![]() ![]() There is also another staatic routes called floating static routes that we can change administrative distance of this routes. In static routes the administrative distance is as default value. Static routing is the manual method of routing and Dynamic routing is the routing that is done with the help of Routing Protocols. One of them is Static Routing and the other is Dynamic Routing. ![]() ![]() У меня 10.9.0.0/16 и 172.25.25.0/24iptables -t mangle -A PREROUTING -i tun0 -d 10.8.1.0/24 -j MARK –set-mark 8chain=prerouting action=mark-connection new-connection-mark=in passthrough=yes dst-address=172.25.25.0/24 in-interface=vpnchain=output action=mark-routing new-routing-mark=in passthrough=yes connection-mark=in iptables -t nat -A PREROUTING -m mark –mark 8 -j NETMAP –to 192.168.0.0/24chain=dstnat action=netmap to-addresses=192.168.15.0/24 connection-mark=iniptables -t nat -A POSTROUTING -m mark –mark 8 -j NETMAP –to 10.8.2.0/24chain=srcnat action=netmap to-addresses=10.9.0.0/16 connection-mark=inip route add 192.168.0.0/24 dev eth1 table netmapdst-address=192.168.15.0/24 gateway=ether2-master-local routing-mark=inНу и приведу всю конфигурацию Mangle, NAT и Route./ip firewall mangle> printFlags: X - disabled, I - invalid, D - dynamic 0 chain=prerouting action=mark-connection new-connection-mark=in passthrough=yes dst-address=172.25.25.0/24 in-interface=vpn 1 chain=output action=mark-routing new-routing-mark=in passthrough=yes connection-mark=in 2 chain=prerouting action=mark-connection new-connection-mark=out passthrough=yes dst-address=10.9.0.0/16 in-interface=ether2-master-local 3 chain=output action=mark-routing new-routing-mark=out passthrough=yes connection-mark=out/ip firewall nat> print Flags: X - disabled, I - invalid, D - dynamic 0 default configuration chain=srcnat action=masquerade out-interface=ether1-gateway 1 chain=dstnat action=netmap to-addresses=192.168.15.0/24 connection-mark=in 2 chain=srcnat action=netmap to-addresses=10.9.0.0/16 connection-mark=in 3 chain=dstnat action=netmap to-addresses=192.168.15.0/24 routing-mark=out 4 chain=srcnat action=netmap to-addresses=172.25.25.0/24 routing-mark=out /ip> route print detail Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 0 A S dst-address=192.168.15.0/24 gateway=ether2-master-local gateway-status=ether2-master-local reachable distance=1 scope=30 target-scope=10 routing-mark=in 1 A S dst-address=192.168.0.0/16 gateway=vpn gateway-status=vpn reachable distance=1 scope=30 target-scope=10 routing-mark=out 4 A S dst-address=192.168.0.0/16 gateway=%vpn_serv_IP% gateway-status= computer networks, routing can be done with two methods. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |