策略路由和NAT实现负载均衡实例教程
来源:互联网 发布:淘宝卖家怎么收钱 编辑:程序博客网 时间:2024/05/19 12:16
一、组网需求:
1.正常情况下10.0.0.2从出口12.12.12.0NAT转化成100.0.0.0的地址,20.0.0.2从出口13.13.13.0NAT转化成200.0.0.0的地址,实现负载均衡。
2.FW双出口的某一条链路down,所有用户NAT成同一地址段出去,实现链路冗余。
二、实验组网
四、关键配置
USG5360 (V100R003C01SPC007):
ip address-set 100and200 type object
address 0 10.0.0.0 mask 24
address 0 10.0.0.0 mask 24
address 1 20.0.0.0 mask 24
#
ip address-set 10.0.0.2 type object
address 0 10.0.0.0 mask 24
address 0 10.0.0.0 mask 24
#
ip address-set 20.0.0.2 type object
address 0 20.0.0.0 mask 24
address 0 20.0.0.0 mask 24
#
acl number 3001
rule 0 permit ip source 10.0.0.0 0.255.255.255
rule 0 permit ip source 10.0.0.0 0.255.255.255
acl number 3002
rule 0 permit ip source 20.0.0.0 0.255.255.255
#
nat address-group 100 NAT1 100.0.0.1 100.0.0.100
nat address-group 200 NAT2 200.0.0.1 200.0.0.100
nat address-group 200 NAT2 200.0.0.1 200.0.0.100
#
traffic classifier 12
if-match acl 3001
traffic classifier 13
if-match acl 3002
if-match acl 3002
#
traffic behavior 12
remark ip-nexthop 12.12.12.2 output-interface GigabitEthernet0/0/0
traffic behavior 13
remark ip-nexthop 13.13.13.2 output-interface GigabitEthernet0/0/1
#
qos policy re
classifier 12 behavior 12
classifier 13 behavior 13
#
interface GigabitEthernet0/0/0
ip address 12.12.12.1 255.255.255.252
ip address 12.12.12.1 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 13.13.13.1 255.255.255.252
ip address 13.13.13.1 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 20.0.0.1 255.255.255.0
ip address 20.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/3
ip address 10.0.0.1 255.255.255.0
# http://www.server-cn.com/
firewall zone local
set priority 100
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
qos apply policy re outbound
add interface GigabitEthernet0/0/2
add interface GigabitEthernet0/0/3
qos apply policy re outbound
add interface GigabitEthernet0/0/2
add interface GigabitEthernet0/0/3
#
firewall zone untrust
set priority 5
#
firewall zone name t100
set priority 10
add interface GigabitEthernet0/0/0
add interface GigabitEthernet0/0/0
#
firewall zone name t200
set priority 11
add interface GigabitEthernet0/0/1
set priority 11
add interface GigabitEthernet0/0/1
#
nat-policy interzone trust untrust outbound
#
nat-policy interzone trust t100 outbound
policy 0
policy 0
action source-nat
policy source address-set 100and200 copyright by http://www.server-cn.com/
address-group NAT1
address-group NAT1
#
nat-policy interzone trust t200 outbound
policy 0
action source-nat
policy source address-set 100and200
address-group NAT2
#
ip route-static 0.0.0.0 0.0.0.0 13.13.13.2
ip route-static 0.0.0.0 0.0.0.0 12.12.12.2
policy source address-set 100and200
address-group NAT2
#
ip route-static 0.0.0.0 0.0.0.0 13.13.13.2
ip route-static 0.0.0.0 0.0.0.0 12.12.12.2
#
0 0
- 策略路由和NAT实现负载均衡实例教程
- 路由备份和负载均衡
- 使用zookeeper实现服务路由和负载均衡
- 使用zookeeper实现服务路由和负载均衡
- 使用zookeeper实现服务路由和负载均衡
- 基于Zookeeper的路由和负载均衡实现思想
- 利用NAT实现TCP负载均衡原理
- VMware上实现LVS负载均衡(NAT)
- LVS-NAT模型实现负载均衡
- Layer3-2 静态路由和负载均衡
- CISCO NAT负载均衡
- 路由应用-使用路由实现负载流量均衡
- 利用NAT实现TCP负载均衡的配置步骤和示例
- Nginx 负载均衡配置和策略
- Nginx 负载均衡配置和策略
- Nginx 负载均衡配置和策略
- Nginx 负载均衡配置和策略
- Nginx 负载均衡配置和策略
- 黑马程序员---面对对象之接口的定义和使用
- IOS6 屏幕旋转 以及 旋转后的对应方法
- Game of Wuxing
- samba的配置
- Hydra与Hadoop之争谁将胜利?
- 策略路由和NAT实现负载均衡实例教程
- 模糊控制部分函数用法
- redhat server 5.6安装nmon
- 移动tomcat之后总共需要修改的三个地方
- Bing"以图搜图"晚谷歌30个月
- Poj 2549 Sumsets (3Sum问题)
- java 通配符
- ISV在“淘宝”上淘宝
- .net中的三层架构简介
