户的server只有一块网卡,要求在AR46-20上e0/0/0接口连接网通,e0/0/1接口连接电信,在两个接口上都要做nat server指向内网的服务器。
• 要实现用户的需求必须要保证在e0/0/0接口进入的访问服务器的外网报文要能从e0/0/0口返回给外网,在e0/0/1接口进入的访问服务器的外网报文要能从e0/0/1口返回给外网。所以在服务器的一块网卡上要配置两个ip地址,在路由器连接服务器的接口上必须要配置策略路由才能实现。具体的配置信息如下:
<NAT>dis ver
Copyright Notice:
All rights reserved (Aug 17 2005).
Without the owner\'s prior written consent, no decompiling
nor reverse-engineering shall be allowed.
Huawei-3Com Versatile Routing Platform Software
VRP(R) software, Version 3.40, Release RT-0013
Copyright (c) 2003-2005 Hangzhou Huawei-3Com Tech. Co.,Ltd. All rights reserved.
Copyright (c) 2000-2003 Huawei Tech. Co.,Ltd. All rights reserved.
Quidway AR46-20 uptime is 0 week, 0 day, 1 hour, 25 minutes
Rpu\'s version information:
Router AR46-20 with 1 PowerPC 750 Processor
256M bytes SDRAM
32M bytes FLASH
512K bytes NVRAM
Pcb Version : RTM1RPUA.2
RPE Logic Version : RPE3.4
SBG Logic Version : 012
Small BootROM Version : 3.07
Big BootROM Version : 5.14
Config Register points to FLASH
[SLOT 0] AUX0 (Hardware)A.2, (Driver)1.0, (Cpld)3.4
[SLOT 0] ETH0 (Hardware)A.2, (Driver)1.0, (Cpld)3.4
[SLOT 0] ETH1 (Hardware)A.2, (Driver)1.0, (Cpld)3.4
[SLOT 1] 2FE (Hardware)2.1, (Driver)2.0, (Cpld)0.0
[SLOT 2] E1VI (Hardware)1.0, (Driver)2.7, (Cpld)1.0
<NAT>dis cur
#
sysname NAT
#
FTP server enable
#
l2tp domain suffix-separator @
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<<"TX$_S#6.NM(0=0\\)*5WWQ=^Q`MAF4<<"TX$_S#6.N
service-type telnet terminal
level 3
service-type ftp
#
controller E1 2/0/0
using e1
#
interface Aux0
async mode flow
#
interface Ethernet0/0/0
ip address 10.0.0.1 255.255.255.0
nat server protocol icmp global 10.0.0.3 inside 192.168.0.2
#
interface Ethernet0/0/1
ip address 20.0.0.1 255.255.255.0
nat server protocol icmp global 20.0.0.3 inside 192.168.1.2
#
interface Ethernet1/0/0
ip address 192.168.0.1 255.255.255.0
ip address 192.168.1.1 255.255.255.0 sub
ip policy route-policy nat
#
interface Ethernet1/0/1
ip address dhcp-alloc
#
interface Serial2/0/0:0
link-protocol ppp
ip address ppp-negotiate
#
interface NULL0
#
acl number 2000
rule 0 permit source 192.168.0.0 0.0.0.255
rule 1 deny
acl number 2001
rule 0 permit source 192.168.1.0 0.0.0.255
rule 1 deny
#
route-policy nat permit node 10
if-match acl 2000
apply ip-address next-hop 10.0.0.2(如果是拨号口,可以写output-interface后跟接口号)
route-policy nat permit node 20
if-match acl 2001
apply ip-address next-hop 20.0.0.2(如果是拨号口,可以写output-interface后跟接口号)
#
ip route-static 0.0.0.0 0.0.0.0 10.0.0.2 preference 60
ip route-static 0.0.0.0 0.0.0.0 20.0.0.2 preference 60
如果是电信网通双出口,可以按照轻轻松松配18手册进行双线路由负载分担的方法进行配置静态路由表。
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
验证一下配置后的效果:
<NAT>t m
% Current terminal monitor is on
<NAT>t d
% Current terminal debugging is on
<NAT>debug ip packet
<NAT>
*0.5124410 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3718, offset = 0, ttl = 255, protocol = 1,
checksum = 55837, s = 200.1.1.1, d = 10.0.0.3
prompt: Receiving IP packet from Ethernet0/0/0
*0.5124750 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3718, offset = 0, ttl = 254, protocol = 1,
checksum = 9334, s = 200.1.1.1, d = 192.168.0.2
prompt: Sending the packet from Ethernet0/0/0 at Ethernet1/0/0
*0.5125110 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8185, offset = 0, ttl = 128, protocol = 1,
checksum = 37123, s = 192.168.0.2, d = 200.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5125450 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8185, offset = 0, ttl = 127, protocol = 1,
checksum = 18603, s = 10.0.0.3, d = 200.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/0
*0.5125800 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3719, offset = 0, ttl = 255, protocol = 1,
checksum = 55836, s = 200.1.1.1, d = 10.0.0.3
prompt: Receiving IP packet from Ethernet0/0/0
*0.5126140 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3719, offset = 0, ttl = 254, protocol = 1,
checksum = 9333, s = 200.1.1.1, d = 192.168.0.2
prompt: Sending the packet from Ethernet0/0/0 at Ethernet1/0/0
*0.5126500 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8186, offset = 0, ttl = 128, protocol = 1,
checksum = 37122, s = 192.168.0.2, d = 200.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5126840 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8186, offset = 0, ttl = 127, protocol = 1,
checksum = 18602, s = 10.0.0.3, d = 200.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/0
*0.5127190 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3720, offset = 0, ttl = 255, protocol = 1,
checksum = 55835, s = 200.1.1.1, d = 10.0.0.3
prompt: Receiving IP packet from Ethernet0/0/0
*0.5127530 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3720, offset = 0, ttl = 254, protocol = 1,
checksum = 9332, s = 200.1.1.1, d = 192.168.0.2
prompt: Sending the packet from Ethernet0/0/0 at Ethernet1/0/0
*0.5127890 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8187, offset = 0, ttl = 128, protocol = 1,
checksum = 37121, s = 192.168.0.2, d = 200.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5128230 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8187, offset = 0, ttl = 127, protocol = 1,
checksum = 18601, s = 10.0.0.3, d = 200.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/0
*0.5128580 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3721, offset = 0, ttl = 255, protocol = 1,
checksum = 55834, s = 200.1.1.1, d = 10.0.0.3
prompt: Receiving IP packet from Ethernet0/0/0
*0.5128920 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3721, offset = 0, ttl = 254, protocol = 1,
checksum = 9331, s = 200.1.1.1, d = 192.168.0.2
prompt: Sending the packet from Ethernet0/0/0 at Ethernet1/0/0
*0.5129280 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8188, offset = 0, ttl = 128, protocol = 1,
checksum = 37120, s = 192.168.0.2, d = 200.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5129620 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8188, offset = 0, ttl = 127, protocol = 1,
checksum = 18600, s = 10.0.0.3, d = 200.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/0
*0.5129970 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3722, offset = 0, ttl = 255, protocol = 1,
checksum = 55833, s = 200.1.1.1, d = 10.0.0.3
prompt: Receiving IP packet from Ethernet0/0/0
*0.5130310 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 3722, offset = 0, ttl = 254, protocol = 1,
checksum = 9330, s = 200.1.1.1, d = 192.168.0.2
prompt: Sending the packet from Ethernet0/0/0 at Ethernet1/0/0
*0.5130670 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8189, offset = 0, ttl = 128, protocol = 1,
checksum = 37119, s = 192.168.0.2, d = 200.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5131010 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8189, offset = 0, ttl = 127, protocol = 1,
checksum = 18599, s = 10.0.0.3, d = 200.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/0
*0.5142230 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54239, offset = 0, ttl = 255, protocol = 1,
checksum = 28356, s = 100.1.1.1, d = 20.0.0.3
prompt: Receiving IP packet from Ethernet0/0/1
*0.5142570 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54239, offset = 0, ttl = 254, protocol = 1,
checksum = 49692, s = 100.1.1.1, d = 192.168.1.2
prompt: Sending the packet from Ethernet0/0/1 at Ethernet1/0/0
*0.5142930 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8190, offset = 0, ttl = 128, protocol = 1,
checksum = 62462, s = 192.168.1.2, d = 100.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5143270 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8190, offset = 0, ttl = 127, protocol = 1,
checksum = 41638, s = 20.0.0.3, d = 100.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/1
*0.5143620 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54240, offset = 0, ttl = 255, protocol = 1,
checksum = 28355, s = 100.1.1.1, d = 20.0.0.3
prompt: Receiving IP packet from Ethernet0/0/1
*0.5143960 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54240, offset = 0, ttl = 254, protocol = 1,
checksum = 49691, s = 100.1.1.1, d = 192.168.1.2
prompt: Sending the packet from Ethernet0/0/1 at Ethernet1/0/0
*0.5144320 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8191, offset = 0, ttl = 128, protocol = 1,
checksum = 62461, s = 192.168.1.2, d = 100.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5144660 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8191, offset = 0, ttl = 127, protocol = 1,
checksum = 41637, s = 20.0.0.3, d = 100.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/1
*0.5145010 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54241, offset = 0, ttl = 255, protocol = 1,
checksum = 28354, s = 100.1.1.1, d = 20.0.0.3
prompt: Receiving IP packet from Ethernet0/0/1
*0.5145350 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54241, offset = 0, ttl = 254, protocol = 1,
checksum = 49690, s = 100.1.1.1, d = 192.168.1.2
prompt: Sending the packet from Ethernet0/0/1 at Ethernet1/0/0
*0.5145710 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8192, offset = 0, ttl = 128, protocol = 1,
checksum = 62460, s = 192.168.1.2, d = 100.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5146050 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8192, offset = 0, ttl = 127, protocol = 1,
checksum = 41636, s = 20.0.0.3, d = 100.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/1
*0.5146400 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54242, offset = 0, ttl = 255, protocol = 1,
checksum = 28353, s = 100.1.1.1, d = 20.0.0.3
prompt: Receiving IP packet from Ethernet0/0/1
*0.5146740 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54242, offset = 0, ttl = 254, protocol = 1,
checksum = 49689, s = 100.1.1.1, d = 192.168.1.2
prompt: Sending the packet from Ethernet0/0/1 at Ethernet1/0/0
*0.5147100 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8193, offset = 0, ttl = 128, protocol = 1,
checksum = 62459, s = 192.168.1.2, d = 100.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5147440 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8193, offset = 0, ttl = 127, protocol = 1,
checksum = 41635, s = 20.0.0.3, d = 100.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/1
*0.5147790 NAT IP/8/debug_case:
Receiving, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54243, offset = 0, ttl = 255, protocol = 1,
checksum = 28352, s = 100.1.1.1, d = 20.0.0.3
prompt: Receiving IP packet from Ethernet0/0/1
*0.5148130 NAT IP/8/debug_case:
Sending, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 54243, offset = 0, ttl = 254, protocol = 1,
checksum = 49688, s = 100.1.1.1, d = 192.168.1.2
prompt: Sending the packet from Ethernet0/0/1 at Ethernet1/0/0
*0.5148490 NAT IP/8/debug_case:
Receiving, interface = Ethernet1/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8194, offset = 0, ttl = 128, protocol = 1,
checksum = 62458, s = 192.168.1.2, d = 100.1.1.1
prompt: Receiving IP packet from Ethernet1/0/0
*0.5148830 NAT IP/8/debug_case:
Sending, interface = Ethernet0/0/1, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 8194, offset = 0, ttl = 127, protocol = 1,
checksum = 41634, s = 20.0.0.3, d = 100.1.1.1
prompt: Sending the packet from Ethernet1/0/0 at Ethernet0/0/1
<NAT>undo de all
All possible debugging has been turned off
注意:策略路由是优先于静态路由的,H3C的中低端路由器都是弱策略路由,也就是说当策略路由和静态路由都存在的时候,先匹配策略路由,当策略路由的下一跳不可达或出接口DOWN了的时候,才会匹配到静态路由上来。静态路由的匹配顺序:先看目的网段的掩码,目的网段的掩码最长的那一条静态路由,会被优先匹配转发,当目的掩码都一致的时候,会比较优先级,优先级小的会被优先匹配转发。
举例:
第一条:ip route-static 100.0.0.1 255.255.0.0 10.0.0.2 preference 60
第二条:ip route-static 100.0.0.1 255.255.255.0 20.0.0.2 preference 60
这两条静态路由,会优先匹配第二条静态路由,因为有3个255比第一条2个255的掩码更长一些,所以会悠闲匹配第二条路由。这个时候不会再去比较优先级了,因为已经分出胜负。
再举例:
第一条:ip route-static 0.0.0.0 0.0.0.0 10.0.0.2 preference 60
第二条:ip route-static 0.0.0.0 0.0.0.0 20.0.0.2 preference 80
这两条静态路由,会优先匹配第一条静态路由,因为目的掩码都是一致的,都是0.0.0.0的,这个时候无法分出胜负,要比较后边的优先级,60比80小,所以第一条静态路由胜出,被优先选择匹配转发。
最后举例:
第一条:ip route-static 0.0.0.0 0.0.0.0 10.0.0.2 preference 60
第二条:ip route-static 0.0.0.0 0.0.0.0 20.0.0.2 preference 60
这两条静态路由,会同时进行匹配转发,有可能一个包被分成两份,从两个出接口被发出去,可以负载分担,但因为回来的报文没有被平均的分配负载分担转发回来,所以会出现断线,无法上网的现象,也就是说,这种静态路由,报文是被平均分配后转发出去了,但因为对端运营商的设备没有配置平均分配负载分担的回程路由,导致断线,无法上网的现象。数据报文的负载分担是需要两端都进行平均分配转发的。以下是用户评论查看全部评论