公司有2條撥號網絡,不要浪費資源。整合一下,自動分流。
路由器型號:華為AR2200
路由器配置
#
ip load-balance hash src-ip # 啟用負載均衡,這是關鍵。 配合2個 IP route使用。
#
dns resolve
dns server 223.5.5.5
dns server 218.85.152.99
dns proxy enable
dns relay enable
#
vlan batch 10
#
dhcp enable
#
acl number 3002
rule 1 permit ip source 192.168.1.0 0.0.0.255
rule 4 permit ip source 192.168.4.0 0.0.0.255
rule 12 permit ip source 192.168.12.0 0.0.0.255
#
ip pool ip-pool1
gateway-list 192.168.1.1
network 192.168.1.0 mask 255.255.255.0
excluded-ip-address 192.168.1.250 192.168.1.254
lease day 0 hour 8 minute 0
dns-list 218.85.157.99 218.85.152.99 114.114.114.114 180.76.76.76
#
ip pool ip-pool4
gateway-list 192.168.4.1
network 192.168.4.0 mask 255.255.255.0
excluded-ip-address 192.168.4.2 192.168.4.9
excluded-ip-address 192.168.4.250 192.168.4.254
lease day 0 hour 8 minute 0
dns-list 223.5.5.5 223.6.6.6 114.114.114.114 180.76.76.76
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password irreversible-cipher dsfy78FD&*7(D&S7sA(790))
local-user admin privilege level 15
local-user admin service-type terminal ssh http
#
firewall zone Local
priority 64
#
firewall defend syn-flood enable
firewall defend udp-flood enable
firewall defend icmp-flood enable
#
interface Dialer0
link-protocol ppp
ppp chap user 111111111
ppp chap password simple 222222
mtu 1492
tcp adjust-mss 1200
ip address ppp-negotiate
dialer user arweb
dialer bundle 1
dialer-group 1
nat outbound 3002 # 地址轉換綁定acl3002,不啟用上不了網哦
#
interface Dialer2
link-protocol ppp
ppp chap user 222222222
ppp chap password simple 222222
mtu 1492
tcp adjust-mss 1200
ip address ppp-negotiate
dialer user arweb
dialer bundle 2
dialer-group 2
nat outbound 3002 # 地址轉換綁定acl3002,不啟用上不了網哦
#
interface GigabitEthernet0/0/0
tcp adjust-mss 1200
ip address 192.168.1.1 255.255.255.0
combo-port copper
dhcp select global
#
interface GigabitEthernet0/0/1
pppoe-client dial-bundle-number 1
mtu 1492
tcp adjust-mss 1200
#
interface GigabitEthernet0/0/2
pppoe-client dial-bundle-number 2
#
dialer-rule
dialer-rule 1 ip permit
dialer-rule 2 ip permit
#
stelnet server enable
ssh server port 22
#
http server port 80
http secure-server ssl-policy default_policy
http server enable
http secure-server enable
#
ip route-static 0.0.0.0 0.0.0.0 Dialer0
ip route-static 0.0.0.0 0.0.0.0 Dialer2
#第二線路,記得第二行 ip load-balance hash src-ip
ip route-static 192.168.0.0 255.255.248.0 192.168.1.254
獲取外網IP
當然了,可以用curl ip.sb 直接獲取 ( 這個只能獲取一個隨機撥號的IP)
#!/bin/bash
ip=$(curl -s https://api.ip.sb/ip)
echo $ip
再來個,自動獲取撥號路由器的外網IP腳本。
文件放在 /root/shell/ppp_ip.py
#!/usr/bin/env python3
#-*- coding: utf-8 -*-
import paramiko
import time
rip = '192.168.1.1'
def ssh2(ip,username,passwd,cmd):
try:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip,22,username,passwd,timeout=5)
ssh_shell = ssh.invoke_shell() #使用invoke是為了可以執行多條命令
r = ssh_shell.recv(4096)
#print(r.decode())
ssh_shell.sendall(cmd+'\\r\\n')
time.sleep(5)
r = ssh_shell.recv(4096)
#print(r.decode())
result = re.findall('\\d+\\.\\d+\\.\\d+\\.\\d+/32',r.decode())[0]
if result:
print(result.split('/')[0])
else:
print('None')
ssh.close()
except Exception as e:
#print(str(e))
print('None')
if __name__=='__main__':
import sys
cmd = 'dis int dia '
username = "admin" #用戶名
passwd = "Admin" #密碼
if len(sys.argv) > 1:
cmd = cmd + sys.argv[1]
else:
cmd = cmd + ' 0'
ssh2(rip,username,passwd,cmd)
最後來個 自動更新阿里dns解析的腳本。
文件放在 /root/shell/updateIP.sh
#!/bin/sh
alidns='aliyun alidns --config-path=/root/.aliyun/config.json'
nowip1=$(python36 /root/shell/ppp_ip.py 0)
echo nowip1 $nowip1
nowip2=$(python36 /root/shell/ppp_ip.py 2)
echo nowip2 $nowip2
oldip1=$($alidns DescribeDomainRecords --DomainName socialarks.com --RRKeyWord home| jq -r '.DomainRecords.Record[]|select(.RR=="home")|.Value ')
echo oldip1 $oldip1
oldip2=$($alidns DescribeDomainRecords --DomainName socialarks.com
--RRKeyWord home2| jq -r '.DomainRecords.Record[]|select(.RR=="home2")|.Value ')
echo oldip2 $oldip2
function update_dns(){
RR=$1
nowip=$2
oldip=$3
if [[ "$nowip" = "$oldip" ]];then
printf "IP \\033[32m $oldip \\033[0m 不變! \\n"
else
RecordId=$($alidns DescribeDomainRecords --DomainName socialbird.tech --ValueKeyWord $oldip|jq -r .DomainRecords.Record[].RecordId)
echo -e "\\033[32malidns DescribeDomainRecords --DomainName socialbird.tech --ValueKeyWord $oldip|jq -r .DomainRecords.Record[].RecordId\\033[0m"
echo $RecordId
python /root/shell/sms.py "撥號 $oldip 更新IP $nowip"
echo "update Ip to $nowip"
$alidns UpdateDomainRecord --RecordId $RecordId --RR $RR --Type A --Value $nowip
fi
}
if [[ $nowip1 -ne 'None' ]];then
update_dns home $nowip1 $oldip1
fi
if [[ $nowip2 -ne 'None' ]];then
update_dns home2 $nowip2 $oldip2
fi
這裡有人可能會問,aliyun這個命令哪裡來的? 不知道? 阿里雲文檔去搜索 aliyuncli
crontab -e
*/5 * * * * bash /root/shell/updateIP.sh # 5分鐘更新一次吧
sms.py 是什麼鬼?
自動發釘釘、微信、短信、郵件的腳本。
閱讀更多 笨馬說運維 的文章