服务器不通过直接连接的网卡进行通信

tag-icon tag-icon nic route
服务器不通过直接连接的网卡进行通信

我有 2 台服务器 (Windows Server 2012 R2),每台服务器有 (超过) 2 个网卡。我希望两台服务器都使用 1 个网卡用于“Internet”,并使用 1 个网卡直接与另一台服务器通信。 (还有第三台服务器,但我现在不详细介绍。)

服务器 1 具有公网 IP 63.148.179.243(接口 14)和本地 IP 192.168.211.13(接口 15)
服务器 2 具有公网 IP 63.148.179.244 和本地 IP 192.168.211.15
(接口 15 直接连接到服务器 2)

我希望服务器能够直接通信,即使我通过它们的公共 IP 来寻址它们。我假设我必须在服务器 1 上添加这样的路由:route -p add 63.148.179.244/32 192.168.211.13 metric 10 if 15

但即使这样做了,如果我在服务器 1 上打开浏览器,从http://63.148.179.244/hugeFile.txt,我发现连接到互联网的网卡负载已满,下载速度比我预期的要低得多。

我也尝试了稍微不同的方法,但没有更好的结果,使用route -p add 63.148.179.244/32 192.168.211.15 metric 10 if 15route -p add 63.148.179.244/32 192.168.211.13 metric 10 if 14

添加路线后,它看起来像这样:

C:\Windows\system32>route -p add 63.148.179.244/32 192.168.211.13 metric 10 if 15
 OK!

C:\Windows\system32>route print
===========================================================================
Interface List
 20...02 c5 d5 76 49 2c ......Microsoft Failover Cluster Virtual Adapter
 13...94 57 a5 57 86 6d ......HP Ethernet 1Gb 4-port 331i Adapter #2
 15...94 57 a5 57 86 6e ......HP Ethernet 1Gb 4-port 331i Adapter #3
 14...94 57 a5 57 86 6c ......HP Ethernet 1Gb 4-port 331i Adapter
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   63.148.179.241   63.148.179.243    276
   63.148.179.240  255.255.255.240         On-link    63.148.179.243    276
   63.148.179.242  255.255.255.255         On-link    192.168.211.12     20
   63.148.179.243  255.255.255.255         On-link    63.148.179.243    276
   63.148.179.244  255.255.255.255         On-link    192.168.211.13     20
   63.148.179.251  255.255.255.255         On-link    63.148.179.243    276
   63.148.179.252  255.255.255.255         On-link    63.148.179.243    276
   63.148.179.255  255.255.255.255         On-link    63.148.179.243    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.211.0    255.255.255.0         On-link    192.168.211.12    266
    192.168.211.0    255.255.255.0         On-link    192.168.211.13    266
   192.168.211.12  255.255.255.255         On-link    192.168.211.12    266
   192.168.211.13  255.255.255.255         On-link    192.168.211.13    266
  192.168.211.255  255.255.255.255         On-link    192.168.211.12    266
  192.168.211.255  255.255.255.255         On-link    192.168.211.13    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    63.148.179.243    276
        224.0.0.0        240.0.0.0         On-link    192.168.211.12    266
        224.0.0.0        240.0.0.0         On-link    192.168.211.13    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    63.148.179.243    276
  255.255.255.255  255.255.255.255         On-link    192.168.211.12    266
  255.255.255.255  255.255.255.255         On-link    192.168.211.13    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0   63.148.179.241  Default
   63.148.179.242  255.255.255.255   192.168.211.12      10
   63.148.179.244  255.255.255.255   192.168.211.13      10
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17   1026 ::/0                     2002:c058:6301::1
  1    306 ::1/128                  On-link
 17   1025 2002::/16                On-link
 17    281 2002:3e94:b3f3::3e94:b3f3/128
                                    On-link
 17    281 2002:3e94:b3fb::3e94:b3fb/128
                                    On-link
 17    281 2002:3e94:b3fc::3e94:b3fc/128
                                    On-link
 14    276 fe80::/64                On-link
 13    266 fe80::/64                On-link
 15    266 fe80::/64                On-link
 15    266 fe80::196e:792:9b88:76d9/128
                                    On-link
 13    266 fe80::64f0:273b:28a6:72b9/128
                                    On-link
 14    276 fe80::f94d:9dfa:c394:9f82/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 15    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Windows\system32>

请指教。

答案1

据我所知,接收接口将忽略与其 IP 不匹配的流量,即使另一个接口确实具有匹配的 IP。您希望服务器像路由器一样运行,但如果不启用路由和远程访问(或网络共享),Windows 将不会将数据包从一个接口路由到另一个接口。我不确定启用 RRAS 是否能解决这个问题,但如果能,那么您可能必须启用一堆防火墙规则来阻止任何潜在的不需要的路由。

答案2

您根本不需要为此设置路由,因为您希望流量保持在私有子网内进行此类通信。只需通过其私有 IP 直接寻址您希望与之交互的每个服务器,而根本不使用公共接口或使用名称。

相关内容