我正在构建一个本地服务器集群。
server2 eth0 IP:168.168.1.2
Gateway: 168.168.1.1
NETMASK: 255.255.0.0
server3: eth0 IP: 168.168.1.3
Gateway: 168.168.1.1
NETMASK: 255.255.0.0
server1: eth0 IP: 168.168.1.1
eth0:1 IP x.x.x.x(provided by ISP)
GATWWAY x.x.x.x(provided by ISP)
我想将服务器1构建为子网的网关。
我可以成功访问服务器1上的公共网络。但是,它在服务器2上失败。我在服务器1上运行以下命令
#iptables -t nat -F
#iptables -t nat -A POSTROUTING -s 168.168.0.0/16 -o eth0:1 -j MASQUERADE
#iptables -t nat -A POSTROUTING -o eth0:1 -j MASQUERADE
#iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
#iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain LOGGING (0 references)
target prot opt source destination
在服务器2上
#ping 173.194.127.240
PING 173.194.127.240 (173.194.127.240) 56(84) bytes of data.
From 168.168.1.1: icmp_seq=2 Redirect Host(New nexthop: x.x.x.x(ISP gateway))
From 168.168.1.1: icmp_seq=3 Redirect Host(New nexthop: x.x.x.x(ISP gateway))
From 168.168.1.1: icmp_seq=4 Redirect Host(New nexthop: x.x.x.x(ISP gateway))
--- 173.194.127.240 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5950ms
我在服务器1上的配置有什么问题。我应该如何使用iptables配置网关?非常感谢
