wzol
(usa Slackware)
Enviado em 02/12/2014 - 15:48h
Boa tarde,
Estou trabalhando num script para link redundante onde tenho o seguinte cenario.
eht0 - VPN ( VPN )
eth3 - speedy 8MB
Nesta VPN passam os acessos a internet da filial para o concentrador.
Bom tenho os seguintes scripts abaixo, gostaria se alguem pudesse me ajudar, pois nao sei se estou fazendo certo, ja fiz varias pesquisas de como fazer para que o link do speedy 8MB seja o principal e a VPN o link redundante.
Grato.
#link_redun.sh
#!/bin/sh
#Variaveis
ROTAVPN="192.168.2.254"
ROTASPEEDY="192.168.2.1"
IPVPN="192.168.2.253"
IPSPEEDY="192.168.1.1"
REDEVPN="192.168.2.0/24"
REDESPPEDY="192.168.1.0/24"
ETHT="eth0"
ETHV="eth3"
ROTADEL="route del default gw"
echo "Deleta rotas padrao"
$ROTADEL $ROTAVPN
$ROTADEL $ROTASPEEDY
echo "OK"
ip route flush table telef #Limpa as rotas no cache da tabela speedy
ip route flush table virtua #Limpa as rotas no cache da tabela virtua
ip route add $REDEVPN dev eth0 src $IPVPN table telef
ip route add default via $ROTAVPN table telef
ip route add $REDESPPEDY dev eth3 src $IPSPPEDY table virtua
ip route add default via $ROTASPPEDY table virtua
ip rule del from $IPVPN table telef
#ip rule del from 192.168.2.53 table telef
ip rule add from $IPSPEEDY table telef
#ip rule add from 192.168.2.53 table telef
ip rule del from $IPVPN table virtua
ip rule add from $IPSPPEEDY table virtua
#A regra abaixo responsal pelo balanceamento com peso 2:1, porque a speedy e mais rapida que o link da virtua
#ip route add default scope global nexthop via $ROTASPEEDY dev eth1 weight 2 nexthop via $ROTAVIRTUA dev eth2 weight 1
ip route add default via $ROTASPEEDY dev eth3
E tenho o gwping.sh
#!/bin/bash
#Copyright Angsuman Chakraborty, Taragana. Permission is granted for personal, non-commercial use.
#The script may not be re-distributed in any form without written permission from Angsuman Chakraborty ( angsuman@taragana.com ).
#The script may be modified for personal use.
#THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE AUTHOR ACCEPTS NO RESPONSIBILITY IN ANY CONCEIVABLE MANNER.
# Conventionally 0 indicates success in this script.
# Time between checks in seconds
SLEEPTIME=120
#IP Address or domain name to ping. The script relies on the domain being
#pingable and always available
TESTIP=200.176.2.10
#Ping timeout in seconds
TIMEOUT=4
# External interfaces
EXTIF1=eth3
EXTIF2=eth0
#IP address of external interfaces. This is not the gateway address.
IP1=192.168.2.254
IP2=192.168.1.2
#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.2.253
GW2=192.168.1.1
# Relative weights of routes. Keep this to a low integer value. I am using 4
# for TATA connection because it is 2 times faster
W1=1
W2=1
# Broadband providers name; use your own names here.
NAME1=TELEFONICA
NAME2=VPN
#No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=1
FAILUREREPEATCOUNT=4
# Do not change anything below this line
# Last link status indicates the macro status of the link we determined. This is down initially to force routing change upfront. Don't change these values.
LLS1=1
LLS2=1
# Last ping status. Don't change these values.
LPS1=1
LPS2=1
# Current ping status. Don't change these values.
CPS1=1
CPS2=1
# Change link status indicates that the link needs to be changed. Don't change these values.
CLS1=1
CLS2=1
# Count of repeated up status or down status. Don't change these values.
COUNT1=0
COUNT2=0
while : ; do
#Coleta data atual
DATA=`date +%c`
ping -W $TIMEOUT -I $IP1 -c 1 $TESTIP > /dev/null 2>&1
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
echo $NAME1 Down em $DATA
CPS1=1
else
CPS1=0
fi
if [ $LPS1 -ne $CPS1 ]; then
echo Ping status changed for $NAME1 from $LPS1 to $CPS1
COUNT1=1
else
if [ $LPS1 -ne $LLS1 ]; then
COUNT1=`expr $COUNT1 + 1`
fi
fi
if [[ $COUNT1 -ge $SUCCESSREPEATCOUNT || ($LLS1 -eq 0 && $COUNT1 -ge $FAILUREREPEATCOUNT) ]]; then
echo Uptime status will be changed for $NAME1 from $LLS1
CLS1=0
COUNT1=0
if [ $LLS1 -eq 1 ]; then
LLS1=0
else
LLS1=1
fi
else
CLS1=1
fi
LPS1=$CPS1
ping -W $TIMEOUT -I $IP2 -c 1 $TESTIP > /dev/null 2>&1
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
echo $NAME2 Down em $DATA
CPS2=1
else
CPS2=0
fi
if [ $LPS2 -ne $CPS2 ]; then
echo Ping status changed for $NAME2 from $LPS2 to $CPS2
COUNT2=1
else
if [ $LPS2 -ne $LLS2 ]; then
COUNT2=`expr $COUNT2 + 1`
fi
fi
if [[ $COUNT2 -ge $SUCCESSREPEATCOUNT || ($LLS2 -eq 0 && $COUNT2 -ge $FAILUREREPEATCOUNT) ]]; then
echo Uptime status will be changed for $NAME2 from $LLS2
CLS2=0
COUNT2=0
if [ $LLS2 -eq 1 ]; then
LLS2=0
else
LLS2=1
fi
else
CLS2=1
fi
LPS2=$CPS2
if [[ $CLS1 -eq 0 || $CLS2 -eq 0 ]]; then
if [[ $LLS1 -eq 1 && $LLS2 -eq 0 ]]; then
echo "link :$NAME2 em $DATA"
ip route replace default scope global via $GW2 dev $EXTIF2
ip route flush cache
elif [[ $LLS1 -eq 0 && $LLS2 -eq 1 ]]; then
echo "link :$NAME1 em $DATA"
ip route replace default scope global via $GW1 dev $EXTIF1
ip route flush cache
elif [[ $LLS1 -eq 0 && $LLS2 -eq 0 ]]; then
echo "Restaura padrao TELEFONICA com backup Virtua em $DATA"
ip route replace default scope global via $GW1 dev $EXTIF1
ip route flush cache
fi
fi
sleep $SLEEPTIME
done