UBNT EdgeRouter ER-X ¼³Á¤À»ÇÏ·Á´Âµ¥ ¾îµðºÎÅÍ, ¹» ¾îÂî ¼Õ´ë¾ßµÉÁö °¨ÀÌ ¾ÈÀâÈ÷³×¿ä

´ÚÅÍD   
   Á¶È¸ 3481   Ãßõ 0    

WAN 2개에 LAN은 4개로 구성을 하려고합니다.

첨부된 네트워크맵 이미지를 보시면 KT망으로만 접속하는 네트워크, LG망으로만 접속하는 네트워크, LG망으로 접속을 하는데, IPTV와 인터넷전화기만 연결되는 네트워크, 그리고 KT망과 LG망 로드밸런싱된 네트워크

이렇게 총 4개의 네트워크가 분리되어 사용하고싶습니다.

구글링을 아무리해봐도 static routing 관련 내용밖에 안보이네요

조언좀 부탁드립니다.

ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¼ÛÁÖȯ 2018-11
PBRÀ» Àû¿ëÇÏ¼Å¾ß ÇÕ´Ï´Ù.
     
´ÚÅÍD 2018-11
PBR ¿¹Á¦µéÀÌ ¶ó¿ìÆà Å×À̺íÀ» staticÀ¸·Î ±¸¼ºÀ» ÇÏ´õ¶ó±¸¿ä...
WANµéÀº À¯µ¿¾ÆÀÌÇÇÀÏÅÙµ¥¸»ÀÌÁÒ...
          
¼ÛÁÖȯ 2018-11
Routing TableÀ» dynamic IP·Î ¼³Á¤ÇÏ´Â °ÍÀº ºÒ°¡´ÉÇÑ °ÍÀ¸·Î ¾Ë°í ÀÖ½À´Ï´Ù.
Àû¾îµµ Edgerouter¿¡¼­´Â¿ä.
          
¼ÛÁÖȯ 2018-11
´Ù½Ã È®ÀÎÇØ º¸´Ï interface ¼³Á¤ÀÌ °¡´ÉÇϳ׿ä. protocol - static - table - <num> - interface-route
               
´ÚÅÍD 2018-11
set interfaces ethernet eth1 description LAN1
set interfaces ethernet eth1 address 192.168.10.1/24
set interfaces ethernet eth2 description LAN2
set interfaces ethernet eth2 address 192.168.11.1/24
set interfaces ethernet eth3 description WAN1
set interfaces ethernet eth3 address dhcp
set interfaces ethernet eth4 description WAN2
set interfaces ethernet eth4 address dhcp
set service dhcp-server disabled false
set service dhcp-server shared-network-name LAN1 authoritative enable
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 start 192.168.10.2 stop 192.168.10.254
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 default-router 192.168.10.1
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 dns-server 1.1.1.1
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 dns-server 1.0.0.1
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 lease 86400
set service dhcp-server shared-network-name LAN2 authoritative enable
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 start 192.168.11.2 stop 192.168.11.254
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 default-router 192.168.11.1
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 dns-server 1.1.1.1
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 dns-server 1.0.0.1
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 lease 86400
set protocols static table 11 interface-route 0.0.0.0/0 next-hop-interface eth3
set protocols static table 12 interface-route 0.0.0.0/0 next-hop-interface eth4
set firewall modify PBR_policy rule 20 description WAN1
set firewall modify PBR_policy rule 20 source address 192.168.10.0/24
set firewall modify PBR_policy rule 20 modify table 11
set firewall modify PBR_policy rule 30 description WAN2
set firewall modify PBR_policy rule 30 source address 192.168.11.0/24
set firewall modify PBR_policy rule 30 modify table 12
set interfaces ethernet eth1 firewall in modify PBR_policy
set interfaces ethernet eth2 firewall in modify PBR_policy

ÀÌ·¸°Ô ¼³Á¤À» Çߴµ¥ µÇÁö¸¦ ¾Ê³×¿ä...
                    
¼ÛÁÖȯ 2018-11
SNAT ¼³Á¤Àº ÇØÁּ̳ª¿ä? ±×¸®°í next hop distance¸¦ 1·Î ¸ÂÃçÁֽʽÿÀ
                         
´ÚÅÍD 2018-11
SNATÀ¸·Î ¼³Á¤ÇÏ·Á´Ï ºÒ°¡´ÉÇÑµí º¸¿©¼­ masq·Î ¼³Á¤À» Çß½À´Ï´Ù.
DNSÄõ¸®¸¦ ¸øÇÏ°í À־ DNS¼³Á¤µµ ¹Ù²Ù¾ú½À´Ï´Ù.
³»ºÎ ³×Æ®¿öÅ©°£ Åë½ÅÀº µÇ´Âµ¥¿ä, ÀÎÅͳÝÀº ¿©ÀüÈ÷ ¾ÈµÇ³×¿ä...

set system offload hwnat enable
set system offload ipsec enable
set interfaces ethernet eth1 description LAN1
set interfaces ethernet eth1 address 192.168.10.1/24
set interfaces ethernet eth2 description LAN2
set interfaces ethernet eth2 address 192.168.11.1/24
set interfaces ethernet eth3 description WAN1
set interfaces ethernet eth3 address dhcp
set interfaces ethernet eth3 dhcp-options name-server no-update
set interfaces ethernet eth4 description WAN2
set interfaces ethernet eth4 address dhcp
set interfaces ethernet eth4 dhcp-options name-server no-update
set service dhcp-server disabled false
set service dhcp-server shared-network-name LAN1 authoritative enable
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 start 192.168.10.2 stop 192.168.10.254
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 default-router 192.168.10.1
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 dns-server 192.168.10.1
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 lease 86400
set service dhcp-server shared-network-name LAN2 authoritative enable
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 start 192.168.11.2 stop 192.168.11.254
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 default-router 192.168.11.1
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 dns-server 192.168.11.1
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 lease 86400
set protocols static table 11 interface-route 0.0.0.0/0 next-hop-interface eth3 distance 1
set protocols static table 12 interface-route 0.0.0.0/0 next-hop-interface eth4 distance 1
set firewall modify PBR_policy rule 20 description WAN1
set firewall modify PBR_policy rule 20 source address 192.168.10.0/24
set firewall modify PBR_policy rule 20 modify table 11
set firewall modify PBR_policy rule 30 description WAN2
set firewall modify PBR_policy rule 30 source address 192.168.11.0/24
set firewall modify PBR_policy rule 30 modify table 12
set interfaces ethernet eth1 firewall in modify PBR_policy
set interfaces ethernet eth2 firewall in modify PBR_policy

set service dns forwarding listen-on eth1
set service dns forwarding listen-on eth2
set service dns forwarding name-server 1.1.1.1
set service dns forwarding name-server 1.0.0.1
set system name-server 127.0.0.1
set service dns forwarding cache-size 300
set system domain-name home.local
set service dhcp-server shared-network-name LAN1 subnet 192.168.10.0/24 domain-name area1.home.local
set service dhcp-server shared-network-name LAN2 subnet 192.168.11.0/24 domain-name area2.home.local

set service nat rule 5010 description 'masquerade for WAN1'
set service nat rule 5010 outbound-interface eth3
set service nat rule 5010 type masquerade
set service nat rule 5010 protocol all
set service nat rule 5010 source address 192.168.10.0/24
set service nat rule 4010 description 'masquerade for WAN1'
set service nat rule 4010 inbound-interface eth3
set service nat rule 4010 type destination
set service nat rule 4010 protocol all
set service nat rule 4010 inside-address address 192.168.10.0/24
set service nat rule 4010 destination address 192.168.10.0/24
¼ÛÁÖȯ 2018-11
¸¶½ºÄ¿·¹ÀÌµå ·êÀº outbound-interface¸¸ ¼³Á¤ÇÏ¸é µË´Ï´Ù. NAT rule 4010Àº Áö¿ì½Ã°í¿ä..

±×¸®°í PBR ¼³Á¤ÇϽŠµÚ ¶ó¿ìÆà °æ·Î´Â Á¤»óÀûÀ¸·Î ÀâÈ÷´ÂÁö, °ÔÀÌÆ®¿þÀÌ¿ÍÀÇ Åë½ÅÀº °¡´ÉÇÑÁö Á¡°ËÇØ º¸½Ã±¸¿ä.
´ÚÅÍD 2018-11
¶ó¿ìÆà °æ·Î°¡ Á¤»óÀûÀ¸·Î ¾ÈÀâÈ÷´Â°Í°°½À´Ï´Ù.
[±âÁ¸°øÀ¯±â]---[ER-X]---[¼ÂÆÃPC]
+---[´Ù¸¥PC]
ÀÌ·¸°Ô ¿¬°áÇØµÎ°í ¼ÂÆü³Á¤ÁßÀä,
¼ÂÆÃPC¿¡¼­ ±âÁ¸°øÀ¯±â³ª, ´Ù¸¥PC·Î ¿¬°áÀº Àߵ˴ϴÙ.
nslookupÀ¸·Î www.google.comÄõ¸®Çϸé IPµµ Àß Ã£½À´Ï´Ù.
ÇÏÁö¸¸ ÀÎÅͳÝÀ¸·Î´Â ºüÁ®³ª°¡Áö¸¦ ¸øÇϳ׿ä

masq·êÀº ¾Æ·¡Ã³·³ º¯°æÇÏ¿´½À´Ï´Ù.
set service nat rule 5010 description 'masquerade for WAN1'
set service nat rule 5010 outbound-interface eth3
set service nat rule 5010 type masquerade
set service nat rule 5010 protocol all
     
¼ÛÁÖȯ 2018-11
1. WAN2´Â ¸¶½ºÄ¿·¹À̵ù ¾ÈÇϽôÂÁö¿ä
2. ¼¼ÆÃ(Å×½ºÆ®)ÀåºñÀÇ IP´Â ¾î¶»°Ô µÇ½Ã´ÂÁö¿ä.
3. Routing Table°ú default routeÀÇ ¸ÞÆ®¸¯ °ªÀº ¾î¶»°Ô µÇ¾î ÀÖ´ÂÁö¿ä
4. ·Îµå ¹ë·±½Ìµµ ÇÑ´Ù°í Çϼ̴µ¥ °ü·Ã ¼¼ÆÃÀ» Çϼ̴ÂÁö, ¾Æ´Ï¸é ÇÏÁö ¾ÊÀº °ÍÀÎÁö¿ä
          
´ÚÅÍD 2018-11
1. WAN2´Â ¿ì¼± WAN1 ¼³Á¤ÀÌ ³¡³ª¸é ±×ÈÄ¿¡ ÇÏ·Á°í ÇÏ´ÂÁßÀÔ´Ï´Ù.
2. Å×½ºÆ®ÀåºñIP´Â DHCP·ÎºÎÅÍ ÀÓ´ë¹Þ¾Æ¼­ 192.168.10.2 ÀÔ´Ï´Ù.
3. er-x¿¡¼­ Ç¥½ÃµÇ´Â routing tableÀ» ¸»¾¸ÇϽô°ÇÁö ¾Æ´Ï¸é ¼¼ÆÃPC¿¡¼­ route printÇÞÀ»¶§ º¸¿©Áö´Â°É ¸»¾¸ÇϽô°ǰ¡¿ä?
4. ·Îµå ¹ë·±½Ì ¿ª½Ã WAN1->WAN2->·Îµå¹ë·±½Ì ¼øÀ¸·Î ¼ÂÆÃÀ» ÇÏ·Á°í ¾ÆÁ÷ À¯¿¹ÁßÀÔ´Ï´Ù.
               
¼ÛÁÖȯ 2018-11
Ȥ½Ã³ª Çߴµ¥ ARP ¹®Á¦°¡ ¸Â±º¿ä..
ÀÎÅÍÆäÀ̽º¿¡¼­ Proxy ARP¸¦ È°¼ºÈ­ÇØÁÖ¸é µ¿ÀÛÇÏ°ÚÁö¸¸, ARP Entry ¹®Á¦°¡ »ý±æ °¡´É¼ºÀÌ ÀÖ¾î º¸ÀÔ´Ï´Ù.
Next-hop-address¸¦ »ç¿ëÇϰųª ´õ ³ªÀº ¹æ¹ýÀ» ã¾ÆºÁ¾ß ÇÒ °Í °°½À´Ï´Ù.
                    
´ÚÅÍD 2018-11
¾Æ... °á±¹Àº ±×·¸´Ù¸é ER-X »óÀ§¿¡ Æ®·¡ÇÈ Æнº¾²·ç¿ë °øÀ¯±â¸¦ °¢°¢ Çϳª¾¿¹°·ÁÁÖ°í next-hop-address·Î ¶ó¿ìÆÃÀ» Àâ¾ÆÁà¾ßµÇ·Á³ªº¸³×¿ä ¤Ð¤Ð


QnA
Á¦¸ñPage 896/5684
2015-12   1497422   ¹é¸Þ°¡
2014-05   4960868   Á¤ÀºÁØ1
2011-07   9912   À±¿µµ·
2016-06   4183   Techno
2021-01   3912   ¹Ú¼º¸¸
2005-03   6397   ÀÌÀ±¼º
2005-04   6587   °øÁ¾½Ä
2011-07   6212   ±¸¸í¼­
2015-04   5458   Å×µ¹¾ÆÀÌ
2016-06   5143   Àλý¿©Àü
2016-06   3750   ±è°Ç¿ì
04-10   1595   SDG6038
2008-01   5279   ±èµ¿¼ö
2018-09   3033   ´«Æõ¹ÀÌ
2016-06   3341   ´«Æõ¹ÀÌ
2017-06   3115   Å°¸£¾Æ
04-22   1136   Rich
2005-04   6074   ¼Õ»ó¿í
2005-04   6345   ÃÖ¿î±æ
2011-08   8605   ±×¸°¿þÀÌ
2014-01   4228   ȲÁø¿ì
2015-05   4683   FreeBSD