×ðÁú¿­Ê±

ÔõÑùÔÚLinuxÉÏÉèÖø߿ÉÓõÄNATÍø¹Ø

ÔõÑùÔÚlinuxÉÏÉèÖø߿ÉÓõÄnatÍø¹Ø

ͻ񻣼

ÍøÂçµØµãת»»£¨NAT£©ÊÇÒ»ÖÖ³£ÓõÄÍøÂçÊÖÒÕ£¬ÓÃÓÚ½«Ë½ÓÐÍøÂçµÄIPµØµãת»»Îª¹«¹²ÍøÂçµÄIPµØµã ¡£ÔÚLinuxϵͳÉÏ£¬ÉèÖø߿ÉÓõÄNATÍø¹Ø¿ÉÒÔÌá¸ßÍøÂçµÄ¿ÉÓÃÐԺͿɿ¿ÐÔ ¡£±¾ÎĽ«ÏÈÈÝÔõÑùʹÓÃKeepalivedºÍiptables¹¤¾ß£¬ÔÚLinuxÉÏÉèÖø߿ÉÓõÄNATÍø¹Ø ¡£

Òªº¦´Ê£ºNAT¡¢¸ß¿ÉÓá¢Keepalived¡¢iptables

СÐò£º

ÔÚÏÖ´úµÄÍøÂçÇéÐÎÖУ¬ÍøÂçµÄ¿ÉÓÃÐԺͿɿ¿ÐÔÊǺÜÊÇÖ÷ÒªµÄ ¡£ÎªÁËʵÏÖ´ËÄ¿µÄ£¬ÉèÖø߿ÉÓõÄNATÍø¹ØºÜÊÇÒªº¦ ¡£¸ß¿ÉÓõÄNATÍø¹Ø¿ÉÒÔÔÚÖ÷±¸Ä£Ê½ÏÂÊÂÇ飬ÒÔÈ·±£µ±Ö÷»ú±¬·¢¹ÊÕÏʱ£¬±¸ÓÃÍø¹ØÄܹ»×Ô¶¯½ÓÊÜÊÂÇ飬²¢¼á³ÖÍøÂç¼ÌÐøÔËÐÐ ¡£

°ì·¨1£º×°ÖúÍÉèÖÃKeepalived

1.1 ×°ÖÃKeepalivedÈí¼þ°ü£º

ÔÚÖÕ¶ËÖÐÔËÐÐÒÔÏÂÏÂÁî×°ÖÃKeepalivedÈí¼þ°ü£º

sudo apt-get install keepalived

1.2 ÉèÖÃKeepalived£º

½øÈëKeepalivedµÄÉèÖÃÎļþĿ¼£¬²¢½¨ÉèÒ»¸öÃûΪkeepalived.confµÄÉèÖÃÎļþ ¡£Ê¹ÓÃÒÔÏÂʾÀýÉèÖã¬Æ¾Ö¤ÏÖÕæÏàÐξÙÐÐÐ޸ģº

global_defs {

router_id NatRouter

}

vrrp_script check_nat_gateway {

script “pidof keepalived”

interval 2

weight -1

}

vrrp_instance NatGateway {

state MASTER

interface eth0

virtual_router_id 1

priority 100

advert_int 1

authentication {

  auth_type PASS
  auth_pass YourPasswordHere

µÇ¼ºó¸´ÖÆ

}

virtual_ipaddress {

  192.168.1.1/24

µÇ¼ºó¸´ÖÆ

}

track_script {

  check_nat_gateway

µÇ¼ºó¸´ÖÆ

}

}

ÉúÑIJ¢Í˳öÉèÖÃÎļþ ¡£

°ì·¨2£ºÉèÖÃiptables

ΪÁËʵÏָ߿ÉÓõÄNATÍø¹Ø£¬ÎÒÃÇ»¹ÐèÒªÉèÖÃiptables£¬Ê¹Æä¿ÉÒÔ׼ȷת·¢ºÍ´¦Öóͷ£ÍøÂçÁ÷Á¿ ¡£

2.1 ÆôÓÃIPת·¢£º

·­¿ª/etc/sysctl.confÎļþ£¬²¢ÕÒµ½ÒÔÏÂÐУº

net.ipv4.ip_forward=1

×÷·Ï×¢Ê͸ÃÐУ¬Ê¹Æä±äΪ£º

net.ipv4.ip_forward=1

ÉúÑIJ¢Í˳öÎļþ ¡£È»ºó£¬ÔÚÖÕ¶ËÖÐÔËÐÐÒÔÏÂÏÂÁîʹÐÞ¸ÄÉúЧ£º

sudo sysctl -p

2.2 ÉèÖÃiptables£º

ÔÚÖÕ¶ËÖÐÔËÐÐÒÔÏÂÏÂÁîÉèÖÃiptables£º

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

ÉúÑÄiptables¹æÔò£¬²¢½«ÆäдÈ볤ÆÚÐÔ¹æÔòÎļþ£¬Ê¹ÆäÔÚϵͳÖØÐÂÆô¶¯Ê±ÉúЧ£º

sudo iptables-save | sudo tee /etc/iptables/rules.v4

°ì·¨3£ºÆô¶¯ºÍ²âÊԸ߿ÉÓõÄNATÍø¹Ø

3.1 Æô¶¯KeepalivedЧÀÍ£º

ÔÚÖÕ¶ËÖÐÔËÐÐÒÔÏÂÏÂÁîÆô¶¯KeepalivedЧÀÍ£º

sudo service keepalived start

3.2 ²âÊԸ߿ÉÓÃÐÔ£º

ͨ¹ýpingÏÂÁî²âÊԸ߿ÉÓõÄNATÍø¹Ø ¡£´ÓÁíһ̨ÅÌËã»úpingÐéÄâIPµØµã£¨192.168.1.1£©£¬ÈôÊÇÍøÂçÕý³££¬Ôò±¸·ÝÍø¹ØÒÑ׼ȷ½ÓÊÜ ¡£

½áÂÛ£º

ͨ¹ýʹÓÃKeepalivedºÍiptables£¬ÎÒÃÇ¿ÉÒÔÔÚLinuxϵͳÉÏÉèÖø߿ÉÓõÄNATÍø¹Ø ¡£ÕâÖÖÉèÖ÷½·¨È·±£Á˵±Ö÷Íø¹Ø±¬·¢¹ÊÕÏʱ£¬±¸·ÝÍø¹ØÄܹ»×Ô¶¯½ÓÊÜÊÂÇ飬´Ó¶øÌá¸ßÍøÂçµÄ¿ÉÓÃÐԺͿɿ¿ÐÔ ¡£

²Î¿¼ÎÄÏ×£º

“How To Set Up a High Availability Rolling Update NAT Gateway with Keepalived and HAproxy on Ubuntu 14.04 | DigitalOcean” (https://www.digitalocean.com/community/tutorials/how-to-set-up-a-high-availability-rolling-update-nat-gateway-with-keepalived-and-haproxy-on-ubuntu-14-04)

ÒÔÉϾÍÊÇÔõÑùÔÚLinuxÉÏÉèÖø߿ÉÓõÄNATÍø¹ØµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí£¬°æȨÕùÒéÓë±¾Õ¾Î޹أ¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±ÂËÓÍ»úÍø¹Ù·½Ì¬¶È£¬Çë¶ÁÕß½ö×ö²Î¿¼ ¡£±¾ÎĽӴýתÔØ£¬×ªÔØÇë˵Ã÷À´ÓÉ ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢£¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢£¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±ÊµÊ±ÐÞÕý»òɾ³ý ¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎ壬9:30-18:30£¬½ÚãåÈÕÐÝÏ¢

QR code
¡¾ÍøÕ¾µØͼ¡¿¡¾sitemap¡¿