如何在Ubuntu 22.04上分离3个网络接口的流量
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.48 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::8276:83ab:72d6:1287 prefixlen 64 scopeid 0x20<link>
ether 9c:53:22:48:77:19 txqueuelen 1000 (Ethernet)
RX packets 7797 bytes 1129504 (1.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6828 bytes 593700 (593.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp8s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.101 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::b875:1df4:ff5e:9f09 prefixlen 64 scopeid 0x20<link>
ether d8:5e:d3:01:84:ed txqueuelen 1000 (Ethernet)
RX packets 135512185 bytes 8949006996 (8.9 GB)
RX errors 0 dropped 237 overruns 235 frame 0
TX packets 365038054 bytes 534261499563 (534.2 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xfa800000-fa81ffff
enp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.36 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2403:6200:89a6:d09d:5606:aae2:c339:9eb1 prefixlen 64 scopeid 0x0<global>
inet6 2403:6200:89a6:d09d:d5ac:2515:913e:e2be prefixlen 64 scopeid 0x0<global>
inet6 fe80::272a:26bd:9d12:e881 prefixlen 64 scopeid 0x20<link>
ether d8:5e:d3:01:84:ee txqueuelen 1000 (Ethernet)
RX packets 274876935 bytes 23805585708 (23.8 GB)
RX errors 0 dropped 1956 overruns 0 frame 0
TX packets 740203694 bytes 1081935809783 (1.0 TB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp8s0默认已经单独工作,通过192.168.0.1连接,与通过192.168.1.1连接的enp9s0一直工作顺利,然后我添加了eno1,出现了问题。
所有网络接口都连接到3个不同ISP的不同路由器,eno1是附加LAN PCIe卡,而enp8s0和enp9s0是板载LAN插槽
这是我的 ip 路由结果
default via 192.168.1.1 dev enp9s0 proto dhcp metric 100
default via 192.168.0.1 dev enp8s0 proto dhcp metric 102
default via 192.168.1.1 dev eno1 proto dhcp metric 103
169.254.0.0/16 dev enp8s0 scope link metric 1000
192.168.0.0/24 dev enp8s0 proto kernel scope link src 192.168.0.101 metric 102
192.168.1.0/24 dev enp9s0 proto kernel scope link src 192.168.1.36 metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.48 metric 103
由于enp9s0连接到ISP1,enp8s0连接到ISP2,eno1连接到ISP3
我希望这3个的流量根据他们的ISP分别出去。当我卷曲时它们就分开了
money@money:~$ curl --interface enp8s0 ifconfig.me
101.108.144.237
money@money:~$ curl --interface enp9s0 ifconfig.me
14.207.43.37
money@money:~$ curl --interface eno1 ifconfig.me
171.100.22.228
但是当我使用 rclone 上传文件时它卡住了
这发生在我第一次添加 enp8s0 之前,在此之前我只有 1 个网络接口,现在是 enp9s0
我不得不
sudo ip route add 192.168.0.0/24 dev enp8s0 src 192.168.0.101 table rt2
sudo ip route add default via 192.168.0.1 dev enp8s0 table rt2
sudo ip rule add from 192.168.0.101/32 table rt2
sudo ip rule add to 192.168.0.101/32 table rt2
并解决了它
现在我添加了eno1并再次遇到了上述问题所以我尝试了两者
sudo ip route add 192.168.1.0/24 dev eno1 src 192.168.1.48 table rt2
sudo ip route add default via 192.168.1.1 dev eno1 table rt2
sudo ip rule add from 192.168.1.48/32 table rt2
sudo ip rule add to 192.168.1.48/32 table rt2
和
sudo ip route add 192.168.1.0/24 dev eno1 src 192.168.1.48 table rt3
sudo ip route add default via 192.168.1.1 dev eno1 table rt3
sudo ip rule add from 192.168.1.48/32 table rt3
sudo ip rule add to 192.168.1.48/32 table rt3
但还是过不了
ip 路由列表表时的附加信息
money@money:~$ ip route list table rt2
default via 192.168.0.1 dev enp8s0
192.168.0.0/24 dev enp8s0 scope link src 192.168.0.101
192.168.1.0/24 dev eno1 scope link src 192.168.1.48
money@money:~$ ip route list table rt3
default via 192.168.0.1 dev enp8s0
192.168.0.0/24 dev enp8s0 scope link src 192.168.0.101
192.168.1.0/24 dev eno1 scope link src 192.168.1.48
当 cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
1 rt2
1 rt3
ip 结果
2: enp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d8:5e:d3:01:84:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.1.36/24 brd 192.168.1.255 scope global dynamic noprefixroute enp9s0
valid_lft 9272sec preferred_lft 9272sec
inet6 2403:6200:89a6:d09d:5606:aae2:c339:9eb1/64 scope global temporary dynamic
valid_lft 581671sec preferred_lft 62705sec
inet6 2403:6200:89a6:d09d:d5ac:2515:913e:e2be/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 863871sec preferred_lft 431871sec
inet6 fe80::272a:26bd:9d12:e881/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether d8:5e:d3:01:84:ed brd ff:ff:ff:ff:ff:ff
inet 192.168.0.101/24 brd 192.168.0.255 scope global dynamic noprefixroute enp8s0
valid_lft 63271sec preferred_lft 63271sec
inet6 fe80::b875:1df4:ff5e:9f09/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 9c:53:22:48:77:19 brd ff:ff:ff:ff:ff:ff
altname enp10s0
inet 192.168.1.48/24 brd 192.168.1.255 scope global dynamic noprefixroute eno1
valid_lft 82853sec preferred_lft 82853sec
inet6 fe80::8276:83ab:72d6:1287/64 scope link noprefixroute
valid_lft forever preferred_lft forever
使用rclone上传时的3个接口对比。第一个通过 enp9s0 而不添加 --bind 选项,因此连接通过默认线路,这个没有问题
money@money:~$ rclone move --verbose --transfers 2 --checkers 6 --bwlimit 1G --contimeout 120s --timeout 600s --retries 6 --low-level-retries 20 --buffer-size 128M --drive-chunk-size 128M --stats 1s /media/cache/vipx3 up:
2023/03/11 18:31:15 INFO : Starting bandwidth limiter at 1Gi Byte/s
2023/03/11 18:31:16 INFO :
Transferred: 0 B / 74.568 GiB, 0%, 0 B/s, ETA -
Checks: 0 / 1, 0%
Transferred: 0 / 1, 0%
Elapsed time: 1.0s
Checking:
Transferring:
* plot-k32-c7-2023-03-11…8a61bb6c66fc76752.plot: 0% /74.568Gi, 0/s, -
2023/03/11 18:31:18 INFO :
Transferred: 52.871 MiB / 74.568 GiB, 0%, 20.327 MiB/s, ETA 1h2m33s
Checks: 0 / 1, 0%
Transferred: 0 / 1, 0%
Elapsed time: 3.0s
Checking:
Transferring:
* plot-k32-c7-2023-03-11…8a61bb6c66fc76752.plot: 0% /74.568Gi, 20.327Mi/s, 1h2m33s
在添加前面提到的 ip 路由规则后,这个经过 enp8s0 (192.168.0.101) 的操作也经过了
money@money:~$ rclone move --bind 192.168.0.101 --verbose --transfers 2 --checkers 6 --bwlimit 1G --contimeout 120s --timeout 600s --retries 6 --low-level-retries 20 --buffer-size 128M --drive-chunk-size 128M --stats 1s /media/cache/vipx3 up:
2023/03/11 18:28:39 INFO : Starting bandwidth limiter at 1Gi Byte/s
2023/03/11 18:28:40 INFO :
Transferred: 0 B / 74.568 GiB, 0%, 0 B/s, ETA -
Checks: 0 / 1, 0%
Transferred: 0 / 1, 0%
Elapsed time: 1.0s
Checking:
Transferring:
* plot-k32-c7-2023-03-11…8a61bb6c66fc76752.plot: 0% /74.568Gi, 0/s, -
2023/03/11 18:28:42 INFO :
Transferred: 51.184 MiB / 74.568 GiB, 0%, 21.965 MiB/s, ETA 57m54s
Checks: 0 / 1, 0%
Transferred: 0 / 1, 0%
Elapsed time: 3.0s
Checking:
Transferring:
* plot-k32-c7-2023-03-11…8a61bb6c66fc76752.plot: 0% /74.568Gi, 21.965Mi/s, 57m54s
这是我添加的最后一个网络接口(eno1),现在无法上传
money@money:~$ rclone move --bind 192.168.1.48 --verbose --transfers 2 --checkers 6 --bwlimit 1G --contimeout 120s --timeout 600s --retries 6 --low-level-retries 20 --buffer-size 128M --drive-chunk-size 128M --stats 1s /media/cache/vipx3 up:
2023/03/11 18:27:52 INFO : Starting bandwidth limiter at 1Gi Byte/s
2023/03/11 18:27:53 INFO :
Transferred: 0 B / 0 B, -, 0 B/s, ETA -
Elapsed time: 1.0s
2023/03/11 18:27:54 INFO :
Transferred: 0 B / 0 B, -, 0 B/s, ETA -
Elapsed time: 2.0s
2023/03/11 18:27:55 INFO :
Transferred: 0 B / 0 B, -, 0 B/s, ETA -
Elapsed time: 3.0s
2023/03/11 18:27:56 INFO :
Transferred: 0 B / 0 B, -, 0 B/s, ETA -
Elapsed time: 4.0s
如何使 eno1 流量通过自己的网关(如 enp8s0)?该线路有自己的路由器,连接到自己独立的 ISP。现在它似乎与 enp9s0 共享 192.168.1.1
答案1
我通过访问 eno1 的路由器解决了这个问题,同时删除了 enp9s0 的 LAN 电缆,因为它们共享 192.168.1.1 然后将其 IP 更改为 192.168.2.1 然后我添加这些行
sudo ip route add 192.168.0.0/24 dev enp8s0 src 192.168.0.101 table rt2
sudo ip route add default via 192.168.0.1 dev enp8s0 table rt2
sudo ip rule add from 192.168.0.101/32 table rt2
sudo ip rule add to 192.168.0.101/32 table rt2
我可能在挣扎期间搞砸了,所以 enp8s0 在每次重新启动时都会被禁用还不知道如何解决这个问题,我什至添加了 crontrabsudo ifconfig enp8s0 up但仍然没有在启动时出现我最终不得不通过 gui 启用它,这有效
然后我添加这个
sudo ip route add 192.168.2.0/24 dev eno1 src 192.168.2.36 table rt1
sudo ip route add default via 192.168.2.1 dev eno1 table rt1
sudo ip rule add from 192.168.2.36/32 table rt1
sudo ip rule add to 192.168.2.36/32 table rt1
sudo ip route add default via 192.168.2.1 metric 101 dev eno1
ip规则结果
0: from all lookup local
32756: from all to 192.168.0.101 lookup rt2
32757: from 192.168.0.101 lookup rt2
32758: from all to 192.168.2.36 lookup rt1
32759: from 192.168.2.36 lookup rt1
32760: from all to 192.168.0.101 lookup rt2
32761: from 192.168.0.101 lookup rt2
32762: from all to 192.168.0.101 lookup rt2
32763: from 192.168.0.101 lookup rt2
32764: from all to 192.168.2.36 lookup rt1
32765: from 192.168.2.36 lookup rt1
32766: from all lookup main
32767: from all lookup default
这是 ip 路由列表
money@money:~$ ip route list table rt2
default via 192.168.0.1 dev enp8s0
192.168.0.0/24 dev enp8s0 scope link src 192.168.0.101
money@money:~$ ip route list table rt1
default via 192.168.2.1 dev eno1
192.168.2.0/24 dev eno1 scope link src 192.168.2.36
然后我注意到当我运行 nload -m 时 enp9s0 没有被使用,所以我添加了
sudo ip route add 192.168.1.0/24 dev enp9s0 src 192.168.1.36 table rt3
sudo ip route add default via 192.168.1.1 dev enp9s0 table rt3
sudo ip rule add from 192.168.1.36/32 table rt3
sudo ip rule add to 192.168.1.36/32 table rt3
sudo ip route add default via 192.168.0.1 metric 100 dev enp8s0
sudo ip route add default via 192.168.1.1 metric 101 dev enp9s0
sudo ip route add default via 192.168.2.1 metric 102 dev eno1
现在事情按预期进行