Linux高级（策略）路由使用方法

最新推荐文章于 2024-08-22 15:10:07 发布

中下游国外我

最新推荐文章于 2024-08-22 15:10:07 发布

阅读量3.5k

点赞数

文章标签： linux route Routing

本文链接：https://blog.csdn.net/zxygww/article/details/48026271

版权

1、Linux 高级路由功能需要如下支持：

a) Kernel space：配置CONFIG_IP_ADVANCED_ROUTER

配置路径：在linux内核中运行make menuconfig，按照路径Networking support ---> Networking options --->TCP/IP networking-->IP: advanced router，

选中IP: advanced router，并使用配置“Choose IP: FIB lookup algorithm (choose FIB_HASH if unsure) (FIB_HASH)”。

b) User space：使用iproute2package

该包提供如下shell配置命令：ip rule, ip route, ip addr等，使用方法如下：

Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddr | mroute | mrule | monitor | xfrm |
netns | l2tp }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-f[amily] { inet | inet6 | ipx | dnet | link } |
-l[oops] { maximum-addr-flush-attempts } |
-o[neline] | -t[imestamp] | -b[atch] [filename] |
-rc[vbuf] [size]}

2、配置策略路由

a) 在配置文件：/etc/iproute2/rt_tables中添加编号为102和103的路由表，分别命名为ippool1和ippool2。（名字可自定义）

#
# reserved values
#
255     local
254     main
253     default
102     ippool1
103     ippool2
0       unspec
#
# local
#
#1      inr.ruhep

b) 向自定义路由表中添加规则（使用ip route）

Usage: ip route { list | flush } SELECTOR
       ip route save SELECTOR
       ip route restore
       ip route get ADDRESS [ from ADDRESS iif STRING ]
                            [ oif STRING ]  [ tos TOS ]
                            [ mark NUMBER ]
       ip route { add | del | change | append | replace } ROUTE
SELECTOR := [ root PREFIX ] [ match PREFIX ] [ exact PREFIX ]
            [ table TABLE_ID ] [ proto RTPROTO ]
            [ type TYPE ] [ scope SCOPE ]
ROUTE := NODE_SPEC [ INFO_SPEC ]
NODE_SPEC := [ TYPE ] PREFIX [ tos TOS ]
             [ table TABLE_ID ] [ proto RTPROTO ]
             [ scope SCOPE ] [ metric METRIC ]
INFO_SPEC := NH OPTIONS FLAGS [ nexthop NH ]...
NH := [ via ADDRESS ] [ dev STRING ] [ weight NUMBER ] NHFLAGS
OPTIONS := FLAGS [ mtu NUMBER ] [ advmss NUMBER ]
           [ rtt TIME ] [ rttvar TIME ] [reordering NUMBER ]
           [ window NUMBER] [ cwnd NUMBER ] [ initcwnd NUMBER ]
           [ ssthresh NUMBER ] [ realms REALM ] [ src ADDRESS ]
           [ rto_min TIME ] [ hoplimit NUMBER ] [ initrwnd NUMBER ]
TYPE := [ unicast | local | broadcast | multicast | throw |
          unreachable | prohibit | blackhole | nat ]
TABLE_ID := [ local | main | default | all | NUMBER ]
SCOPE := [ host | link | global | NUMBER ]
MP_ALGO := { rr | drr | random | wrandom }
NHFLAGS := [ onlink | pervasive ]
RTPROTO := [ kernel | boot | static | NUMBER ]
TIME := NUMBER[s|ms]

ip route add 192.168.1.111/32 dev eth12 table ippool1添加到指定接口的主机路由

ip route add 192.168.2.0/24 dev eth12 table ippool1添加到指定接口的网络路由

ip route add 192.168.3.6/32 via 192.168.3.100 dev ath3.0 table ippool1添加到指定网关和接口的主机路由

ip route add 0.0.0.0 dev ath3.0 table ippool1 添加该路由表的默认路由

c) 添加路由表的使用策略（使用ip rule）

Usage: ip rule [ list | add | del | flush ] SELECTOR ACTION
SELECTOR := [ not ] [ from PREFIX ] [ to PREFIX ] [ tos TOS ] [ fwmark FWMARK[/MASK] ]
            [ iif STRING ] [ oif STRING ] [ pref NUMBER ]
ACTION := [ table TABLE_ID ]
          [ prohibit | reject | unreachable ]
          [ realms [SRCREALM/]DSTREALM ]
          [ goto NUMBER ]
TABLE_ID := [ local | main | default | NUMBER ]

ip rule add from 192.168.1.0/24 table ippool1

ip rule add from 192.168.3.110/32 table ippool1

ip rule add to192.168.3.200/32 table ippool1

ip rule add fwmark 0x10 table ippool1

ip rule add iif eth1 table ippool1

完成配置工作。