NET转换--动态/静态/overload/tcp负载均衡

 NET转换--动态/静态/overload/tcp负载均衡

 

 

 

server---(f2/1.0)R1(s1/0)-----(s1/0)R2(f0/0)-------client

 

Router1 S1/0 <----> Router2 S1/0 

Router1 F2/0 <----> XPC P0/0 

Router1 F2/1 <----> XPC P0/1 

Router2 F0/0 <----> XPC P0/2 

 

@@@@@@@@@@@@@@@@@@@@@@

实验环境的搭建@@@@@@@@@

@@@@@@@@@@@@@@@@@@@@@@

 

#######################################

LINUX DNS 服务器搭建(基于centos5.5)####

#######################################

 

yum -y install caching-nameserver* bind-chroot* bind-utils

 

cd /var/named/chroot/etc/

 

cp -p named.caching-nameserver.conf named.conf

 

vi name.conf

 

修改下列：port53 后面字段为 any

-------------------------------

listen-on port 53 { any; };

 

 allow-query     { any; };

 

match-clients      { any; };

match-destinations { any; };

include "/etc/named.zones";

----------------------------------

:wq

 

保存推出

 

cp -p named.rfc1912.zones named.zones

 

vi named.zones

 

添加正向解析区域：

--------------------------------

zone "test.com" IN {

        type master;

        file "test";

        allow-update { none; };

};

----------------------------------

:wq

 

保存退出

 

cd../var/named

 

cp named.zero test -p

 

vi test

 

修改为以下内容：

 

----------------------------------------------------------------

$TTL    86400

@               IN SOA  dns.test.com.      root.test.com. (

                                        42              ; serial (d. adams)

                                        3H              ; refresh

                                        15M             ; retry

                                        1W              ; expiry

                                        1D )            ; minimum

        IN      NS      dns.test.com.

dns     IN      A       201.0.0.2

www     IN      A       201.0.0.21

------------------------------------------------------------------

 

 

vi /etc/resolv.conf

 

添加以下内容：

---------------------------

nameserver 201.0.0.2

---------------------------

 

/etc/init.d/named restart

 

nslookup www.test.com

 

出现以下内容：

-------------------------------

Server:         201.0.0.2

Address:        201.0.0.2#53

 

Name:   www.test.com

Address: 201.0.0.22

--------------------------------

即为成功

 

 

##################################

LINUX WEB服务器搭建####

###################################

 

cd /etc/sysconfig/network-scripts/

cp ifcfg-eth0 ifcfg-eth0:1

cp ifcfg-eth0 ifcfg-eth0:2

 

vi ifcfg-eth0:1

修改DEVICE和IPADDR值

---------------------------

DEVICE=eth0:1

IPADDR=202.0.0.21

--------------------------

 

vi ifcfg-eth0:2

--------------------------

DEVICE=eth0:2

IPADDR=202.0.0.22

--------------------------

 

/etc/init.d/network restart

 

 

yum -y install httpd*

 

vi /etc/httpd/conf/httpd.conf

添加以下内容：

-----------------------

<VirtualHost 201.0.0.20:80>

    DocumentRoot /www/20

</VirtualHost>

<VirtualHost 201.0.0.21:80>

    DocumentRoot /www/21

</VirtualHost>

<VirtualHost 201.0.0.22:80>

    DocumentRoot /www/22

</VirtualHost>

-----------------------

 

mkdir /var/www/20

mkdir /var/www/21

mkdir /var/www/22

 

chmod 777  -R /var/www/201

chmod 777 -R /var/www/202

chmod 777 -R /var/www/203

 

 cp /var/www/manual/index.html ../20/

 cp /var/www/manual/index.html ../21/

 cp /var/www/manual/index.html ../22/

 

 

 

 

 

 

 

#################################

router普通配置############################

#################################

对于R1：

-----------------------------------------

en

conf t

host R1

no ip domain-lookup

ip classless

ip subnet-zero

 

int s1/0

ip addr 61.0.0.1 255.255.255.0

no shu

 

int f2/0

ip addr 201.0.0.1 255.255.255.0

no shu

 

router rip

version 2

net 201.0.0.0

net 61.0.0.0

end

sh ip rou

------------------------------------------

对于R2：

-------------------------------------------

en

conf t

host R2

no ip domain-lookup

ip classless

ip subnet-zero

 

int s1/0

ip addr 61.0.0.2 255.255.255.0

no shut

 

int f0/0

ip addr 192.168.1.1 255.255.255.0

no shut

exit

 

router rip

version 2

net 61.0.0.0

end

sh ip rou

-------------------------------------------

 

 

 

server里面增加默认网关201.0.0.1:

-----------------------------------

route add default gw 201.0.0.1

-----------------------------------

 

 

 

****************************

静态SNAT配置********************

*****************************

对于R2:

----------------

en

conf t

ip nat inside source static 192.168.1.1 61.0.0.11

 

ip nat inside source static 192.168.1.2 61.0.0.22

 

ip nat inside source static 192.168.1.3 61.0.0.33

 

int f0/0

ip nat inside 

in s1/0

ip nat outside

end

 

sh ip nat translations

--------------

**************************

动态SNAT配置******************

**************************

 

对于R2:

 

-----------

en

conf t

access-list 11 permit 192.168.1.0 0.0.0.255

ip nat pool poolnat1 61.0.0.40 61.0.0.50 netmask 255.255.255.0

 

ip nat inside source list 11 pool poolnat1

 

int f0/0

ip nat inside

 

int s1/0

ip nat outside

 

------------

此时在192.168.1.2机器上ping 201.0.0.20机器,

在R2：

 

sh ip nat trans

 

即可看到：

----------------------------------

R2#sh ip nat translations 

Pro Inside global      Inside local       Outside local      Outside global

--- 61.0.0.40          192.168.1.2        ---                ---

----------------------------------

在未ping之前，命令未输出结果为空，证明为动态NAT

 

*****************************

动态NAT超载配置******************

************************************************

configuring inside global address overloading*

************************************************

只需匹配acl和pool的时候结尾加上overload即可

 

对于R2：

-----------------

en

conf t

access-list 11 permit 192.168.1.0 0.0.0.255

ip nat pool poolnat1 61.0.0.40 61.0.0.50 netmask 255.255.255.0

 

ip nat inside source list 11 pool poolnat1 overload

 

int f0/0

ip nat inside

 

int s1/0

ip nat outside

---------------

 

***************************

PAT的配置**************

***************************

PAT--外网只有一个IP，基于端口的。

----只需在pool里指定ip段为一个ip到同一个ip

----然后声明overload即可

 

对于R2：

---------------

en

conf t

access-list 11 permit 192.168.1.0 0.0.0.255

ip nat pool poolnat1 61.0.0.40 61.0.0.40 netmask 255.255.255.0

 

ip nat inside source list 11 pool poolnat1

 

int f0/0

ip nat inside

 

int s1/0

ip nat outside

----------------

 

 

################################

configuring TCP load destribution##########

tcp 负载均衡配置######################

#################################

 

-------------------------------------------------

1，定义一个标准ACL

2，定义nat pool，声明循环使用type rotary

3，关联ACL和nat pool

4，相应接口上声明inside或者outside

--------------------------------------------------

 

对于R1:

 

access-list 11 permit host 201.0.0.2

ip nat pool real-serv 201.0.0.20 201.0.0.21 201.0.0.22 perfix-length 24 type rotary

ip nat inside destination list 11 pool real-serv

 

int s1/0

ip nat outside

 

int f2/0

ip nat  inside

 

end

sh ip nat tran

 

 

#################################

####################

###############

#####################

####################################

##################

#################

#################

##############

################

################################

##################

##################

#######################

#############################

##################

################

######################

###################################

转载于:https://blog.51cto.com/wugai/674082