Headlines News :
Home » , » load balancing di linux box

load balancing di linux box

Written By Unknown on Sunday, March 6, 2011 | 4:31 PM

Linux box pake 3 NIC / kartu jaringan / LAN Card :

eth0 nyambung ke ISP (misal “TELENET”) pake kabel

eth1 nyambung ke ISP ADSL (misal “SKYNET”) (pake modem eksternal)

eth2 nyambung ke LAN (misal “INTERN”).

———— MAIN ROUTING TABLE ———–

# ip route show table main

192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.254

192.168.254.0/24 dev eth1 proto kernel scope link src 192.168.254.2

81.82.0.0/19 dev eth0 proto kernel scope link src 81.82.x.x

default via 81.82.0.1 dev eth0

———— EXTRA ROUTING TABLE———–

# ip route show table 4

192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.254

192.168.254.0/24 dev eth1 proto kernel scope link src 192.168.254.2

81.82.0.0/19 dev eth0 proto kernel scope link src 81.82.x.x

default via 192.168.254.1 dev eth1

———– ROUTING RULES ———–

# ip rule show

0: from all lookup 255

32764: from 192.168.254.1 lookup 4

32765: from all fwmark 0×4 lookup 4

32766: from all lookup main

32767: from all lookup default

More…

———- FIREWALL (rules) SCRIPT (partial) ———-

IPTABLES=/sbin/iptables

TELENET=”eth0″

SKYNET=”eth1″

INTERN=”eth2″

INTNET=”192.168.0.0/24″

$IPTABLES -F

$IPTABLES -F -t nat

$IPTABLES -F -t mangle

$IPTABLES -A INPUT -i lo -s 127.0.0.1/8 -d 0.0.0.0/0 -j ACCEPT

$IPTABLES -A OUTPUT -o lo -s 127.0.0.1/8 -d 0.0.0.0/0 -j ACCEPT

$IPTABLES -A INPUT -i $TELENET -s 0.0.0.0/0 -d $TELENETIP -m state –state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A INPUT -i $SKYNET -s 0.0.0.0/0 -d $SKYNETIP -m state –state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A OUTPUT -o $TELENET -s $TELENETIP -d 0.0.0.0/0 -j ACCEPT

$IPTABLES -A OUTPUT -o $SKYNET -s $SKYNETIP -d 0.0.0.0/0 -j ACCEPT

$IPTABLES -A INPUT -i $INTERN -s $INTNET -d 0.0.0.0/0 -j ACCEPT

$IPTABLES -A OUTPUT -o $INTERN -s $INTERNIP -d $INTNET -j ACCEPT

$IPTABLES -t mangle -A PREROUTING -s $SERVER1IP -p tcp -m tcp –sport 443 -j MARK –set-mark 0×4

$IPTABLES -t mangle -A PREROUTING -s $SERVER1IP -p tcp -m tcp –sport 444 -j MARK –set-mark 0×4

$IPTABLES -t mangle -A PREROUTING -s $SERVER1IP -p tcp -m tcp –sport 1723 -j MARK –set-mark 0×4

$IPTABLES -t mangle -A PREROUTING -s $SERVER1IP -p tcp -m tcp –sport 4125 -j MARK –set-mark 0×4

$IPTABLES -t nat -A PREROUTING -d $SKYNETIP -p tcp -m tcp –dport 443 -m state –state NEW,RELATED,ESTABLISHED -j DNAT –to-destination $SERVER1IP:443

$IPTABLES -t nat -A PREROUTING -d $SKYNETIP -p tcp -m tcp –dport 444 -m state –state NEW,RELATED,ESTABLISHED -j DNAT –to-destination $SERVER1IP:444

$IPTABLES -t nat -A PREROUTING -d $SKYNETIP -p tcp -m tcp –dport 1723 -m state –state NEW,RELATED,ESTABLISHED -j DNAT –to-destination $SERVER1IP:1723

$IPTABLES -t nat -A PREROUTING -d $SKYNETIP -p tcp -m tcp –dport 4125 -m state –state NEW,RELATED,ESTABLISHED -j DNAT –to-destination $SERVER1IP:4125

$IPTABLES -t nat -A POSTROUTING -o $TELENET -j SNAT –to-source $TELENETIP

$IPTABLES -t nat -A POSTROUTING -o $SKYNET -j SNAT –to-source $SKYNETIP

$IPTABLES -A INPUT -d $SKYNETIP -i $SKYNET -p tcp -m tcp –sport 1024:65535 –dport 443 -m state –state NEW,ESTABLISHED -j ACCEPT

$IPTABLES -A INPUT -d $SKYNETIP -i $SKYNET -p tcp -m tcp –sport 1024:65535 –dport 444 -m state –state NEW,ESTABLISHED -j ACCEPT

$IPTABLES -A INPUT -d $SKYNETIP -i $SKYNET -p tcp -m tcp –sport 1024:65535 –dport 1723 -m state –state NEW,ESTABLISHED -j ACCEPT

$IPTABLES -A INPUT -d $SKYNETIP -i $SKYNET -p tcp -m tcp –sport 1024:65535 –dport 4125 -m state –state NEW,ESTABLISHED -j ACCEPT

$IPTABLES -A FORWARD -d $INTNET -j ACCEPT

$IPTABLES -A FORWARD -s $INTNET -j ACCEPT

$IPTABLES -A FORWARD -i $SKYNET -o $INTERN -p tcp -m tcp –dport 443 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -A FORWARD -i $SKYNET -o $INTERN -p tcp -m tcp –dport 444 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -A FORWARD -i $SKYNET -o $INTERN -p tcp -m tcp –dport 1723 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -A FORWARD -i $SKYNET -o $INTERN -p tcp -m tcp –dport 4125 -m state –state NEW,RELATED,ESTABLISHED -j ACCEPT

$IPTABLES -P FORWARD DROP

$IPTABLES -P INPUT DROP

$IPTABLES -P OUTPUT DROP

$IPTABLES -A FORWARD -d $INTNET -j ACCEPT

$IPTABLES -A FORWARD -s $INTNET -j ACCEPT

2 ISP 1 LAN

biar nge-cache di google ato search engine lainnya

* load balancing 2 ISP
* load balancing multiple ISP link
* http://www.lartc.org/howto/lartc.rpdb.multiple-links.html Load balancing LARTC

contohnya

Berikut ini file konfigurasi:

1. /etc/iproute2/rt_tables
2. loadbalancing.sh

—- /etc/iproute2/rt_tables —-
#
# reserved values
#
#255 local
#254 main
#253 default
#0 unspec
#
# local
#
#1 inr.ruhep
# ADSL1
10 T1
# ADSL2
20 T2

— loadbalancing.sh —-

#!/bin/sh

# Parameter

IF0=eth0
P0_NET=192.168.0.0/24

# Koneksi ke modem adsl (brige mode) via ppp0
IF1=ppp0
IP1=125.164.255.xxx
P1=125.164.255.1
P1_NET=125.164.255.0/24

# Koneksi ke modem adsl (router mode) via eth2
IF2=eth2
IP2=192.168.11.250
P2=192.168.11.200
P2_NET=192.168.11.0/24

ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2

ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2

ip route add default via $P1

ip rule add from $IP1 table T1
ip rule add from $IP2 table T2

ip route add $P0_NET dev $IF0 table T1
ip route add $P2_NET dev $IF2 table T1
ip route add 127.0.0.0/8 dev lo table T1
ip route add $P0_NET dev $IF0 table T2
ip route add $P1_NET dev $IF1 table T2
ip route add 127.0.0.0/8 dev lo table T2

ip route add default scope global nexthop via $P1 dev $IF1 weight 1 \
nexthop via $P2 dev $IF2 weight 1
Share this post :

Post a Comment

 
Copyright © 2011. COMASTNET - All Rights Reserved