ситуация такая - есть два прова
пров1 (adsl) (vlan1) динамический IP (после DHCP видится как ip 192.168.1.191 mask 255.255.255.0 gw 192.168.1.1)
пров2 (wi-max) (vlan2) статический IP (ip 212.67.28.xx mask 255.255.252.0 gw 212.67.28.1)
как завести их в одну домашнюю сетку (3 компа), чтобы
1. все браузеры ходили через vlan1
2. uTorrent с портом 40000 - через vlan1
3. uTorrent с портом 50000 - через vlan2
а все остальное через vlan1 и vlan2 равномерно (баланс 50 на 50)
вывод route
Code:
[admin@(none) root]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
89.109.22.1 * 255.255.255.255 UH 0 0 0 ppp0
192.168.2.0 * 255.255.255.0 U 0 0 0 vlan1
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
212.67.28.0 * 255.255.252.0 U 0 0 0 vlan2
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 89-109-22-1.dyn 0.0.0.0 UG 0 0 0 ppp0
вывод ifconfig
Code:
[admin@(none) root]$ cls
-sh: cls: not found
[admin@(none) root]$ clear
[admin@(none) root]$ ifconfig
br0 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9900277 errors:0 dropped:0 overruns:0 frame:0
TX packets:7445850 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1152695078 (1.0 GiB) TX bytes:404787508 (386.0 MiB)
eth0 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8522752 errors:0 dropped:0 overruns:0 frame:0
TX packets:9882447 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:583317427 (556.2 MiB) TX bytes:1407091906 (1.3 GiB)
Interrupt:4 Base address:0x1000
eth1 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9898684 errors:0 dropped:0 overruns:0 frame:111489
TX packets:7447610 errors:4 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1290864914 (1.2 GiB) TX bytes:524339984 (500.0 MiB)
Interrupt:12 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:61918 errors:0 dropped:0 overruns:0 frame:0
TX packets:61918 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5252764 (5.0 MiB) TX bytes:5252764 (5.0 MiB)
ppp0 Link encap:Point-Point Protocol
inet addr:89.109.23.254 P-t-P:89.109.22.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:8438334 errors:0 dropped:0 overruns:0 frame:0
TX packets:9874359 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:324040631 (309.0 MiB) TX bytes:1150038528 (1.0 GiB)
vlan0 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1579 errors:0 dropped:0 overruns:0 frame:0
TX packets:371 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:416648 (406.8 KiB) TX bytes:57405 (56.0 KiB)
vlan1 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet addr:192.168.2.254 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8521173 errors:0 dropped:0 overruns:0 frame:0
TX packets:9882072 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:429491243 (409.5 MiB) TX bytes:1407034201 (1.3 GiB)
vlan2 Link encap:Ethernet HWaddr 00:1B:FC:91:xx:xx
inet addr:212.67.28.55 Bcast:212.67.28.255 Mask:255.255.252.0
inet6 addr: fe80::21b:fcff:fe91:8263/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:82 (82.0 B)
[admin@(none) root]$
вывод iptables -L -n
Code:
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN TCPMSS clamp to PMTU
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate DNAT
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain MACS (0 references)
target prot opt source destination
Chain SECURITY (0 references)
target prot opt source destination
RETURN tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5
RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
RETURN udp -- anywhere anywhere limit: avg 5/sec burst 5
RETURN icmp -- anywhere anywhere limit: avg 5/sec burst 5
DROP all -- anywhere anywhere
Chain logaccept (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `ACCEPT '
ACCEPT all -- anywhere anywhere
Chain logdrop (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `DROP '
DROP all -- anywhere anywhere
[admin@(none) root]$ clear
[admin@(none) root]$ iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 TCPMSS clamp to PMTU
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
DROP all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate DNAT
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain MACS (0 references)
target prot opt source destination
Chain SECURITY (0 references)
target prot opt source destination
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 limit: avg 1/sec burst 5
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5
RETURN udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
RETURN icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain logaccept (0 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `ACCEPT '
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix `DROP '
DROP all -- 0.0.0.0/0 0.0.0.0/0
буду рад услышать советы спецов, если можно - с описанием реальных действий
ps на данный момент vlan2 никуда не заведен, все работает через vlan1
pps маршрутизация будет делаться на роутере Asus wl500gP