Load Balancing & NAT dua

Load Balancing & NAT dua (2) link ISP sekaligus

2 April 2007

saya lagi ngiseng.
Kebetulan ada dua (2) link Internet di rumah (ADSL & RT/RW-net JF3NET)
saya coba bikin 2 link load balancing dengan Linux router
yang bisa load balancing antara 2 link
& automatis redirect kalau salah satu link down

OS yang dipakai Fedora Core 6
saya lagi nyoba juga di Linux Router Vyatta
ini harusnya juga bisa & gak masalah sih ..

konfigurasi
Linux + 3 LAN card (eth0 ADSL, eth1 RTRWNET, eth0 LAN)

Semoga bermanfaat - Onno
ps. konfigurasi rumah saya agak rumit karena ada sambungan ke
ORARI-network dll ..

# ------------- konfigurasi ip --------------------------------

/sbin/ip link set lo up
/sbin/ip link set eth0 up
/sbin/ip link set eth1 up
/sbin/ip link set eth2 up

/sbin/ip route flush table adsl
/sbin/ip route flush table rtrwnet
/sbin/ip route flush table internet

/sbin/ip addr add 127.0.0.1/8 brd 127.0.0.255 dev lo

/sbin/ip addr add 192.168.1.222/24 brd 192.168.1.255 dev eth0
/sbin/ip addr add 10.0.148.48/24 brd 10.0.148.255 dev eth1
/sbin/ip addr add 192.168.0.222/24 brd 192.168.0.255 dev eth2

/sbin/ip route add 127.0.0.0/8 dev lo
/sbin/ip route add 192.168.0.0/24 dev eth2
/sbin/ip route add 44.132.33.0/24 via 192.168.0.10 dev eth2
/sbin/ip route add 192.168.11.0/24 via 192.168.0.10 dev eth2
/sbin/ip route add 125.160.6.251 via 192.168.1.1 dev eth0
/sbin/ip route add 125.160.6.252 via 192.168.1.1 dev eth0

/sbin/ip rule add prio 10 table main
/sbin/ip route del default table main

/sbin/ip rule add prio 20 from 192.168.1.0/24 table adsl
/sbin/ip route add default via 192.168.1.1 dev eth0 src 192.168.1.222 \
proto static table adsl
/sbin/ip route append prohibit default table adsl metric 1 proto static

/sbin/ip rule add prio 20 from 10.0.148.0/24 table rtrwnet
/sbin/ip route add default via 10.0.148.254 dev eth1 src 10.0.148.48 \
proto static table rtrwnet
/sbin/ip route append prohibit default table rtrwnet metric 1 proto static

# Set up load balancing gateways
/sbin/ip rule add prio 50 table internet
/sbin/ip route add default proto static table internet \
nexthop via 192.168.1.1 dev eth0 weight 3 \
nexthop via 10.0.148.254 dev eth1 weight 1

# Setup routing to ISPs
/sbin/ip route add 202.138.236.0/24 proto static table internet \
nexthop via 192.168.1.1 dev eth0 weight 1 \
nexthop via 10.0.148.254 dev eth1 weight 10
/sbin/ip route add 125.160.6.251 proto static table internet \
via 192.168.1.1 dev eth0
/sbin/ip route add 125.160.6.252 proto static table internet \
via 192.168.1.1 dev eth0

# ----------------- konfigurasi NAT ------------------------------

/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -p tcp -i eth2 --destination-port 25 -s !
192.168.0.1 -j DROP

/sbin/iptables -A INPUT -i eth2 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp -s 0/0 --dport 25 -j ACCEPT
/sbin/iptables -A INPUT -i eth1 -p tcp -s 0/0 --dport 25 -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -i eth0 -j REJECT --reject-with tcp-reset
/sbin/iptables -A INPUT -p tcp -i eth1 -j REJECT --reject-with tcp-reset
/sbin/iptables -A INPUT -p udp -i eth0 -j REJECT --reject-with
icmp-port-unreachable
/sbin/iptables -A INPUT -p udp -i eth1 -j REJECT --reject-with
icmp-port-unreachable

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.1.222
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 10.0.148.48

# -------------- tambahan di /etc/rc.local ---------------------

/bin/echo 1 > /proc/sys/net/ipv4/ip_forward

reported from http://antokwng.blogspot.com