При една авария в поддържана от мен фирма с изпържен рутер от токов удар в събота вечерта трябваше да конфигурирам моя домашен linksys WRT54GL с DD-WRT (дойде му и на него времето след три години вярна служба) . В един момент останах без рутер а у нас сме с три лаптопа плюс два съседна апартамента, те и те уж само времено но щях да оставя сума си ти хора без Интернет. В офиса имаше само смотани модели които не покриват високите изисквания на моята домашна мрежа 🙂 и така всичко пак опря до Linux рутер. Точно преди да инсталирам едно “Дебианче” се позамислих, че май сега е момента да пробвам Vyatta в реални условия. Получи се добре макар и да изпадам в недоумения защо Vyatta не поддържа policy routng, UPNP и TCPMSS за момента .. ?? За сметка на това пък другите неща са прекрасни за конфигурация, всичко е в един файл, удобното допълване с клавиша ‘TAB’ също е незаменимо, след първите 5-6 реда спрях да гледам how-to-та и конфигурирах всичко само по пътя на логиката. Тази система според мен има голямо бъдеще ако я разширят и поддържат всичко необходимо за един рутер от среден и видок клас. Нещото което найстина най много ме впечатли е Load Balancing. Толкова много съм се борил с това в Debian i Slackware, че се отказах преди доста време с извода, че няма добро решение на това нещо. Но ето, че има и това е Vyatta.
______10.18.5.1 Local Optisprint 212.233.128.0/17, 10.0.0.0/8 ________________ | ____________ | 10.18.5.3 | | |93.155.131.1 | eth3 |_______|___10.18.5.254 Internet GCN__| | --WAN-- | | | | |Reverse Proxy - Load Balancing | -=INTERNET=- | 172.16.21.2 | | | | tun0 |___________172.16.21.1 Internet BTC__| | | |___________ | router Vyatta | 192.168.1.1 | | | --LAN-- | | 192.168.88.1 | | b | |___ 192.168.88.10 QOS download 40mbit upload 10mbit | r |--eth2 |___ 192.168.88.11 QOS download 25mbit upload 5mbit | i | |___ 192.168.88.12 QOS download 20mbit upload 4mbit | d |--eth1 |___ 192.168.88.13 QOS download 20mbit upload 4mbit | g | |___ 192.168.88.14 QOS download 20mbit upload 4mbit | e |--eth0 |___ 192.168.88.15 QOS download 20mbit upload 4mbit |_______________|___ 192.168.88.128/25 QOS download 15mbit upload 2mbit
configure set service ssh set interfaces bridge br0 address 192.168.88.1/24 set interfaces ethernet eth0 bridge-group bridge br0 set interfaces ethernet eth1 bridge-group bridge br0 set interfaces ethernet eth2 bridge-group bridge br0 set interfaces ethernet eth3 mac 00:0C:42:54:F4:CB set interfaces ethernet eth3 address 10.18.5.3/24 set interfaces tunnel tun0 address 172.16.21.2/30 set interfaces tunnel tun0 encapsulation gre set interfaces tunnel tun0 local-ip 10.18.5.3 set interfaces tunnel tun0 remote-ip 93.155.131.1 set protocols static route 0.0.0.0/0 next-hop 10.18.5.254 set protocols static route 0.0.0.0/0 next-hop 172.16.21.1 set protocols static route 212.233.128.0/17 next-hop 10.18.5.1 set protocols static route 10.0.0.0/8 next-hop 10.18.5.1 set protocols static route 93.155.131.0/28 next-hop 10.18.5.254 set system name-server 93.155.131.1 set system name-server 93.155.130.4 set service dns forwarding system set service dns forwarding listen-on br0 set service nat rule 1 outbound-interface eth3 set service nat rule 1 outside-address address 10.18.5.3 set service nat rule 1 source address 192.168.88.0/24 set service nat rule 1 type source set service nat rule 2 outbound-interface tun0 set service nat rule 2 outside-address address 172.16.21.2 set service nat rule 2 source address 192.168.88.0/24 set service nat rule 2 type source set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 start 192.168.88.128 stop 192.168.88.254 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 dns-server 192.168.88.1 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 default-router 192.168.88.1 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 domain-name samihome.itservice-bg.net set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping sami-local ip-address 192.168.88.10 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping sami-local mac-address 90:e6:ba:92:96:7c set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping sami-wifi ip-address 192.168.88.11 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping sami-wifi mac-address 00:1b:77:d6:db:3e set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping teri-laptop ip-address 192.168.88.12 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping teri-laptop mac-address 00:22:f7:01:19:95 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping eli ip-address 192.168.88.13 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping eli mac-address 00:26:9e:31:8b:29 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping stefan ip-address 192.168.88.14 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping stefan mac-address 00:1C:23:95:39:08 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping yani ip-address 192.168.88.15 set service dhcp-server shared-network-name SamiHome subnet 192.168.88.0/24 static-mapping yani mac-address 00:25:D3:C1:40:11 set service webproxy listen-address 192.168.88.1 set service webproxy cache-size 20000 set service webproxy disable-access-log set firewall conntrack-table-size 50000000 set system host-name SamiHome set system time-zone Europe/Sofia set load-balancing wan interface-health eth3 failure-count 5 set load-balancing wan interface-health eth3 nexthop 10.18.5.254 set load-balancing wan interface-health eth3 test 10 type ping set load-balancing wan interface-health eth3 test 10 target 10.18.5.254 set load-balancing wan interface-health tun0 failure-count 5 set load-balancing wan interface-health tun0 nexthop 172.16.21.1 set load-balancing wan interface-health tun0 test 10 type ping set load-balancing wan interface-health tun0 test 10 target 192.168.1.1 set load-balancing wan rule 10 inbound-interface br0 set load-balancing wan rule 10 interface eth3 set load-balancing wan rule 10 interface tun0 set interfaces ethernet eth0 duplex full set interfaces ethernet eth0 speed 100 set interfaces ethernet eth1 duplex full set interfaces ethernet eth1 speed 100 set interfaces ethernet eth2 duplex full set interfaces ethernet eth2 speed 100 set interfaces ethernet eth3 duplex full set interfaces ethernet eth3 speed 1000 set qos-policy traffic-shaper SHAPER-OUT default bandwidth 1mbit set qos-policy traffic-shaper SHAPER-OUT class 10 bandwidth 40mbit set qos-policy traffic-shaper SHAPER-OUT class 10 match 0 ip destination address 192.168.88.10/32 set qos-policy traffic-limiter SHAPER-IN class 10 bandwidth 10mbit set qos-policy traffic-limiter SHAPER-IN class 10 match 0 ip source address 192.168.88.10/32 set qos-policy traffic-shaper SHAPER-OUT class 11 bandwidth 25mbit set qos-policy traffic-shaper SHAPER-OUT class 11 match 1 ip destination address 192.168.88.11/32 set qos-policy traffic-limiter SHAPER-IN class 11 bandwidth 5mbit set qos-policy traffic-limiter SHAPER-IN class 11 match 1 ip source address 192.168.88.11/32 set qos-policy traffic-shaper SHAPER-OUT class 12 bandwidth 20mbit set qos-policy traffic-shaper SHAPER-OUT class 12 match 2 ip destination address 192.168.88.12/32 set qos-policy traffic-limiter SHAPER-IN class 12 bandwidth 4mbit set qos-policy traffic-limiter SHAPER-IN class 12 match 2 ip source address 192.168.88.12/32 set qos-policy traffic-shaper SHAPER-OUT class 13 bandwidth 20mbit set qos-policy traffic-shaper SHAPER-OUT class 13 match 3 ip destination address 192.168.88.13/32 set qos-policy traffic-limiter SHAPER-IN class 13 bandwidth 4mbit set qos-policy traffic-limiter SHAPER-IN class 13 match 3 ip source address 192.168.88.13/32 set qos-policy traffic-shaper SHAPER-OUT class 14 bandwidth 20mbit set qos-policy traffic-shaper SHAPER-OUT class 14 match 4 ip destination address 192.168.88.14/32 set qos-policy traffic-limiter SHAPER-IN class 14 bandwidth 4mbit set qos-policy traffic-limiter SHAPER-IN class 14 match 4 ip source address 192.168.88.14/32 set qos-policy traffic-shaper SHAPER-OUT class 15 bandwidth 20mbit set qos-policy traffic-shaper SHAPER-OUT class 15 match 5 ip destination address 192.168.88.15/32 set qos-policy traffic-limiter SHAPER-IN class 15 bandwidth 4mbit set qos-policy traffic-limiter SHAPER-IN class 15 match 5 ip source address 192.168.88.15/32 set qos-policy traffic-shaper SHAPER-OUT class 16 bandwidth 10mbit set qos-policy traffic-shaper SHAPER-OUT class 16 match 6 ip destination address 192.168.88.128/25 set qos-policy traffic-limiter SHAPER-IN class 16 bandwidth 2mbit set qos-policy traffic-limiter SHAPER-IN class 16 match 6 ip source address 192.168.88.128/25 set interfaces ethernet eth0 qos-policy in SHAPER-IN set interfaces ethernet eth0 qos-policy out SHAPER-OUT set interfaces ethernet eth1 qos-policy in SHAPER-IN set interfaces ethernet eth1 qos-policy out SHAPER-OUT set interfaces ethernet eth2 qos-policy in SHAPER-IN set interfaces ethernet eth2 qos-policy out SHAPER-OUT set service snmp community public authorization ro commit save |
Братчет тия неща нищо не ми говорат.Просто ние широкия кръг хора не сме програмисти.Помисли и за по неуките и напиши по подробно и разбрано.