1.需求:
內網IP:10.63.215.7 網關:10.63.215.254
外網IP:180.168.29.92 網關:180.168.29.89
內外網均可以Ping通,可直接訪問
2.IP配置:
[root@APPServer ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO=none
IPADDR=10.63.215.7
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="bc9e80f5-1b82-46ab-b39b-cc8ad2a81d16"
HWADDR=34:97:F6:5B:67:95
[root@APPServer ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="dhcp"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="1b85cdd4-2a89-48f2-99fe-d2b7aa318954"
HWADDR=34:97:F6:5B:67:96
/etc/sysconfig/network中沒寫默認網關!
3.配置雙網關:
[root@APPServer ~]# cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
252 e1
251 e0
接着敲命令:
ip route flush table e0
ip route add default via 10.63.215.254 dev eth0 src 10.63.215.7 table e0
ip route add 127.0.0.0/8 dev lo table e0
ip rule add from 10.63.215.7 table e0
ip route flush table e1
ip route add default via 180.168.29.89 dev eth1 src 180.168.29.92 table e1
ip route add 127.0.0.0/8 dev lo table e1
ip rule add from 180.168.29.92 table e1
敲完直接測試內外網是否全通,反正我這里是好了。
原理:把靜態路由的命令加在 /etc/init.d/network。
但CentOS可能會自動還原這個文件,導致自己加的東西會消失,所以,還是加到開機啟動腳本里面:
[root@APPServer ~]# cat /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
ip route flush table e0
ip route add default via 10.63.215.254 dev eth0 src 10.63.215.7 table e0
ip route add 127.0.0.0/8 dev lo table e0
ip rule add from 10.63.215.7 table e0
ip route flush table e1
ip route add default via 180.168.29.89 dev eth1 src 180.168.29.92 table e1
ip route add 127.0.0.0/8 dev lo table e1
ip rule add from 180.168.29.92 table e1