[工作笔记]一个ubuntu配置双网卡双网段IP走不同网关的脚本

[工作笔记]ubuntu配置双网卡双网段IP走不同网关的问题
    前不久同事去嘉兴上架一台服务器，服务器安装有ubuntu 12.04 server 系统，决定采用电信和联通双线，将电信和联通地址分别配置到两个网卡接口上，两个接口均配置了网关。以前在使用centos时，得益于三层网络设备上层的配置，两个网段直接可以通过电信网关出去。现在要求联通走联通的网关，电信走电信的网关，对此，网络上的解决方法大体相同——加路由，对于ubuntu而言，就是在路由表（/etc/iproute2/rt_tables）中增加路由，把路由写进启动脚本(/etc/rc.local以及/etc/init.d/networking)。

    比如，为了保密，我们选2个特别的地址来实验：

    电信IP：172.18.33.20 netmask 255.255.255.128 gateway 172.18.33.1

    联通IP：100.100.100.2 netmask 255.255.255.192 gateway 100.100.100.1

    首先需要配置网卡信息，即在/etc/network/interfaces中写入以下内容：

auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 172.18.33.20
netmask 255.255.255.128
gateway 172.18.33.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
auto eth1
iface eth1 inet static
address 100.100.100.2
netmask 255.255.255.192

    保存后退出，其中联通网关是不用配的，执行sudo /etc/init.d/networking restart 使配置生效，此时，只能通一个IP。

    然后需要在/etc/iproute2中增加2个路由表分别是电信：tel 联通：cnc ，这个表中有预留的内容，不能与之重复，一般从252往前到1是没被使用的，可以在 0 之前增加两条：

252 tel
251 cnc

    然后保存退出。

    现在我们可以增加路由规则了，直接在控制台输入命令：

# ip route flush table tel
# ip route add default via 172.18.33.1 dev eth0 src 172.18.33.20 table tel
# ip rule add from 172.18.33.20 table tel

    此举可实现让电信的资源访问只从eth0网卡出去。

# ip route flush table cnc
# ip route add default via 100.100.100.1 dev eth1 src 100.100.100.2 table cnc
# ip rule add from 100.100.100.2 table cnc

    此举可实现让联通的资源访问只从eth1网卡出去。

    到现在为止，双线应该已经通了，但是重启之后，路由规则会失效，所以我们还要把路由规则写进两个脚本里——/etc/init.d/networking和/etc/rc.local,两个脚本操作方法相同，需要在结尾exit 0之前增加路由规则：

# ip route flush table tel
# ip route add default via 172.18.33.1 dev eth0 src 172.18.33.20 table tel
# ip ruleadd from 172.18.33.20 table tel
# ip route flush table cnc
# ip route add default via 100.100.100.1 dev eth1 src 100.100.100.2 table cnc
# ip rule add from 100.100.100.2 table cnc
exit 0

    这样，系统重启和网络服务重启，都会自动加载路由规则。

    为了以后方便配置更多服务器，简化配置过程，减少人为配置失误，笔者写了一个自动配置脚本，只需输入2个网络的IP地址，掩码和网关，就可以自动完成配置，已在ubuntu 12.04 server上试验成功。脚本如下：

#!/bin/bash
#
#d_net_auto.sh
#
#this script is used for "two networks with two interfaces" on Ubuntu Linux.
#the backup configuration files will be named "*.daibak" in the same directory.
#this script was tested on ubuntu 12.04 server.................DaiSuchuan.2015
#
if [ `whoami` != "root" ];then
echo "run as root !"
else
#define colours
RED_COLOR='\E[1;31m'
GREEN_COLOR='\E[1;32m'
RES='\E[0m'
#define directorys
interfacesDIR="/etc/network"
rt_tablesDIR="/etc/iproute2"
rc_localDIR="/etc"
networkingDIR="/etc/init.d"
#read configuration from basic input
echo -n "Enter CT IP address:"
read CTaddress
echo -n "Enter CT netmask:"
read CTnetmask
echo -n "Enter CT gateway:"
read CTgateway
echo
echo -n "Enter CNC IP address:"
read CNCaddress
echo -n "Enter CNC netmask:"
read CNCnetmask
echo -n "Enter CNC gateway:"
read CNCgateway
#print configurations
echo
echo "###############################"
echo "Please check the configurations"
echo -e "${RED_COLOR}CT${RES}:"
echo -e "address: ${GREEN_COLOR}$CTaddress${RES}"
echo -e "netmask: ${GREEN_COLOR}$CTnetmask${RES}"
echo -e "gateway: ${GREEN_COLOR}$CTgateway${RES}"
echo -e "${RED_COLOR}CNC${RES}:"
echo -e "address: ${GREEN_COLOR}$CNCaddress${RES}"
echo -e "netmask: ${GREEN_COLOR}$CNCnetmask${RES}"
echo -e "gateway: ${GREEN_COLOR}$CNCgateway${RES}"
#check configurations
echo "Are all those above right ? (y/n)"
read chk
echo
if [ $chk =  "y" ];then
echo "Now.Start configurations......"
echo
#1.backup files
echo -e "${RED_COLOR}1${RES}.Backup configurations......"
echo
if [ ! -f "$interfacesDIR/interfaces.daibak" ];then
cp "$interfacesDIR/interfaces" "$interfacesDIR/interfaces.daibak"
else
echo "interfaces.daibak has existed ! Nothing to do."
fi
if [ ! -f "$rt_tablesDIR/rt_tables.daibak" ];then
cp "$rt_tablesDIR/rt_tables" "$rt_tablesDIR/rt_tables.daibak"
else
echo "rt_tables.daibak has existed ! Nothing to do."
fi
if [ ! -f "$rc_localDIR/rc.local.daibak" ];then
cp "$rc_localDIR/rc.local" "$rc_localDIR/rc.local.daibak"
else
echo "rc.local.daibak has existed ! Nothing to do."
fi
if [ ! -f "$networkingDIR/networking.daibak" ];then
cp "$networkingDIR/networking" "$networkingDIR/networking.daibak"
else
echo "networking.daibak has existed ! Nothing to do."
fi
echo -e "${GREEN_COLOR}Done.${RES}"
echo
echo
#2.start configure interfaces
echo -e "${RED_COLOR}2${RES}.Configure interfaces......"
echo
touch .interfaces
#Primery Network
echo "auto lo" > .interfaces
echo "iface lo inet loopback" >> .interfaces
echo "auto eth0" >> .interfaces
echo "iface eth0 inet static" >> .interfaces
echo "address $CTaddress" >> .interfaces
echo "netmask $CTnetmask" >> .interfaces
echo "gateway $CTgateway" >> .interfaces
echo "#dns-* options are implemented by the resolvconf package,if installed" >> .interfaces
echo "dns-nameservers 8.8.8.8" >> .interfaces
#Secondary Network
echo "auto eth1" >> .interfaces
echo "iface eth1 inet static" >> .interfaces
echo "address $CNCaddress" >> .interfaces
echo "netmask $CNCnetmask" >> .interfaces
chmod 644 ./.interfaces
cp -f ./.interfaces "$interfacesDIR/interfaces"
echo -e "${GREEN_COLOR}Done.${RES}"
echo
echo
#3.configure rt_tables

echo -e "${RED_COLOR}3${RES}.Configure rt_tables......"
echo
sed '/^0/i\252\ttel' "$rt_tablesDIR/rt_tables" > ._rt_tables
sed '/^0/i\251\tcnc' ._rt_tables > .rt_tables
chmod 644 ./.rt_tables
cp -f ./.rt_tables "$rt_tablesDIR/rt_tables"
echo -e "${GREEN_COLOR}Done.${RES}"
echo
echo
#4.configure rc.local
echo -e "${RED_COLOR}4${RES}.Configure rc.local......"
echo
#Primary route
sed '/^exit/i\ip route flush table tel' "$rc_localDIR/rc.local" > ._rc.local.1
sed '/^exit/i\ip route add default via '$CTgateway' dev eth0 src '$CTaddress' table tel' ._rc.local.1 > ._rc.local.2
sed '/^exit/i\ip rule add from '$CTad
9527
dress' table tel' ._rc.local.2 > ._rc.local.3
#Secondary route
sed '/^exit/i\ip route flush table cnc' ._rc.local.3 > ._rc.local.4
sed '/^exit/i\ip route add default via '$CNCgateway' dev eth1 src '$CNCaddress' table cnc' ._rc.local.4 > ._rc.local.5
sed '/^exit/i\ip rule add from '$CNCaddress' table cnc' ._rc.local.5 > .rc.local
chmod 755 ./.rc.local
cp -f ./.rc.local "$rc_localDIR/rc.local"
echo -e "${GREEN_COLOR}Done.${RES}"
echo
echo
#5.configure networking
echo -e "${RED_COLOR}5${RES}.Configure networking......"
echo
#Primary route
sed '/^exit/i\ip route flush table tel' "$networkingDIR/networking" > ._networking.1
sed '/^exit/i\ip route add default via '$CTgateway' dev eth0 src '$CTaddress' table tel' ._networking.1 > ._networking.2
sed '/^exit/i\ip rule add from '$CTaddress' table tel' ._networking.2 > ._networking.3
#Secondary route
sed '/^exit/i\ip route flush table cnc' ._networking.3 > ._networking.4
sed '/^exit/i\ip route add default via '$CNCgateway' dev eth1 src '$CNCaddress' table cnc' ._networking.4 > ._networking.5
sed '/^exit/i\ip rule add from '$CNCaddress' table cnc' ._networking.5 > .networking
chmod 755 ./.networking
cp ./.networking "$networkingDIR/networking"
echo -e "${GREEN_COLOR}Done.${RES}"
echo
echo
#6.start network
echo -e "${RED_COLOR}6${RES}.Start networking......"
/etc/init.d/networking restart
echo -e "${GREEN_COLOR}Done.${RES}"
#remove cache
rm -f ./._* ./.interfaces ./.rt_tables ./.rc.local ./.networking
else
echo "Configuration is stop ! Please restart this script and reconfigure !"
exit 1
fi
echo "All configurations are complete! Maybe they will work after rebooting your system."
fi
echo
echo "This script is created by DaiSuchuan with Ubuntu Linux......2015.06.12"
exit 0

    难免有疏漏之处，请指正。