Ndakanga ndine basa - kuburitsa sevhisi paD-Link DFL router pane IP kero isina kusungirirwa kune wan interface. Asi handina kuwana mirairo paInternet yaizogadzirisa dambudziko iri, saka ndakanyora zvangu.
Yekutanga data (ese kero inotorwa semuenzaniso)
Webhu server pane yemukati network ine IP: 192.168.0.2 (port 8080).
Dziva remakero chena ekunze anopihwa nemupi: , mubatsiri gedhi: 5.255.255.1, kero βdzeduβ dzasara 5.255.255.2-14.
Rega kero 5.255.255.2-10 tinoishandisa kuNAT nezvimwe zvinodiwa. Iyo yekupa chinongedzo yakabatana nechiteshi wan1. Kuti interface wan1 kero yakabatanidzwa 5.255.255.2.
Basa: buritsa yemukati webhu server kune kero yeruzhinji 5.255.255.11, pachiteshi 80.
Mhinduro yacho ipfupi
Kushambadza sevhisi paIP isingaenderane neayo interface yauchazoda:
- Ratidza kune router kuti ip yakabudiswa inofanira kutsvaga mukati uchishandisa .
- Publication kuitira kuti router inopindura vavakidzani kuti kero yakabudiswa ndeyayo.
- firewall mutemo (), iyo mukati me router ichashandura kero yekuenda kune kero yevhavha yekupedzisira.
- Firewall rule (Bvumira), iyo ichabvumira kubatana kubva kune yekunze interface kune yakabudiswa kero mukati me router
Uye zvino zvishoma pamusoro pechinhu chimwe nechimwe
Kugadzirira kwe
I. Kutanga, ngatigadzirei "Zvinhu" kune zvese zvatinoda (ikozvino ini ndicharatidza maitiro ewebhu interface, ndinofunga avo vanoshanda neiyo console vachakwanisa kuendesa zviito kunyaradza mirairo).
1. Wedzera maviri ipv4 kero kubhuku rekero:
web-server = 192.168.0.2
public-web-server = 5.255.255.11
2. Ipapo isu tinowedzera ports kune runyorwa rwesevhisi:
int_http = tcp:8080
Port tcp:80 yatova muhurongwa hwesevhisi, inonzi http:, ine painogumira 2000 zvikamu, muganhu unogona kugadziriswa.
ooZvakazoitika kuti hapana chikonzero chekuwedzera server port pane yemukati network, asi ini ndinoisiya nekuti ... muenzaniso unogona kudiwa kune chiteshi chevanhu, asi ivo vanowedzerwa nenzira imwecheteyo
II. Ngatiendei zvakananga kune mhinduro.
Ndima 1 ΠΈ 2 inogona kusanganiswa, nokuti Paunenge uchiwedzera static nzira, zvinokwanisika kupa nekukurumidza ARP. Kutaura chokwadi, handina kubva ndangoona mukana uyu uye kuseta chinyorwa nemaoko; iyo router inewo kuita kwakadai.
1. Saka, kana iwe usati wagadzira boka rematafura ekufambisa uye mitemo kwavari, saka zvose zvinogona kuitwa mutafura huru yekufambisa, inonzi. kuru.
Tafura kurupachave neiyo nzira yekuenda kunetiweki 5.255.255.0/28 per interface wan1. Uye yeiyi nzira inofanana nemetric yakatsanangurwa mumashandisirwo ekugadzirisa (nekusarudzika 100).
Kudzivirira gedhi kubva pakutumira mapaketi kudzokera kune iyo interface wan1, iwe unofanirwa kugadzira static nzira kuenda kukero public-web-server kune interface moyo ine metric shoma 100 (diki interface metric wan1) - ipapo gedhi richaitsvaga "mukati mayo".
2. Ikoko, paunenge uchigadzira nzira, unogona kugadzirisa Proxy ARP kuitira kuti gedhi rinopindura zvikumbiro zveARP. PaProxy ARP tab, wedzera WAN interface.
gadzira nzira, asi usadzvanya OK, asi enda kune yechipiri Proxy ARP tebhu:
ARP, wedzera interface wan1:
3.Pakupedzisira, tinoenderera mberi nekumisikidza NAT uye firewall (izvi zvakatotsanangurwa zvakadzama mu. ).
Isu tinogadzira mutemo weSAT kuitira kuti mupaketi kubva kune interface wan1 nekero yekuenda public-web-server chiteshi chengarava http:, iyo yatakagadzira nzira yeiyo interface moyo, chinja kero yekwauri kuenda nekero yemukati yeserver yedu web-server uye port on 8080.
4. Uye danho rinotevera nderokubvumira pakiti yakadaro - gadzira Bvumira mutemo une maparameter akafanana (zvakanakira kukopa mutemo weSAT uye kutsiva chiito neBvumira).
chinyorwaMuchiitiko ichi, mitemo inofanira kunge iri muhurongwa uhu: kutanga SAT, wozobvumira:
Rangarira kuti mutemo weSAT unofanirwa kunge uri pamusoro pemutemo unobvumidza. Izvi zvinokonzerwa nekuti pakiti, painowira mumutemo unobvumira kana kuramba, haipfuuri mberi kuburikidza ne "Mitemo" tafura.
Muchiitiko ichi, mutemo wekubvumidza unogadzirwawo kune veruzhinji port uye kero:
Ndokumbira utarise kuti iyo protocol, interface uye network paramita mumutemo unobvumidza zvakafanana nemutemo ne "SAT" chiito.
Zvaiita sekuti pakiti yacho yakanga yatogadziriswa neSAT mutemo mutsara kare, uye kero yekuenda uye chiteshi zvaive zvitsva, asi kwete, zvinoita sekunge kutsiva kunoitika imwe nguva mushure mekunge mimwe mitemo yese yagadziriswa.
Π Iko kushanda kweSAT kunoratidzwa zvakadzama; inopa akawanda anonakidza mikana. Chinangwa changu chaiva chekuvhara nyaya yakanga isina kufukidzwa mumurayiridzo uyu uye mune mimwe mirayiridzo. Ndinovimba kuti mirairo ichave yakakosha uye inonzwisisika.
Source: www.habr.com