Think before you speak, read before you think.

ip rule和 ip route

by

in

相对ip route ,ip rule是高级路由,能实现不同条件路由的转发。

linux系统维护了路由表,用ip rule show可以查看路由表。

# ip rule show
0: from all lookup local 
32766: from all lookup main 
32767: from all lookup default

路由表记录在/etc/iproute2/rt_tables文件中,默认里面会用这么几行,在这个文件里添加的路由表即时生效

255 local
254 main
253 default
0 unspec

所以自定义一个路由表的时候,序号要在1-252之间,路由选择的优先级也与数字的大小有关,越小的优先级越高,先匹配。
数字后面要规定一个别名,方便使用和辨认。

这样路由表的查看可有以下两种方法:

ip route list table table_number
ip route list table table_name

如查看默认路由表可用如下命令

ip route list table main
ip route list table 254

路由表添加完之后,接下来就是对路由表的操作,如果我有

eth1 配置ip 192.168.1.8/24 路由表 101 mytable1

eth2 配置ip  192.168.2.8/24 路由表 102 mytable2

不同段的从不同的网卡走。

ip route add 192.168.1.0 dev eth1 src 192.168.1.8 table mytable1
ip route add default via 192.168.1.1 table mytable1
ip rule add from 192.168.1.8 table mytable1

ip route add 192.168.2.0 dev eth2 src 192.168.2.8 table mytable2
ip route add default via 192.168.2.1 table mytable2
ip rule add from 192.168.2.8 table mytable2

现在使用ip rule show查看

# ip rule show
 0: from all lookup local
 32764: from 192.168.2.8 lookup mytable2
 32765: from 192.168.1.8 lookup mytable1
 32766: from all lookup main
 32767: from all lookup default

这时要删除rule可使用

ip rule del prio 32764

ip rule还可以实现更高级的功能,比如根据ip目的地址,包大小来进行转发。

查看route -n flag

The flags

Following is the list of flags and their significance in the routing table :

U : This flag signifies that the route is up
G : This flag signifies that the route is to a gateway. If this flag is not present then we can say that the route is to a directly connected destination
H : This flag signifies that the route is to a host which means that the destination is a complete host address. If this flag is not present then it can be assumed that the route is to a network and destination would be a network address.
D : This flag signifies that this route is created by a redirect.
M : This flag signifies that this route is modified by a redirect.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *