主机间路由实验
搭建一个环境让主机A通过4个不同的网段来访问主机B
实验设计思路
主机A和主机B之间用3台Linux主机充当路由设备将每个网段隔开,A到R1使用仅主机模式的网络,R1到R2使用vmnet2网络,R2到R3使用vmnet3网络,R3到B使用桥接网络,网络地址如下表所示。
主机 | 系统 | eth0 | eth1 |
---|---|---|---|
A | CentOS6 | 192.168.172.10 | |
R1 | CentOS6 | 192.168.172.100 | 10.0.0.10 |
R2 | CentOS6 | 10.0.0.100 | 192.168.50.100 |
R3 | CentOS6 | 192.168.50.10 | 172.22.27.100 |
B | CentOS6 | 172.22.27.10 |
配置实验环境
实验开始之前,先关闭iptables,SELinux,Centos6需关闭NetworkManager。
一、创建5台虚拟机配置网络
主机A配置一块网卡,使用仅主机模式
Route1配置2块网卡,第一块网卡使用仅主机模式,第二块使用vmnet2网络
Route1配置2块网卡,第一块网卡使用vmnet2网络,第二块使用vmnet3网络
Route2配置2块网卡,第一块网卡使用vmnet3网络,第二块使用桥接模式
主机B配置一块网卡,使用桥接模式
二、修改网卡名字
由于实验所用主机为同一台主机克隆出来的,所以网卡名为eth1
[root@centos6 ~]# ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:67:0E:C3
inet addr:192.168.172.155 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe67:ec3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:42 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5994 (5.8 KiB) TX bytes:6273 (6.1 KiB)
......
首先先将每台虚拟机的网卡名字进行修正为eth0。具体修正方法如下:
[root@centos6 ~]# vim /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:39:d7:cd", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" #将此行删除
# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:67:0e:c3", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1" #此处将eth1改为eth0
~
#修改完成后保存退出
然后将网卡模块卸载后再重新装载一次
#查看网卡设备的名字
[root@centos6 ~]# ethtool -i eth1
driver: e1000
version: 7.3.21-k8-NAPI
firmware-version:
bus-info: 0000:02:01.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no
#卸载并重新装在网卡模块
[root@centos6 ~]# rmmod e1000;modprobe e1000
#查看网卡此时已变为eth0
[root@centos6 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:67:0E:C3
inet addr:192.168.172.155 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe67:ec3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:45 errors:0 dropped:0 overruns:0 frame:0
TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4606 (4.4 KiB) TX bytes:4270 (4.1 KiB)
......
三、为每台虚拟机配置网络地址
1.为主机A配置网络地址
主机A网卡地址配置为:192.168.172.10
指定网关为Route1的eth0地址:192.168.172.100
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NAME="System eth0"
IPADDR=192.168.172.10
GATEWAY=192.168.172.100
PREFIX=24
重启网络服务,查看地址是否配置成功
[root@centos6 ~]# service network restart
#查看网卡地址是否更改成功
[root@centos6 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:67:0E:C3
inet addr:192.168.172.10 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe67:ec3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66 errors:0 dropped:0 overruns:0 frame:0
TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7680 (7.5 KiB) TX bytes:8327 (8.1 KiB)
2.为Route1配置网络地址
Route1为路由需要配置两块网卡
网卡1地址为:192.168.172.100
网卡2地址为:10.0.0.10
#修改网卡1配置
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=state
NAME="System eth0"
IPADDR=192.168.172.100
PERFIX=24
#修改网卡2配置
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=state
NAME="System eth1"
IPADDR=10.0.0.10
PERFIX=8
~
重启网络服务
[root@centos6 ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.172.100 is already in use for device eth0...
[ OK ]
Bringing up interface eth1: Determining if ip address 10.0.0.10 is already in use for device eth1...
[ OK ]
#查看地址是否配置成功
[root@centos6 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:0D:0A:DE
inet addr:192.168.172.100 Bcast:192.168.172.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe0d:ade/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1758 errors:0 dropped:0 overruns:0 frame:0
TX packets:732 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:167009 (163.0 KiB) TX bytes:73130 (71.4 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:0D:0A:E8
inet addr:10.0.0.10 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::20c:29ff:fe0d:ae8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1997 errors:0 dropped:0 overruns:0 frame:0
TX packets:1039 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:190717 (186.2 KiB) TX bytes:99718 (97.3 KiB)
3.为route2配置地址
Route2为路由需要配置两块网卡
网卡1地址为:10.0.0.100
网卡2地址为:192.168.50.100
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NAME="System eth0"
IPADDR=10.0.0.100
PREFIX=8
~
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NAME="System eth1"
IPADDR=192.168.50.100
PREFIX=24
重启网络服务
[root@centos6 ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 10.0.0.100 is already in use for device eth0...
[ OK ]
Bringing up interface eth1: Determining if ip address 192.168.50.100 is already in use for device eth1...
[ OK ]
#查看网络地址是否正确
[root@centos6 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:E9:69:9D
inet addr:10.0.0.100 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::20c:29ff:fee9:699d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2191 errors:0 dropped:0 overruns:0 frame:0
TX packets:1211 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:210276 (205.3 KiB) TX bytes:129469 (126.4 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:E9:69:A7
inet addr:192.168.50.100 Bcast:192.168.50.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee9:69a7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1439 errors:0 dropped:0 overruns:0 frame:0
TX packets:603 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:136422 (133.2 KiB) TX bytes:57334 (55.9 KiB)
4.为route3配置地址
Route3为路由需要配置两块网卡
网卡1地址为:192.168.50.10
网卡2地址为:172.22.27.100
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NAME="System eth0"
IPADDR=192.168.50.10
PREFIX=24
~
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NAME="System eth1"
IPADDR=172.22.27.100
PREFIX=16
~
重启网络服务
[root@centos6 ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.50.10 is already in use for device eth0...
[ OK ]
Bringing up interface eth1: Determining if ip address 172.22.27.100 is already in use for device eth1...
[ OK ]
#查看网卡配置是否正确
[root@centos6 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:BA:B1:35
inet addr:192.168.50.10 Bcast:192.168.50.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feba:b135/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1309 errors:0 dropped:0 overruns:0 frame:0
TX packets:814 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:126248 (123.2 KiB) TX bytes:96877 (94.6 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:BA:B1:3F
inet addr:172.22.27.100 Bcast:172.22.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:feba:b13f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1399 errors:0 dropped:0 overruns:0 frame:0
TX packets:627 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:164665 (160.8 KiB) TX bytes:59138 (57.7 KiB)
5.为主机B配置网络地址
主机B网卡地址配置为:172.22.27.10
指定网关为Route1的eth0地址:172.22.27.100
[root@centos6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NAME="System eth0"
IPADDR=172.22.27.10
PREFIX=16
GATEWAY=172.22.27.100
~
#查看网卡地址是否正确
[root@centos6 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:48:5F:06
inet addr:172.22.27.10 Bcast:172.22.255.255 Mask:255.255.0.0
inet6 addr: fe80::20c:29ff:fe48:5f06/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1698 errors:0 dropped:0 overruns:0 frame:0
TX packets:796 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:204218 (199.4 KiB) TX bytes:90558 (88.4 KiB)
至此主机环境全部配置完毕。
四、为R1、R2、R3写入路由表
配置R1路由表
[root@centos6 ~]# route add -net 172.22.0.0/16 gw 10.0.0.100
[root@centos6 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.172.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.22.0.0 10.0.0.100 255.255.0.0 UG 0 0 0 eth1
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1
配置R2路由表
[root@centos6 ~]# route add -net 172.22.0.0/16 gw 192.168.50.10
[root@centos6 ~]# route add -net 192.168.172.0/24 gw 10.0.0.10
[root@centos6 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.172.0 10.0.0.10 255.255.255.0 UG 0 0 0 eth0
172.22.0.0 192.168.50.10 255.255.0.0 UG 0 0 0 eth1
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0
配置R3路由表
[root@centos6 ~]# route add -net 192.168.172.0/24 gw 192.168.50.100
[root@centos6 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.172.0 192.168.50.100 255.255.255.0 UG 0 0 0 eth0
172.22.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
路由表配置完毕
五、为R1,R2,R3开启网卡间转发
分别在R1、R2、R3上执行以下命令
[root@centos6 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
测试
从主机A ping主机B
[root@centos6 ~]# ping 172.22.27.10
PING 172.22.27.10 (172.22.27.10) 56(84) bytes of data.
64 bytes from 172.22.27.10: icmp_seq=1 ttl=61 time=3.86 ms
64 bytes from 172.22.27.10: icmp_seq=2 ttl=61 time=1.28 ms
64 bytes from 172.22.27.10: icmp_seq=3 ttl=61 time=3.47 ms
^C
--- 172.22.27.10 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2553ms
rtt min/avg/max/mdev = 1.289/2.877/3.869/1.135 ms
从主机B ping主机A
[root@centos6 ~]# ping 192.168.172.10
PING 192.168.172.10 (192.168.172.10) 56(84) bytes of data.
64 bytes from 192.168.172.10: icmp_seq=1 ttl=61 time=3.91 ms
64 bytes from 192.168.172.10: icmp_seq=2 ttl=61 time=3.83 ms
64 bytes from 192.168.172.10: icmp_seq=3 ttl=61 time=1.54 ms
^C
--- 192.168.172.10 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2842ms
rtt min/avg/max/mdev = 1.547/3.100/3.918/1.099 ms
从主机A追踪路由至B
[root@centos6 ~]# traceroute 172.22.27.10
traceroute to 172.22.27.10 (172.22.27.10), 30 hops max, 60 byte packets
1 192.168.172.100 (192.168.172.100) 0.449 ms 0.343 ms 0.280 ms
2 10.0.0.100 (10.0.0.100) 0.529 ms 0.614 ms 0.535 ms
3 * * *
4 172.22.27.10 (172.22.27.10) 1.452 ms 1.400 ms 1.573 ms
从主机B追踪路由至A
[root@centos6 ~]# traceroute 192.168.172.10
traceroute to 192.168.172.10 (192.168.172.10), 30 hops max, 60 byte packets
1 172.22.27.100 (172.22.27.100) 1.157 ms 1.078 ms 1.026 ms
2 192.168.50.100 (192.168.50.100) 1.947 ms 1.895 ms 1.838 ms
3 * * *
4 192.168.172.10 (192.168.172.10) 2.764 ms 2.720 ms 2.673 ms