本文共 13449 字,大约阅读时间需要 44 分钟。
实验:路由连接与转发
1、五台机器,其中三台充当路由器,剩余两台作为主机VMnet1 192.168.41.0VMnet4 192.168.141.0VMnet5 172.26.41.0VMnet6 10.41.41.0主机1 centos6 :192.168.41.171适配器3:VMnet1 192.168.41.0路由:Destination Gateway Genmask Flags Metric Ref Use Iface192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 eth20.0.0.0 192.168.41.161 0.0.0.0 UG 0 0 0 eth2路由器1 centos6 :192.168.41.161 172.26.41.161适配器:VMnet1 192.168.41.0适配器5:VMnet5 172.26.41.0路由:Destination Gateway Genmask Flags Metric Ref Use Iface172.26.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth10.0.0.0 172.26.41.162 0.0.0.0 UG 0 0 0 eth1路由器2 centos7 :172.26.41.162 10.41.41.162适配器5:VMnet1 172.26.41.0适配器6:VMnet5 10.41.41.0路由:Destination Gateway Genmask Flags Metric Ref Use Iface10.41.41.0 0.0.0.0 255.255.255.0 U 102 0 0 ens38172.26.41.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37192.168.41.0 172.26.41.161 255.255.255.0 UG 0 0 0 ens37192.168.141.0 10.41.41.163 255.255.255.0 UG 0 0 0 ens38路由器3 centos7 :10.41.41.163 192.168.141.163适配器6:VMnet5 172.26.41.0适配器4:VMnet4 192.168.141.0路由:Destination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 10.41.41.162 0.0.0.0 UG 0 0 0 ens3710.41.41.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37192.168.141.0 0.0.0.0 255.255.255.0 U 102 0 0 ens38主机2 centos7 :192.168.141.164适配器4:VMnet4 192.168.141.0路由:Destination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 192.168.141.163 0.0.0.0 UG 0 0 0 ens38169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 ens38192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 ens38
2、实验2 6台机器实现路由转发
1、虚拟网卡规划:使用到的虚拟网卡全部为仅主机,对应地址和设置为VMnet1 192.168.41.0/24VMnet3 10.41.141.0/24VMnet4 192.168.141.0/24VMnet5 172.26.41.0/24VMnet6 10.41.41.0/242、实验机器6台1、3、5号机器为centos62、4、6号机器为centos7IP地址分配与配置(所有的网卡配置都不配置网卡的网关):机器1: 网卡1:VMnet1 IP:192.168.41.221机器2: 网卡1:VMnet1 IP:192.168.41.222 网卡2:VMnet3 IP:10.41.141.222机器3: 网卡1:VMnet3 IP:10.41.141.223 网卡2:VMnet4 IP:192.168.141.223机器4、 网卡1:VMnet4 IP:192.168.141.224 网卡2:VMnet5 IP:172.26.41.224机器5、 网卡1:VMnet5 IP:172.26.41.225 网卡2:VMnet6 IP:10.41.41.225机器6、 网卡1:VMnet6 IP:10.41.41.2263、主机配置修改所有机器统一修改设置:所有的主机关闭selinux: 直接编辑修改配置文件/etc/selinux/config,修改为 SELINUX=disabled 或者直接命令修改 sed -i.bak 's@SELINUX=enforcing@SELINUX=disabled@g' /etc/selinux/config;setenforce 0;getenforce所有的主机的iptables: Centos 6 #service iptables stop;chkconfig iptables off;service iptables status 显示如下为成功 iptables: Firewall is not running. Centos 7 #systemctl stop firewalld.service ;systemctl disable firewalld.service ;systemctl status firewalld.service|grep Active 显示如下为成功 Active: inactive (dead)开启路由转发功能:注意/proc/sys/net/ipv4/ip_forward的值,实验过程中可能会变化,测试路由时必须确认是否为1 echo 1 > /proc/sys/net/ipv4/ip_forward cat /proc/sys/net/ipv4/ip_forward配置信息检查:centos7检查的方法:cat /proc/sys/net/ipv4/ip_forward;echo -e "\n";systemctl status firewalld;echo -e;getenforce扩展:下面的显示出的结果显示颜色 结果分别为1 、dead 、Disabled三个红色部分echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward| grep 1;echo -e "\n";systemctl status firewalld|grep dead;echo -e;getenforce|grep -i 'disabled'centos6检查的方法:cat /proc/sys/net/ipv4/ip_forward;echo -e "\n";service iptables status;echo -e;getenforce扩展:下面的显示出的结果显示颜色 结果分别为1 、not running 、Disabled三个红色部分需要先设置grep别名,设置了的直接执行下面命令即可,否则不显示颜色设置别名:alias grep='grep --color=auto'echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward|grep 1;echo -e "\n";service iptables status|grep 'not running';echo -e;getenforce|grep -i 'disabled'4、使用到的相关命令使用方法ip route命令:关于路由的相关设置:ip route查看路由信息:ip route show添加一条路由 # ip route add 10.10.10.0/24 via 172.16.0.254 dev eth0删除一条路由 # ip route del 10.10.10.0/24添加默认路由 # ip route add default via 172.16.0.254 dev eth0删除默认路由 # ip route del default via 172.16.0.254 dev eth0route命令:查看路由:route -n添加路由:route add -net 192.168.146.0/24 gw 192.168.192.200删除路由:route del -net 192.168.192.0/24 gw 192.168.166.200添加默认路由:route add default gw 192.168.192.200删除默认路由:route del default gw 192.168.192.2005、修改路由表机器1:网卡1:VMnet1 IP:192.168.41.221 网卡1名称:eth1因为没有配置网卡的网关,所以需要制定默认路由,机器1可以设置默认路由(如果设置了默认网关,不需要再配置默认路由)添加默认路由: route add default gw 192.168.41.222结果如下: [root@centos6 ~]# route add default gw 192.168.41.222 [root@centos6 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth1 0.0.0.0 192.168.41.222 0.0.0.0 UG 0 0 0 eth1机器2: 网卡1:VMnet1 IP:192.168.41.222 网卡1名称:ens33 网卡2:VMnet3 IP:10.41.141.222 网卡2名称:ens37 因为机器2和机器1同一个网段,它们不需要设置路由,因此机器2只需要设置一个默认路由即可 配置转发 echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward 配置路由: ip route add default via 10.41.141.223 dev ens37 结果如下: [root@centos7ys ~]# ip route add default via 10.41.141.223 dev ens37 [root@centos7ys ~]# ip route show default via 10.41.141.223 dev ens37 10.41.141.0/24 dev ens37 proto kernel scope link src 10.41.141.222 metric 101 192.168.41.0/24 dev ens33 proto kernel scope link src 192.168.41.222 metric 100机器3: 网卡1:VMnet3 IP:10.41.141.223 网卡1名称:eth2 网卡2:VMnet4 IP:192.168.141.223 网卡2名称:eth1 因为机器3属于中间的路由器,需要向两个方向转发路由,因此需要配置多条路由 配置转发 echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward 配置路由: route add -net 172.26.41.0/24 gw 192.168.141.224 route add -net 192.168.41.0/24 gw 10.41.141.222 * route add -net 172.26.41.0/24 gw 192.168.141.224 扩展: 可以合并上述其中的两条记录为一条,即将 192.168.141.224设置为默认路由 route add default gw 192.168.141.224 route add -net 192.168.41.0/24 gw 10.41.141.222 结果如下: [root@centos6 ~]# route add -net 172.26.41.0/24 gw 192.168.141.224 [root@centos6 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1 192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1 [root@centos6 ~]# [root@centos6 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1 192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.41.0 10.41.141.222 255.255.255.0 UG 0 0 0 eth2 10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1 [root@centos6 ~]# route add -net 10.41.41.0/24 gw 192.168.141.224 [root@centos6 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1 10.41.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1 192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.41.0 10.41.141.222 255.255.255.0 UG 0 0 0 eth2 10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1机器4、 网卡1:VMnet4 IP:192.168.141.224 网卡1名称:ens33 网卡2:VMnet5 IP:172.26.41.224 网卡2名称:ens37 因为机器4属于中间的路由器,需要向两个方向转发路由,因此需要配置多条路由 配置转发 echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward 配置路由: ip route add 10.41.141.0/24 via 192.168.141.223 ip route add 10.41.41.0/24 via 172.26.41.225 * ip route add 192.168.41.0/24 via 192.168.141.223 扩展: 可以合并上述其中的两条记录为一条,即将 192.168.141.223设置为默认路由 ip route add default via 192.168.141.223 ip route add 10.41.41.0/24 via 172.26.41.225 结果如下: [root@centos7ys ~]# ip route add 10.41.141.0/24 via 192.168.141.223 [root@centos7ys ~]# ip route add 10.41.41.0/24 via 172.26.41.225 [root@centos7ys ~]# ip route show 10.41.41.0/24 via 172.26.41.225 dev ens37 10.41.141.0/24 via 192.168.141.223 dev ens33 172.26.41.0/24 dev ens37 proto kernel scope link src 172.26.41.224 metric 101 192.168.41.0/24 via 192.168.141.223 dev ens33 192.168.141.0/24 dev ens33 proto kernel scope link src 192.168.141.224 metric 100机器5、 网卡1:VMnet5 IP:172.26.41.225 网卡1名称:eth1 网卡2:VMnet6 IP:10.41.41.225 网卡2名称:eth2 因为机器5和机器6同一个网段,它们之间不需要设置路由,因此机器5只需要设置一个默认路由即可 配置转发 echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward 配置路由: route add default gw 172.26.41.224 结果如下: [root@centos6 ~]# route add default gw 172.26.41.224 [root@centos6 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.26.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.41.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth2 0.0.0.0 172.26.41.224 0.0.0.0 UG 0 0 0 eth1机器6、 网卡1:VMnet6 IP:10.41.41.226 网卡1名称:ens33因为没有配置网卡的网关,所以需要制定默认路由,机器6可以设置默认路由(如果设置了默认网关,不需要再配置默认路由)添加默认路由: ip route add default via 10.41.41.225结果如下: [root@centos7ys ~]# ip route add default via 10.41.41.225 [root@centos7ys ~]# ip route show default via 10.41.41.225 dev ens33 10.41.41.0/24 dev ens33 proto kernel scope link src 10.41.41.226 metric 1006、最终结果:从1到6ping结果: [root@centos6 ~]# ping 10.41.41.226 -c 6 PING 10.41.41.226 (10.41.41.226) 56(84) bytes of data. 64 bytes from 10.41.41.226: icmp_seq=1 ttl=60 time=2.53 ms 64 bytes from 10.41.41.226: icmp_seq=2 ttl=60 time=3.17 ms 64 bytes from 10.41.41.226: icmp_seq=3 ttl=60 time=3.21 ms 64 bytes from 10.41.41.226: icmp_seq=4 ttl=60 time=3.43 ms 64 bytes from 10.41.41.226: icmp_seq=5 ttl=60 time=3.39 ms 64 bytes from 10.41.41.226: icmp_seq=6 ttl=60 time=6.93 ms --- 10.41.41.226 ping statistics --- 6 packets transmitted, 6 received, 0% packet loss, time 5017ms rtt min/avg/max/mdev = 2.536/3.782/6.939/1.443 mstraceroute结果: [root@centos6 ~]# traceroute 10.41.41.226 traceroute to 10.41.41.226 (10.41.41.226), 30 hops max, 60 byte packets 1 192.168.41.222 (192.168.41.222) 0.224 ms 0.177 ms 0.144 ms 2 10.41.141.223 (10.41.141.223) 0.403 ms 0.861 ms 0.816 ms 3 192.168.141.224 (192.168.141.224) 0.613 ms 0.598 ms 0.532 ms 4 172.26.41.225 (172.26.41.225) 1.166 ms 1.615 ms 1.583 ms 5 10.41.41.226 (10.41.41.226) 2.507 ms !X 2.480 ms !X 2.426 ms !X从6到1ping结果 [root@centos7ys ~]# ping 192.168.41.221 -c 6 PING 192.168.41.221 (192.168.41.221) 56(84) bytes of data. 64 bytes from 192.168.41.221: icmp_seq=1 ttl=60 time=2.24 ms 64 bytes from 192.168.41.221: icmp_seq=2 ttl=60 time=6.62 ms 64 bytes from 192.168.41.221: icmp_seq=3 ttl=60 time=3.16 ms 64 bytes from 192.168.41.221: icmp_seq=4 ttl=60 time=3.20 ms 64 bytes from 192.168.41.221: icmp_seq=5 ttl=60 time=5.68 ms 64 bytes from 192.168.41.221: icmp_seq=6 ttl=60 time=4.55 ms --- 192.168.41.221 ping statistics --- 6 packets transmitted, 6 received, 0% packet loss, time 5012ms rtt min/avg/max/mdev = 2.240/4.244/6.626/1.534 mstraceroute结果: [root@centos7ys ~]# traceroute 192.168.41.221 traceroute to 192.168.41.221 (192.168.41.221), 30 hops max, 60 byte packets 1 gateway (10.41.41.225) 0.157 ms 0.091 ms 0.042 ms 2 172.26.41.224 (172.26.41.224) 0.241 ms 0.210 ms 0.187 ms 3 192.168.141.223 (192.168.141.223) 0.544 ms 0.506 ms 0.467 ms 4 10.41.141.222 (10.41.141.222) 0.523 ms 0.474 ms 0.406 ms 5 192.168.41.221 (192.168.41.221) 0.508 ms !X 0.611 ms !X 0.557 ms !X
转载于:https://blog.51cto.com/12589011/2372028