最近试了一下端口中转的配置,记录如下
因为是国内机子,所以先换成国内更新源,我这选择debian9,原因是国内机装centos后要安装bbr,必须先升级内核,太麻烦了,不如直接换成debian9,内核版本够高,支持bbr。
rm /etc/apt/sources.list vi /etc/apt/sources.list
debian 9 更换国内163源
deb http://mirrors.163.com/debian/ stretch main non-free contrib deb http://mirrors.163.com/debian/ stretch-updates main non-free contrib deb http://mirrors.163.com/debian/ stretch-backports main non-free contrib deb-src http://mirrors.163.com/debian/ stretch main non-free contrib deb-src http://mirrors.163.com/debian/ stretch-updates main non-free contrib deb-src http://mirrors.163.com/debian/ stretch-backports main non-free contrib deb http://mirrors.163.com/debian-security/ stretch/updates main non-free contrib deb-src http://mirrors.163.com/debian-security/ stretch/updates main non-free contrib
接下来更改dns
vi /etc/resolv.conf
添加 223.5.5.5
nameserver 223.5.5.5
这里选择用haproxy转发端口
apt install haproxy
haproxy.cfg 配置
rm -f /etc/haproxy/haproxy.cfg nano /etc/haproxy/haproxy.cfg
配置文件如下
global ulimit-n 51200 defaults log global mode tcp option dontlognull timeout connect 1000ms timeout client 150000ms timeout server 150000ms listen status bind 0.0.0.0:1080 mode http log global stats refresh 30s stats uri /admin?stats stats realm Private lands stats auth admin:password stats hide-version frontend ssin1 bind *:12345 default_backend ssout1 backend ssout1 server server1 1.2.3.4:443 maxconn 204800 frontend ssin2 bind *:12346 default_backend ssout2 backend ssout2 server server2 1.2.3.5:443 maxconn 204800
启动haproxy
service haproxy start
参考:
https://www.moerats.com/archives/100/
https://www.91yun.co/archives/3013