By using AWS re:Post, you agree to the AWS re:Post Terms of Use

多网络接口,多ip地址配置路由策略,从那个公网ip进入就从对应的ip出去。

0

我在亚马逊云购买了一台服务器,并配置了两个弹性网络接口和对应的4个ip地址!配置如下 Enter image description here 然后我配置了路由策略,不知道对不对。 network: ethernets: eth0: addresses: - 172.31.18.102/20 - 172.31.19.19/20 dhcp4: no nameservers: addresses: - 8.8.8.8 routes: - to: 0.0.0.0/0 via: 172.31.16.1 table: 100 - to: 172.31.18.102 via: 0.0.0.0 scope: link table: 100 - to: 172.31.19.19 scope: link table: 100 routing-policy: - from: 172.31.18.102 table: 100 priority: 300 routing-policy: - from: 172.31.19.19 table: 100 priority: 300 eth1: addresses: - 172.31.30.237/20 - 172.31.17.231/20 dhcp4: no routes: - to: 0.0.0.0/0 via: 172.31.16.1 table: 101 - to: 172.31.30.237 via: 0.0.0.0 scope: link table: 101 - to: 172.31.17.231 scope: link table: 101 routing-policy: - from: 172.31.30.237 table: 101 routing-policy: - from: 172.31.17.231 table: 101 version: 2 我所有的公网ip都可以ping通,但是我的需求是ssh 52.52.106.253这个ip进入的,curl请求网站就从52.52.106.253这个ip出去,现在的出口ip都是50.18.215.189。 可以帮助实现我的需求吗?

asked 2 years ago129 views
1 Answer
0

Centos Configuration:

  1. Console creates ENI, assigns multiple Private IPs and EIPs

  2. Using two network cards as an example

    1. ETH1:
      • EIP: 43.192.X.X, Private IP: 172.31.20.163
      • EIP: 161.189.X.X, Private: 172.31.26.128
    2. ETH0:
      • EIP1: 69.231.X.X, Private IP: 172.31.24.205
      • EIP2: 69.234.X.X, Private IP: 172.31.23.41
  3. Create the following files in /etc/sysconfig/network-scripts, each network card and each IP requires a corresponding file:

    ifcfg-eth0 can omit IP and MASK, other configuration files need to write the corresponding Private IP and NET MASK (consistent with subnet configuration)

    ifcfg-eth0:

    
    BOOTPROTO=dhcp
    DEVICE=eth0
    HWADDR=06:aa:d7:88:4d:b2 ##optional
    ONBOOT=yes
    STARTMODE=auto
    TYPE=Ethernet
    USERCTL=no

    ifcfg-eth0:1

    #
    BOOTPROTO=dhcp
    DEVICE=eth0:1
    ONBOOT=yes
    IPADDR=172.31.23.41 # Second IP of ETH0
    NETMASK=255.255.240.0
    STARTMODE=auto
    TYPE=Ethernet
    USERCTL=no

    ifcfg-eth1

    BOOTPROTO=dhcp
    DEVICE=eth1
    ONBOOT=yes
    IPADDR=172.31.20.163 # First IP of ETH1
    NETMASK=255.255.240.0
    STARTMODE=auto
    TYPE=Ethernet
    USERCTL=no

    ifcfg-eth1:1

    BOOTPROTO=dhcp
    DEVICE=eth1:1
    ONBOOT=yes
    IPADDR=172.31.26.128 # Second IP of ETH1
    NETMASK=255.255.240.0
    STARTMODE=auto
    TYPE=Ethernet
    USERCTL=no
  4. Update the /etc/rc.local file, adding the following entries to this file to ensure the routing table is automatically updated after the server restarts

    ## Different network cards use different policy routing
    ip route add default via 172.31.16.1 dev eth0 table 1 # ETH0 uses table 1
    ip rule add from 172.31.24.205 lookup 1 # Set source return path 
    ip rule add from 172.31.23.41 lookup 1 
    ip route add default via 172.31.16.1 dev eth1 table 2 # ETH1 uses table 2 
    ip rule add from 172.31.20.163 lookup 2 
    ip rule add from 172.31.26.128 lookup 2 

    After adding, execute chmod +x /etc/rc.d/rc.local

    Restart the system to check if all IPs can communicate properly.

Note: If communication still fails after restarting, configure the rc-local service.

  1. Edit /usr/lib/systemd/system/rc-local.service

    Add dependencies:

    In the [Unit] section, ensure the following two lines are included:

    Requires=network-online.target 
    After=network-online.target 

    Save and exit

  2. Enable rc-local.service

    sudo systemctl enable rc-local

  3. Start the service

    sudo systemctl start rc-local

    sudo systemctl status rc-local

Restart again, and you should be able to ping all IPs.

The configuration for Amazon Linux is simpler since it comes pre-installed with amazon-ec2-net-utils, which automatically recognizes network card information and has fewer configuration items; you can refer to the above steps to update any missing parts accordingly.

profile pictureAWS
EXPERT
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions