SiS001! Board - [第一会所关闭注册]

标题: [交流] 巧设路由器实现电信、网通南北互通 [打印本页]

作者: 李唐志骁 时间: 2007-5-15 11:05 标题: 巧设路由器实现电信、网通南北互通

如何实现“访问网通站点走网通线路，访问电信站点走电信线路”呢？现在，我们以华为AR系列路由器为例，说明如何通过配置策略路由的方式满足以上需要。

一：配置访问控制列表，定义访问目的地址为网通的地址段

进入系统视图，创建ACL 3100：
<Quidway>system
System View: return to User View with Ctrl+Z.
[Quidway]acl num 3100
[Quidway-acl-adv-3100]
可以直接复制粘贴如下规则：
rule 0 permit ip destination 60.0.0.0 0.7.255.255
rule 1 permit ip destination 60.0.0.0 0.8.255.255
rule 2 permit ip destination 60.0.0.0 0.9.255.255
rule 3 permit ip destination 60.0.0.0 0.10.255.255
rule 4 permit ip destination 60.0.0.0 0.11.255.255
rule 5 permit ip destination 60.8.0.0 0.3.255.255
rule 6 permit ip destination 60.12.0.0 0.0.255.255
rule 7 permit ip destination 60.13.0.0 0.0.63.255
rule 8 permit ip destination 60.13.128.0 0.0.127.255
rule 9 permit ip destination 60.16.0.0 0.15.255.255
rule 10 permit ip destination 60.208.0.0 0.7.255.255
rule 11 permit ip destination 60.216.0.0 0.1.255.255
rule 12 permit ip destination 60.220.0.0 0.3.255.255
rule 13 permit ip destination 61.48.0.0 0.3.255.255
rule 14 permit ip destination 61.52.0.0 0.1.255.255
rule 15 permit ip destination 61.54.0.0 0.0.255.255
rule 16 permit ip destination 61.55.0.0 0.0.255.255
rule 17 permit ip destination 61.133.0.0 0.0.127.255
rule 18 permit ip destination 61.134.64.0 0.0.63.255
rule 19 permit ip destination 61.134.128.0 0.0.127.255
rule 20 permit ip destination 61.135.0.0 0.0.255.255
rule 21 permit ip destination 61.136.0.0 0.0.255.255
rule 22 permit ip destination 61.138.0.0 0.0.127.255
rule 23 permit ip destination 61.139.128.0 0.0.63.255
rule 24 permit ip destination 61.148.0.0 0.0.255.255
rule 25 permit ip destination 61.149.0.0 0.0.255.255
rule 26 permit ip destination 61.156.0.0 0.0.255.255
rule 27 permit ip destination 61.158.0.0 0.0.255.255
rule 28 permit ip destination 61.159.0.0 0.0.63.255
rule 29 permit ip destination 61.161.0.0 0.0.63.255
rule 30 permit ip destination 61.161.128.0 0.0.127.255
rule 31 permit ip destination 61.162.0.0 0.0.255.255
rule 32 permit ip destination 61.163.0.0 0.0.255.255
rule 33 permit ip destination 61.167.0.0 0.0.255.255
rule 34 permit ip destination 61.168.0.0 0.0.255.255
rule 35 permit ip destination 61.176.0.0 0.0.255.255
rule 36 permit ip destination 61.179.0.0 0.0.255.255
rule 37 permit ip destination 61.180.128.0 0.0.127.255
rule 38 permit ip destination 61.181.0.0 0.0.255.255
rule 39 permit ip destination 61.182.0.0 0.0.255.255
rule 40 permit ip destination 61.189.0.0 0.0.127.255
rule 41 permit ip destination 202.32.0.0 0.31.255.255
rule 42 permit ip destination 202.96.64.0 0.0.31.255
rule 43 permit ip destination 202.97.128.0 0.0.127.255
rule 44 permit ip destination 202.98.0.0 0.0.31.255
rule 45 permit ip destination 202.99.0.0 0.0.255.255
rule 46 permit ip destination 202.102.128.0 0.0.63.255
rule 47 permit ip destination 202.102.224.0 0.0.1.255
rule 48 permit ip destination 202.106.0.0 0.0.255.255
rule 49 permit ip destination 202.107.0.0 0.0.127.255
rule 50 permit ip destination 202.108.0.0 0.0.255.255
rule 51 permit ip destination 202.110.0.0 0.0.127.255
rule 52 permit ip destination 202.110.192.0 0.0.63.255
rule 53 permit ip destination 202.111.128.0 0.0.63.255
rule 54 permit ip destination 210.51.0.0 0.0.255.255
rule 55 permit ip destination 210.52.0.0 0.1.255.255
rule 56 permit ip destination 218.4.0.0 0.3.255.255
rule 57 permit ip destination 218.10.0.0 0.1.255.255
rule 58 permit ip destination 218.21.128.0 0.0.127.255
rule 59 permit ip destination 218.24.0.0 0.1.255.255
rule 60 permit ip destination 218.26.0.0 0.0.255.255
rule 61 permit ip destination 218.27.0.0 0.0.255.255
rule 62 permit ip destination 218.28.0.0 0.1.255.255
rule 63 permit ip destination 218.56.0.0 0.3.255.255
rule 64 permit ip destination 218.60.0.0 0.1.255.255
rule 65 permit ip destination 218.62.0.0 0.0.127.255
rule 66 permit ip destination 218.67.128.0 0.0.127.255
rule 67 permit ip destination 218.68.0.0 0.1.255.255
rule 68 permit ip destination 219.141.128.0 0.0.127.255
rule 69 permit ip destination 219.142.0.0 0.1.255.255
rule 70 permit ip destination 219.154.0.0 0.1.255.255
rule 71 permit ip destination 219.156.0.0 0.1.255.255
rule 72 permit ip destination 219.158.0.0 0.0.255.255
rule 73 permit ip destination 219.159.0.0 0.0.63.255
rule 74 permit ip destination 221.0.0.0 0.3.255.255
rule 75 permit ip destination 221.4.0.0 0.1.255.255
rule 76 permit ip destination 221.6.0.0 0.0.255.255
rule 77 permit ip destination 221.7.128.0 0.0.127.255
rule 78 permit ip destination 221.8.0.0 0.1.255.255
rule 79 permit ip destination 221.10.0.0 0.0.255.255
rule 80 permit ip destination 221.11.0.0 0.0.127.255
rule 81 permit ip destination 221.12.0.0 0.3.255.255
rule 82 permit ip destination 221.12.0.0 0.0.127.255
rule 83 permit ip destination 221.12.128.0 0.0.63.255
rule 84 permit ip destination 221.192.0.0 0.3.255.255
rule 85 permit ip destination 221.196.0.0 0.1.255.255
rule 86 permit ip destination 221.199.0.0 0.0.31.255
rule 87 permit ip destination 221.199.32.0 0.0.15.255
rule 88 permit ip destination 221.199.128.0 0.0.63.255
rule 89 permit ip destination 221.199.192.0 0.0.15.255
rule 90 permit ip destination 221.200.0.0 0.3.255.255
rule 91 permit ip destination 221.204.0.0 0.1.255.255
rule 92 permit ip destination 221.207.0.0 0.0.63.255
rule 93 permit ip destination 221.208.0.0 0.15.255.255
rule 94 permit ip destination 222.128.0.0 0.3.255.255
rule 95 permit ip destination 222.132.0.0 0.3.255.255
rule 96 permit ip destination 222.136.0.0 0.7.255.255
rule 97 permit ip destination 222.160.0.0 0.3.255.255

注：以上规则已经包含大部分网通地址段，如有更新可以动态添加。
二：定义策略路由指定访问网通地址段的数据报文下一跳为网通网关

[Quidway]route-policy auto permit node 1
%New sequence of this list
[Quidway-route-policy]if-match acl 3100
[Quidway-route-policy]apply ip-address next-hop 10.1.1.2
[Quidway-route-policy]dis this
#
route-policy auto permit node 1
if-match acl 3100
apply ip-address next-hop 10.1.1.2
#
return
[Quidway-route-policy]

注：上面配置中以地址10.1.1.2为例作为网通网关地址，应用中可根据实际需要修改。

三：在连接局域网接口下应用此策略路由

[Quidway]int e3/0
[Quidway-Ethernet3/0]dis this
#
interface Ethernet3/0
ip address 192.168.1.1 255.255.255.0
#
return
[Quidway-Ethernet3/0]ip policy route-policy auto
[Quidway-Ethernet3/0]dis this
#
interface Ethernet3/0
ip address 192.168.1.1 255.255.255.0
ip policy route-policy auto
#
return
[Quidway-Ethernet3/0]

四：配置默认路由器经过电信网关

ip route-static 0.0.0.0 0.0.0.0 20.1.1.2 preference 60

注：上面配置中以地址20.1.1.2为例作为电信网关地址，应用中可根据实际需要修改。

经过如上三个配置步骤后，路由器便能自动区分网通流量和电信流量，使访问网通站点走网通线路，访问电信站点走电信线路。并且当网通线路出问题后所有流量都会自动切换到电信线路上，使用户能够不间断访问网络。

编者注：对于这个问题，在IXPUB论坛里，还有更详细的回答与讨论，详情请参看:

IXPUB论坛:路由器电信、网通双线路智能切换配置指导

作者: lvjinshan 时间: 2007-5-24 10:13

太复杂了吧，有没有简单一点的，像我们这些初学者怎么操作啊

作者: belialjack 时间: 2007-5-27 13:43

最好能够从头说，我用的是网通AD，虽然有路由器，但是不太会弄，楼主能详细介绍一下吗？

作者: 云之星 时间: 2007-5-27 15:16

对我们这些菜鸟来说，复杂了一点点。

作者: leidabing 时间: 2007-5-27 19:55

我也看不太懂。学习中。有点困难。加油！

作者: 流沙 时间: 2007-5-27 22:06

虽知是好东要，但不知所云，不知从何学起。

作者: zsy123500 时间: 2007-5-28 15:33

看不懂是什么东东啊
我用的是TPLINK
怎么弄啊

作者: tsamw 时间: 2007-5-28 17:53

以上几楼的朋友！对不懂网络的来说是会复杂了些！不过网上也有些软件说是可以做到电信和网通互联的！可以上网搜索一下！我也用过！
速度当然是有提高了！这些软件有很多种！也有收费也有免费的！

作者: 人渣 时间: 2007-5-31 04:36

我晕啊!你这样说我们这些菜鸟真的是惭愧啊!

作者: kalapi 时间: 2007-5-31 22:05

这种帖子有什么意义，个人用户的路由器和楼主提到的根本是两码事

何况小道消息称近期两家正在磋商解决互访限制问题

作者: hali80 时间: 2007-5-31 22:19

太复杂了,看不懂,要自己怎么个开头呀,复制,粘贴还可以..

作者: cheetahst 时间: 2007-6-3 20:15

好专业啊，但是我还是不敢设，万一设了之后不好用，不知道怎么设回就惨了。

作者: df1208 时间: 2007-6-3 20:58

我用的是铁通，上面的方法能解决吗请楼主赐教

作者: sgj650128 时间: 2007-6-9 18:32

这个问题有点复杂，我是用的网通宽带电信的能连上吗？不用交费？

[ 本帖最后由 sgj650128 于 2007-6-9 07:35 PM 编辑 ]

作者: kevinhefeng 时间: 2007-6-12 17:14

安用cisco 安不用华为的router

－－－－－－－－－－－－－－－－

作者: 流沙 时间: 2007-6-12 22:42

一头露水，不知所云。不知楼主可说分明点吗？

欢迎光临 SiS001! Board - [第一会所关闭注册] (http://154.84.6.41/bbs/)