tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）

小君 2023-08-05 07:19:10 642

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）cd /etc/tinc/tincnet/hosts vi Server_Node Address = 129.211.209.82 Subnet = 10.254.254.2/32 Port = 655 (图片可点击放大查看)vi tinc-up #!/bin/sh ip link set $INTERFACE up ip addr add 10.254.254.2/24 dev $INTERFACE ip route add 10.254.254.0/24 dev $INTERFACE vi tinc-down #!/bin/sh ip route del 10.254.254.0/24 dev $INTERFACE ip addr del 10.254.254.2/24 dev $INTERFACE ip link set $INTERFACE down chmod 755

点击上方"walkingcloud"关注，并选择"星标"公众号

使用tinc quagga搭建个人SD-WAN网络

拓扑如下

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(1)

(图片可点击放大查看)

一、tinc安装与配置1、CentOS7云主机安装tinc

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(2)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(3)

(图片可点击放大查看)

yum install tinc

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(4)

(图片可点击放大查看)

mkdir -p /etc/tinc/tincnet/ mkdir /etc/tinc/tincnet/hosts cd /etc/tinc/tincnet/ ll vi tinc.conf Name = Server_Node Interface = tinctun AddressFamily = ipv4 Mode = switch ConnectTo = Slave_Node Compression=9 Cipher = aes-256-cbc Digest = sha256 PrivateKeyFile=/etc/tinc/tincnet/rsa_key.priv

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(5)

(图片可点击放大查看)

vi tinc-up #!/bin/sh ip link set $INTERFACE up ip addr add 10.254.254.2/24 dev $INTERFACE ip route add 10.254.254.0/24 dev $INTERFACE vi tinc-down #!/bin/sh ip route del 10.254.254.0/24 dev $INTERFACE ip addr del 10.254.254.2/24 dev $INTERFACE ip link set $INTERFACE down chmod 755 tinc*

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(6)

(图片可点击放大查看)

cd /etc/tinc/tincnet/hosts vi Server_Node Address = 129.211.209.82 Subnet = 10.254.254.2/32 Port = 655

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(7)

(图片可点击放大查看)

通过tincd生成非对称密钥

#通过tincd生成非对称密钥 tincd -n tincnet -K 4096

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(8)

(图片可点击放大查看)

2、分支节点安装配置tinc

配置与上面类似，不再赘述，截图如下

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(9)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(10)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(11)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(12)

(图片可点击放大查看)

3、保证两个节点的hosts文件夹都有全部节点的hosts信息

scp /etc/tinc/tincnet/hosts/Slave_Node root@129.211.209.82:/etc/tinc/tincnet/hosts/ scp root@129.211.209.82:/etc/tinc/tincnet/hosts/Server_Node /etc/tinc/tincnet/hosts

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(13)

(图片可点击放大查看)

4、配置etc/sysctl.conf文件

net.ipv4.ip_forward = 1

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(14)

(图片可点击放大查看)

5、防火墙放通655端口

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(15)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(16)

(图片可点击放大查看)

6、启动tinc服务

systemctl start tinc@tincnet systemctl status tinc@tincnet

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(17)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(18)

(图片可点击放大查看)

二、手工静态路由方式实现互访

添加路由前截图

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(19)

(图片可点击放大查看)

例如分支节点上添加静态路由

route add -net 10.106.0.0/20 dev tinctun

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(20)

(图片可点击放大查看)

三、安装quagga配置ospf实现互通1、两节点均安装并配置quagga

yum install quagga cd /etc/quagga/ cp /usr/share/doc/quagga-0.99.22.4/zebra.conf.sample ./ cp /usr/share/doc/quagga-0.99.22.4/ospfd.conf.sample ./ cp zebra.conf.sample zebra.conf cp ospfd.conf.sample ospfd.conf chmod 777 *.conf chmod 777 /var/log/ospfd/ systemctl enable zebra systemctl enable ospfd systemctl start zebra systemctl start ospfd

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(21)

(图片可点击放大查看)

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(22)

(图片可点击放大查看)

2、vtysh进行配置ospf

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(23)

(图片可点击放大查看)

主节点配置步骤如下

VM-0-17-centos# conf t VM-0-17-centos(config)# interface eth0 VM-0-17-centos(config-if)# description Server_eth0 VM-0-17-centos(config-if)# no shut VM-0-17-centos(config-if)# exit VM-0-17-centos(config)# interface tinctun VM-0-17-centos(config-if)# description Server_tinctun VM-0-17-centos(config-if)# no shut VM-0-17-centos(config-if)# exit VM-0-17-centos(config)# router ospf VM-0-17-centos(config-router)# router-id 1.1.1.1 VM-0-17-centos(config-router)# network 10.254.254.0/24 area 0 VM-0-17-centos(config-router)# network 10.206.0.17/20 area 0 VM-0-17-centos(config-router)# exit VM-0-17-centos(config)# log file /var/log/quagga/ospfd.log VM-0-17-centos(config)# exit VM-0-17-centos# wr Building Configuration... Configuration saved to /etc/quagga/zebra.conf Configuration saved to /etc/quagga/ospfd.conf [OK]

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(24)

(图片可点击放大查看)

分支节点配置步骤如下 vtysh

Hello this is Quagga (version 0.99.22.4). Copyright 1996-2005 Kunihiro Ishiguro et al. centos.walkingcloud.cn# conf t centos.walkingcloud.cn(config)# interface ens33 centos.walkingcloud.cn(config-if)# description Slave_ens33 centos.walkingcloud.cn(config-if)# no shut centos.walkingcloud.cn(config-if)# exit centos.walkingcloud.cn(config)# interface tinctun centos.walkingcloud.cn(config-if)# description Slave_tinctun centos.walkingcloud.cn(config-if)# no shut centos.walkingcloud.cn(config-if)# exit centos.walkingcloud.cn(config)# centos.walkingcloud.cn(config)# exit centos.walkingcloud.cn# conf t centos.walkingcloud.cn(config)# router ospf centos.walkingcloud.cn(config-router)# router-id 2.2.2.2 centos.walkingcloud.cn(config-router)# network 192.168.31.0/24 area 0 centos.walkingcloud.cn(config-router)# network 10.254.254.0/24 area 0 centos.walkingcloud.cn(config-router)# network 192.168.1.1/24 area 0 centos.walkingcloud.cn(config-router)# exit centos.walkingcloud.cn(config)# log file /var/log/quagga/ospfd.log centos.walkingcloud.cn(config)# exit centos.walkingcloud.cn# wr Building Configuration... Configuration saved to /etc/quagga/zebra.conf [OK] centos.walkingcloud.cn# exit

tinyproxy免流配置解析（quagga搭建个人SD-WAN网络）(25)