FreeBSD双线负载均衡NAT服务器配置方法

# vi /etc/rc.conf
================+==============+=================
defaultrouter="221.33.88.254"
ifconfig_fxp0="inet 192.168.0.1 netmask 255.255.255.0"
ifconfig_rl0="inet 221.33.88.2 netmask 255.255.255.0"
ifconfig_rl1="inet 202.0.57.1 netmask 255.255.255.0"
pf_enable="YES"
================+==============+=================# vi /etc/pf.conf
================+==============+=================
##anchors
lan_net = "192.168.0.0/24"
int_if = "fxp0"
ext_if1 = "rl0"
ext_if2 = "rl1"
ext_gw1 = "221.33.88.254"
ext_gw2 = "61.0.57.254"##nat outgoing connections on each internet interface
nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)##default deny
block in from any to any
block out from any to any##pass all outgoing packets on internal interface
pass out on $int_if from any to $lan_net
##pass in quick any packets destined for the gateway itself
pass in quick on $int_if from $lan_net to $int_if
##load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to /
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin /
proto tcp from $lan_net to any flags S/SA modulate state
##load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to /
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin /
proto { udp, icmp } from $lan_net to any keep state##general "pass out" rules for external interfaces
pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state##route packets from any IPs on $ext_if1 to $ext_gw1 and the same for
##$ext_if2 and $ext_gw2
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
================+==============+=================# vi /etc/sysctl.conf
net.inet.ip.forwarding=1

(0)

相关推荐

  • Linux系统下使用HAProxy配置HTTP负载均衡系统的方法

    如今对基于互联网的应用和服务的要求越来越大,这给广大的IT管理员施加了越来越大的压力。面对突如其来的流量猛增、自生的流量增加或者是内部挑战(比如硬件故障和紧急维护),不管怎样,你的互联网应用都必须保持 ...

  • 路由器基础知识:全面解读负载均衡技术

    Internet的规模每一百天就会增长一倍,客户希望获得7天24小时的不间断可用性及较快的系统反应时间,而不愿屡次看到某个站点“Server Too Busy”及频繁的系统故障。 网络的各个核心部分随 ...

  • Linux系统下配置HTTP负载均衡系统以扛流量增加

    随着网络流量的增加,服务器开始面临繁重负载,这时就需要搭配一套HTTP负载均衡系统了,那么Linux下该如何配置HTTP负载均衡系统呢?随小编一起来学习一下吧。 如今对基于互联网的应用和服务的要求越来 ...

  • nginx负载均衡的方法

    nginx 是一个轻量级的.高性能的 web server 主要可以干两件事情: 1.直接作为http server(代替apache,对PHP需要FastCGI处理器支持): 2.作为反向代理服务器 ...

  • VMware ESXI 网卡负载均衡配置3种方法

    VMware ESXI 网卡负载均衡配置3种方法

    VMware ESXI 网卡负载均衡配置3种方法(1) 基于端口的负载均衡 (Route based on the originating virtual port ID)(这个是默认支持)这种方式下 ...

  • Win2008 R2下配制负载均衡方法

    两台web 服务器,操作系统是Windows Server 2008 R2,申请三个IP地址及要做负载平衡的域名(www.test.cn),其中一个IP地址为虚拟IP地址,另外两个分别配置在两台服务器 ...

  • Linux虚拟服务器 LVS的三种负载均衡方式比较

    Linux虚拟服务器 LVS的三种负载均衡方式比较

  • 四层和七层负载均衡的区别

    (一) 简单理解四层和七层负载均衡: ① 所谓四层就是基于IP+端口的负载均衡;七层就是基于URL等应用层信息的负载均衡;同理,还有基于MAC地址的二层负载均衡和基于IP地址的三层负载均衡。 换句换说 ...

  • 服务器集群负载均衡(F5,LVS,DNS,CDN)区别以及选型

    ======================================= F5全称: F5-BIG-IP-GTM 全球流量管理器. 是一家叫F5 Networks的公司开发的四~七层交换机,软硬 ...