- 论坛徽章:
- 0
|
今天無聊!!
openbsd 4.2
openbsd 4.0
把原來雙線策略的網關,改為負載均衡!!
用的是 pf-faq裏面的規則http://openbsd.org/faq/pf/pools.html
lan_net = "192.168.0.0/24"
int_if = "dc0"
ext_if1 = "fxp0"
ext_if2 = "fxp1"
ext_gw1 = "68.146.224.1"
ext_gw2 = "142.59.76.1"
# nat outgoing connections on each internet interface
nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)
# default deny
block in from any to any
block out from any to any
# pass all outgoing packets on internal interface
pass out on $int_if from any to $lan_net
# pass in quick any packets destined for the gateway itself
pass in quick on $int_if from $lan_net to $int_if
# load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto tcp from $lan_net to any flags S/SA modulate state
# load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto { udp, icmp } from $lan_net to any keep state
# general "pass out" rules for external interfaces
pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state
# route packets from any IPs on $ext_if1 to $ext_gw1 and the same for
# $ext_if2 and $ext_gw2
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
之前也做過測試,當時沒有這方面的需要,沒有認真做過測試!
今天有空把它再拿出來用用!! 其它的網頁,QQ,msn等很正常
測試下載,也算正常!!
問題來了
web迅雷,迅雷,FlashGet等, 把正在下載的東西,停止,過一兩秒再開,反復幾次!就沒流量! ssh斷開,網頁打不開,ping 網關,正常!
在openBSD的控制台上用ifstat 可以看到,各個網卡出去的流量為0
ping 兩個網關,正常!!
於是重新加載pf規則
pfctl -Fa
pfctl -f /etc/pf.conf
無效,一樣
於是打上
sh /etc/netstart
終於有反映了,正常使用!!
再下載東西測試,結果還是一樣
那位有這方面的經驗,出來說說 |
|
免费注册
发表于 2008-01-25 14:12
