Linux makes a functional router two

zhaozj2021-02-11  243

Linux makes a functional router two

Linuxaid.com.cn

Wing

Back to〗 Forward〗

Gated configuration galed support RIP, OSPF, IS-IS and other routing protocols. We focus on the configuration method of the RIP protocol, and other protocols can be configured to make similar configurations for the protocol itself and then refer to the associated help document. First modify the / etc / sysconfig / network file so that forward_ipv4 = yes. Then create a file named galed.conf in the / etc / directory, which is the configuration information that needs to be filled in. Configuration syntax RIP protocol is as follows: rip yes | no | on | off [{broadcast; nobroadcast; nocheckzero; preference preference; defaultmetric metric; query authentication [none | [[simple | md5] password]]; interface interface_list [noripin] | [ripin] [Noripout] | [RIPOUT] [METRICIN Metric] [METRICOUT METRIC] [Version 1] | [Version 2 [Multicast | Broadcast]] [[Secondary] Authentication [NONE | [[Simple | MD5] Password]; TrustedgateWays Gateway_List; traceOptions trace_options;}]; The above configuration syntax is used to start or disable the RIP protocol operation and set some of the parameters of the RIP protocol. The meaning of each parameter is as follows: Broadcast indicates that the RIP packet will be broadcast. This is useful when broadcast static routing or RIP routing items generated by other protocols. Nobroadcast indicates that the RIP packet is not broadcast on the interface. Nocheckzero indicates that RIP does not process the reserved domain in the RIP packet. Usually RIP will refuse to retain the domain for non-zero packets. Preference Preference Sets the preference of RIP routes, the default is 100, which can be overridden by other given policies. Metric Metric Definition When using the RIP advertisement by other routing protocols, the metric is used. Its default is 16 (not arriving). Query Authentication [NONE | [[Simple | MD5] Password]]; Set the authentication password. The default is no need to authenticate. Interface interface_list is set for a particular interface. The parameters that can be available are as follows: noripin specifies the RIP packets received by the interface. Ripin This is the default parameter. In contrast to Noripin. Noripout is issued without a RIP packet on the interface specified. The default is to send a RIP packet in all broadcast and non-broadcast interfaces. Ripout is the default. Contrary to the meaning of Noripout. Metricin Metric Specifies the scale (metric) that is added before the newly added routing table is added to the kernel routing table. The default is 1. Metricout Metric Specifies the value of the scale to the scale before RIP emitted through a specific interface. The default is 0. Version 1 Specifies the grouping of the first version of the RIP protocol. The default is this. Version 2 Sends a second version of the RIP protocol group in the specified interface. If IP multicast can be used, the default sends a full second version of the packet, and if multicast is not supported, use the second version of the RIP group compatible with the first version. Multicast indicates that the second version of the RIP packet on a particular interface uses multicast.

Broadcast indicates that broadcasting the second version of the second version of the first version is transmitted to the first version of the second version of the RIP packet, even if the interface supports multicast. [Secondary] Authentication [NONE | [Simple | MD5] Password] Defines how the identity authentication is. Only useful to the second version of the RIP protocol. By default, there is no authentication. TrustedGateWays Gateway_list Defines the gateway for RIP receiving RIP update packets. Gateway_list is a list of simple host names or IP addresses. By default, all routers on the shared network are considered to support the RIP update information. SourcegateWays Gateway_list Defines the RIP to send a group of router lists directly without broadcasting or broadcasting. TRACEOPTIONS TRACE_OPTIONS Set the RIP Tracking option. The detailed setting is slightly. Here are some configuration examples: Configuration 1: # # # this configuration runs rip in quiet mode, it online {nobroad. # Rip yes {nobroadcast;}; configuration 2: # this configuration emulates routed. It runs RIP and only sends # updates if there are more than one interfaces up and IP forwarding is # enabled in the kernel. # # NOTE that RIP * will not * run if UDP checksums are disabled in # the kernel. # rip YES; Zebra introduction This is the software written by the Japanese in GNU copyright, and the main function is to achieve RIPv1, RIPv2, RIPNG, OSPFv2, OSPFv3, BGP-4, And BGP-4 routing protocol. It is currently 0.87, currently supports Linux and FreeBSD, which will support Solaris 7 and GNU Hurd in the future. Where RIPv1, RIPv2, OSPFv2 is used for IPv4's autonomous domain system internal network routing protocol, the best is OSPF, he supports VLSM (becoming a long subnet mask), converges fast, can be dynamically adjusted according to the link of the link, It is the best internal routing protocol that is currently supported by all manufacturers. It's almost like him (maybe it) is Cisco proprietary EIGRP. BGP-4 is the external network routing protocol used between the autonomous domain system, and is also the current protocol currently used by the Internet. Very flexible. It is very common in foreign countries. If a network has more than two exports (two ISPs), it may use him. But in China seems to be rarely used, which is also closed with domestic networks. If we use BGP-4 with CSTNET and CETNet, as long as these two exits are pass, our external connections will not interrupt more than 1 minute. RIPNG OSPFv3, BGP-4 mainly expands support for IPv6. Many of this software configuration is almost identical to Cisco's iOS configuration. We can complete some of the complicated routing protocol processing control functions that must be done with an expensive Cisco router. GNU Zebra can go to www.zebra.org. Policy Control on the Router: IP Bandwidth Management (QoS) Why want to manage bandwidth? The main factor of the Internet is simple and robust in the Internet Protocol protocol.

Almost all people are now moving toward IP, and even traditional telecommunications companies are also transferring their circuit-based voice networks to IP networks. However, the Internet is encountered at this time at this time, there is a very difficult difficulty. It does not take an ATM protocol, which is to treat any business equally, that is, all data through the IP network is equal to as good as possible (said: Trying to serve). If I am willing to pay more than 1 time money, I can't make my home page download speed double. At this time, the QoS concept is introduced, which is the service quality assurance. In this case, equally to treat all IP business data is abandoned, and try to distinguish between different users or services, and then assign different bandwidth. This is the distribution and management of bandwidth on the router. Over the years, different technologies have been developed quickly, and IETF (Internet Engineering Task Force has released several standards, including: integrated service, distinction service, resource reservation technology. These standards have implemented under Linux. However, their use is a comprehensive problem that requires the cooperation of other routers of the network (such as resource reservation), so it is not very wide in practice, but with the increasing Internet business, they will gradually become more and more Everyone is used. Linux kernel 2.1.x and subsequent versions are mainly introduced to the Traffic Control code to achieve IP bandwidth allocation and management. TC features TC is the abbreviation of Traffic Control, meaning "flow control". TC has a lot of scalability. As a ISP that provides a virtual host service, it can utilize Linux traffic control to give different customer-free service quality. Traditional ISPs for selling virtual hosts or providing homemount services are usually providing different disk spaces to serve as different grades, such as 100M a monthly space. If you use Linux traffic control (TC), we can provide a different service that distinguish between you are a network of web hosting services, you can have the following different service seals: • Service level 1 : Tropics ¥ 100 / month - Viewers get 250kbps browsing page speed. · Service level 2: Tropster ¥ 150 / month - 250kbps, but if the bandwidth allows, 1 Mbps can be reached between 0:00 midnight. · Service level 3: Tropster ¥ 200 / month - 250kbps, but if the bandwidth allows, the maximum is up to 1Mbps, no limit time (depending on the level of service level 2). · Service level 4: Tropster ¥ 500 / month - Provide a high-speed bandwidth guarantee for 1Mbps. Suitable for video and audio streaming services. From the above example, we can use TC easy to specify a variety of controlled service rules. Different services are provided on different time periods mentioned above, we can easily use crontab to run some scripts to change the bandwidth allocation rules. This is a better example, we will introduce an example later. Example of Using TC Description Undequately provides an example of using TC to implement different bandwidth policies to two virtual hosts on a Linux server. In this example, we will tell how to configure and test TC. Compile the kernel as to compile a new kernel is not the scope of this chapter discussion, we assume that you already know how to recompile a kernel. Select the following kernel selection: "Kernel / User NetLink Socket" and "NetLink Device Emulation". Such TC can use NetLink to transmit information with kernel.

At the same time, all the queued algorithms were selected, located in "FAIR Queueing" "CBQ Packet Scheduler" CSZ PRIO PSEUDOSCHULER "" Red Queue "" SFQ Queue "" TBF Queue "" QoS Support "" Rate Estimator "Rate Estimator "Packet Classifier API" "Routing-Tables-Based Classifier" U32 Classifier "" Special RSVP Classifier and Special RSVP Classifier for IPv6 ". After selecting these options, compile the kernel according to the normal compile end of the kernel, then install the new kernel, and restart the system with the new kernel. Compiling TC packages can be downloaded to the software we need, follow the instructions in the package: ftp://linux.wauug.org/pub/net/ip-routing/iproute2-current.tar. GZ usually we have to do it is just a simple input make. TC setting Figure 1. CBQ Tree Diagram First is a simple tree diagram showing a system we configure. Two leaves nodes are allocated from the parent node, IP address 10.0.0.10 (identifier 1: 1) and address 10.0.0.11 (identifier 1: 2) are IP alias on the interface Eth0, share the parent node (identifier) 1: 0) bandwidth. This example only involves traffic control on an interface, you can simply construct the configuration of the control of the plurality of interface devices that are interested in this example. The first step in configuring QoS features is to add QDISC to an interface, such as this example: QDISC Add dev eth0 root handle 1: ... then define the category you need to distinguish. Different categories correspond to different flow control types. In our example, use the following statement: TC Class Add dev eth0 Parent 1: 0 ClassID X: Y ... our example only uses a deep class tree. Of course, we can construct a complex tree of the multilayer depth, the basic principle is the same: it is a child node (as shown in Figure 1) inherits the resource of a parent node and further distributes the resource of the parent node according to the definition of the class. For example, the parent class 1: 0 has the entire bandwidth of the device, then the child node 1: 1 is not possible to obtain a bandwidth of more than 10 Mbits, of course, this example is limited to 1 Mbps. Finally, the "IP Packet-Category" mapping rule is defined to tell the system's classifier, what type of IP packets that pass through router scheduling. First, associate a classifier with the output interface: Filter Add dev eth0 Parent 1: 0 Protocol IP ... then define the "IP Packet-Category" mapping rule. In this example, the source address of the IP packet will be utilized as a keyword of the classification. The following script completes this feature. About the parameters of commands such as TC in the script, you can refer to the random document, which is limited to the space, not introduced.

#! / Bin / sh #path to tc and the ip utilities; #change to reflect yours. Tc =. / IProute2 / TC / TC IP =. / IProute2 / ip / ip ########### ################################## 2 Reflect Yours # alias = 10.0.0.10 Alias2 = 10.0.0.11 ######################################################################################################################################################################################################################################################################## ############# # add ip aliansing support #uncomment if you want to use the ip utility to #ado ip-aliasing for you # # $ ip addr add $ alias1 dev eth0 # $ ip addr Add $ alias2 dev eth0 ################################################################################################################################################################################################################################################################################## ##### # Attaching a device queue discipline to an # interface a device queue discipline is # equivalent almost to a device manager # #Attach CBQ to eth0 #Things you might need to change: # bandwidth - the bandwidth of the eth0 device # note it must match the devices real bandwidth # allot - it is safe to leave it at the MTU of # the device # avpkt - the average packet size that you # suspect will be seen safe to leave at 1000 # for Ethernet With mtu of 1514 bytes # MPU - M InImum Packet Size # $ TC qdisc add dev eth0 root handle 1: CBQ Bandwidth 10Mbit Allot 1514 Cell 8 Avpkt 1000 MPU 64 ################# ################## # attaching class queue disciplines # bouded - it is bound to the rate security;

# Can borrow even if there is a lot of idle # bandwidth just sitting there isolated - can not # share its bandwidth to other classes prio is the # priority assigned 0 being the highest and 7 the # lowest weight - safer to leave at 1 # queue discipline setup Classid 1:. 1 will have a # rate of 1Mbps which is bounded # $ TC class add dev eth0 parent 1:. 0 classid 1: 1 cbq bandwidth 10Mbit rate 1Mbit avpkt 1000 prio 5 bounded isolated allot 1514 weight 1 maxburst 21 #rate 1Mbit avpkt 1000 prio 5 bounded allot 1514 #weight 1 maxburst 21 # Classid 1: 2 will have a rate of 3Mbps which is # bounded $ TC class add dev eth0 parent 1:. 0 classid 1: 2 cbq bandwidth 10Mbit Rate 3Mbit Avpkt 1000 Prio 5 Bounded Allot 1514 Weight 1 Maxburst 21 ######################################################################################################################################################################################################################################################### ############# # Define the filter to be attached to eth0 # create with hasid table of 256 slots with id1: # $ TC Filter Add dev eth0 Parent 1: 0 Protocol IP PRIO 5 HANDLE 1: U32 Divisor 256 ################################################################################################################################################################################################################################################################# ####### # Define the criteria for mapping incoming packets # to classes. Add to the 5th slot of hash table a # rule to select Virtual Address Alias ​​Direct It # to Class 1: 1 # $ TC Filter Add dev eth0 PARENT 1: 0 Prio 5 U32 HT 1: 6: Match IP Src $ alias1 Flowid 1: 1 # add to 6th slot of hasble rule to select # alias2 Direct it to class 1: 2 $ TC Filter Add dev eth0 Parent 1: 0 PRIO 5 U32 HT 1: 6: Match IP SRC $ Alias2 Flowid 1: 2 ## Lookup Hash Table, IF IT IS NOT FRAGMENTED ## Frame. Use Protocol As Hash Key # $ TC Filter Add dev eth0 Parent 1: 0 PRIO 5 Handle :: 1 U32 HT 800 :: Match IP NOFRAG Offset Mask 0x0f00 Shift 6 Hashkey Mask 0x00FF0000 AT 8 LINK 1:

转载请注明原文地址:https://www.9cbs.com/read-3507.html

New Post(0)