If the server is connected to multiple network segments, you might not be able to access if properly only set the default gateway. Access from the Internet to route the DMZ segment, access from the Corporate Network will be routed to the maintenance segment. I will describe how to configure a static route to each network interface. Because the only route command, setting may be cleared to OS reboot, I will also describe how to do the routing configuration permanently. OS: RedHat EL 6.4(64-bit)
Network Overview
Network Overview it is assumed this is as of FIG.
Default gateway will not face the Internet side.
Routing table information before setting
[root@dcf-web-a ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.5.116.0 * 255.255.255.0 U 1 0 0 eth0 10.5.117.0 * 255.255.255.0 U 1 0 0 eth1 default 10.5.116.254 0.0.0.0 UG 0 0 0 eth0 [root@dcf-web-a ~]#If you leave this, for example, it will return to the DMZ segment is also access from the PC of 192.168.xxx.xxx.
Therefore, it can not communicate.
Set the gateway of maintenance segment side
[root@dcf-web-a ~]# route add -net 10.0.0.0 gw 10.5.117.254 netmask 255.0.0.0 eth1 [root@dcf-web-a ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.5.116.0 * 255.255.255.0 U 1 0 0 eth0 10.5.117.0 * 255.255.255.0 U 1 0 0 eth1 10.0.0.0 10.5.117.254 255.0.0.0 UG 0 0 0 eth1 default 10.5.116.254 0.0.0.0 UG 0 0 0 eth0 [root@dcf-web-a ~]#I added a Lou Funding set to the network from 10.0.0.0/8.
It was assumed 10.5.117.254 the gateway, but in fact was 10.5.117.170 ....
Please set according to each environment.
Deleting a static route
[root@dcf-web-a ~]# route del -net 10.0.0.0 gw 10.5.117.254 netmask 255.0.0.0 eth1 [root@dcf-web-a ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.5.116.0 * 255.255.255.0 U 1 0 0 eth0 10.5.117.0 * 255.255.255.0 U 1 0 0 eth1 default 10.5.116.254 0.0.0.0 UG 0 0 0 eth0 [root@dcf-web-a ~]#
Set the gateway of maintenance segment side again
[root@dcf-web-a ~]# route add -net 10.0.0.0 gw 10.5.117.170 netmask 255.0.0.0 eth1 [root@dcf-web-a ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.5.116.0 * 255.255.255.0 U 1 0 0 eth0 10.5.117.0 * 255.255.255.0 U 1 0 0 eth1 10.0.0.0 10.5.117.170 255.0.0.0 UG 0 0 0 eth1 default 10.5.116.254 0.0.0.0 UG 0 0 0 eth0 [root@dcf-web-a ~]#The above settings will be cleared when you OS reboot.
Static route permanently set
[root@dcf-web-a ~]# vi /etc/sysconfig/network-scripts/route-eth1 [root@dcf-web-a ~]# cat /etc/sysconfig/network-scripts/route-eth1 10.0.0.0/8 via 10.5.117.170 192.168.0.0/16 via 10.5.117.170 [root@dcf-web-a ~]#I manually create a route-eth1.
Setting reflection
[root@dcf-web-a ~]# /etc/init.d/network restart
インターフェース eth0 を終了中: デバイスの状態: 3 (切断済み)
[ OK ]
インターフェース eth1 を終了中: デバイスの状態: 3 (切断済み)
[ OK ]
ループバックインターフェースを終了中 [ OK ]
ループバックインターフェイスを呼び込み中 [ OK ]
インターフェース eth0 を活性化中: アクティブ接続の状態: アクティベート済み
アクティブ接続のパス: /org/freedesktop/NetworkManager/ActiveConnection/5
[ OK ]
インターフェース eth1 を活性化中: アクティブ接続の状態: アクティベート済み
アクティブ接続のパス: /org/freedesktop/NetworkManager/ActiveConnection/6
[ OK ]
[root@dcf-web-a ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.5.116.0 * 255.255.255.0 U 1 0 0 eth0
10.5.117.0 * 255.255.255.0 U 1 0 0 eth1
192.168.0.0 10.5.117.170 255.255.0.0 UG 0 0 0 eth1
10.0.0.0 10.5.117.170 255.0.0.0 UG 0 0 0 eth1
default 10.5.116.254 0.0.0.0 UG 0 0 0 eth0
[root@dcf-web-a ~]#
The above setting is also reflected OS reboot. I'm glad this information if beneficial to you.
0 件のコメント:
コメントを投稿