MENU

不用換 kernel 不用UML 也可以BBR -- Linux Kernel Library

August 15, 2017 • Read: 558 • 各种资源

安裝 haproxy

apt-get install -y haproxy

以下都是必要的,如果你是 KVM,
就把 venet0 換成你的網卡名字吧 (通常是 eth0 又或者是 ens3)

記得打開 IPv4 的 forwarding

sysctl -w net.ipv4.ip_forward=1

設定 tuntap

ip tuntap add lkl-tap mode tap
ip addr add 10.0.0.1/24 dev lkl-tap
ip link set lkl-tap up
iptables -P FORWARD ACCEPT 
iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE

設定 NAT

把 port 22 留給自己

iptables -t nat -A PREROUTING -p tcp --dport 22 -j RETURN

其他流量都轉走

iptables -t nat -A PREROUTING -i venet0 -j DNAT --to-destination 10.0.0.2

haproxy.cfg

global

defaults
log global
mode tcp
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000

frontend proxy-in
bind *:9399
default_backend proxy-out

backend proxy-out
server server1 10.0.0.1 maxconn 20480

下載 liblkl-hijack.so

wget http://lonefa1989.azurewebsites.net/liblkl-hijack.zip
LD_PRELOAD=./liblkl-hijack.so LKL_HIJACK_NET_QDISC="root|fq" LKL_HIJACK_SYSCTL="net.ipv4.tcp_congestion_control=bbr" LKL_HIJACK_NET_IFTYPE=tap LKL_HIJACK_NET_IFPARAMS=lkl-tap LKL_HIJACK_NET_IP=10.0.0.2 LKL_HIJACK_NET_NETMASK_LEN=24 LKL_HIJACK_NET_GATEWAY=10.0.0.1 haproxy -f /etc/haproxy/haproxy.cfg

or screen