关于 防火墙 link-monitor 经常误判导致线路down
关于 防火墙 link-monitor 经常误判导致线路down
edit "monitorwan1"
set srcintf "port9"
set server "114.114.114.114"
set gateway-ip 202.115.39.184
set update-cascade-interface disable
next
edit "monitorwan2"
set srcintf "port11"
set server "180.76.76.76"
set gateway-ip 120.231.164.121
set update-cascade-interface disable
next
end
S* 0.0.0.0/0 [10/0] via 202.115.29.185, port9, [5/0]
S 10.1.0.0/16 [10/0] is directly connected, GZTM-MON
S 10.20.0.0/16 [10/0] via 10.50.88.2, port10
C 10.20.88.0/24 is directly connected, port10
S 10.20.200.0/24 [10/0] is directly connected, ssl.root
C 120.231.164.121/25 is directly connected, port11
C 202.115.39.184/29 is directly connected, port9
一个仓库在防火墙配置了电信和移动的 link-monitor
monitor为移动线路,配置了 set server "180.76.76.76",但是经常12个小时左右就由于探测问题 线路中断,但是实际上应该是移动的外线正常,只是用由于ping 无法达到180.76.76.76而路由条目消失,已经试过几个常规的DNS如114,阿里云223.5.5.5.请问这里有什么好办法解决吗
edit "monitorwan1"
set srcintf "port9"
set server "114.114.114.114"
set gateway-ip 202.115.39.184
set update-cascade-interface disable
next
edit "monitorwan2"
set srcintf "port11"
set server "180.76.76.76"
set gateway-ip 120.231.164.121
set update-cascade-interface disable
next
end
S* 0.0.0.0/0 [10/0] via 202.115.29.185, port9, [5/0]
S 10.1.0.0/16 [10/0] is directly connected, GZTM-MON
S 10.20.0.0/16 [10/0] via 10.50.88.2, port10
C 10.20.88.0/24 is directly connected, port10
S 10.20.200.0/24 [10/0] is directly connected, ssl.root
C 120.231.164.121/25 is directly connected, port11
C 202.115.39.184/29 is directly connected, port9
一个仓库在防火墙配置了电信和移动的 link-monitor
monitor为移动线路,配置了 set server "180.76.76.76",但是经常12个小时左右就由于探测问题 线路中断,但是实际上应该是移动的外线正常,只是用由于ping 无法达到180.76.76.76而路由条目消失,已经试过几个常规的DNS如114,阿里云223.5.5.5.请问这里有什么好办法解决吗
1 个回复
likh
赞同来自: