用ubuntu 系统做路由 ipv4+dhcp ipv6+radvd

前言

装了台pc，插了个多口的pcie网卡准备当作服务器用。其中一个lan口连接外网（isp提供ipv6），另外的口用作其他pc、网络设备的连入。

 enp24s0:
enp28s0f1: flags=4675  mtu 1500
        inet 172.16.29.18  netmask 255.255.254.0  broadcast 172.16.29.255
        inet6 2001:da8:d805:a210:xxx  prefixlen 64  scopeid 0x0
        inet6 fe80::bbd3:ac0f:5494:a360  prefixlen 64  scopeid 0x20
        inet6 2001:da8:d805:a210:xxx  prefixlen 64  scopeid 0x0
        ether d4:85:64:56:0b:c6  txqueuelen 1000  (以太网)
        RX packets 134061  bytes 82264879 (82.2 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 76373  bytes 12021743 (12.0 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

即enp28s0f1对应外网连接，enp24s0对应内网。

ip设置

因为装的是ubuntu 桌面版 要先将network-manager 关闭，否则可能/etc/network/下的设置不生效。

systemctl stop network-manager.service

给enp24s0分配ip,

$vim /etc/network/interface

编辑如下

auto lo
iface lo inet loopback

auto enp24s0
iface enp24s0 inet static
address 192.168.100.1
netmask 255.255.255.0
broadcast 192.168.100.255

auto enp24s0
iface enp24s0 inet6 static
address 2001:da8:d805:a210:a1::1
netmask 64

安装dhcp,

$sudo apt install isc-dhcp-server

修改

$ sudo vim /etc/default/isc-dhcp-server

为

INTERFACESv4="enp24s0"
INTERFACESv6=""

配置 /etc/dhcp/dhcpd.conf 文件：

option domain-name "example.org";

default-lease-time 600;
max-lease-time 7200;


ddns-update-style none;

subnet 192.168.100.0 netmask 255.255.255.0 {
        range 192.168.100.188 192.168.100.230;
        option routers 192.168.100.1;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.100.255;
        option domain-name-servers 114.114.114.114;
        option ntp-servers 192.168.100.1;
        option netbios-name-servers 192.168.100.1;
}

重启 服务

$ sudo service isc-dhcp-server restart

ipv4 转发

编辑 /etc/sysctl.conf, 取消net.ipv4.ip_forward=1的注释,这里net.ipv6.conf.all.forwarding=1也一并打开

$sysctl -p

使设置生效
使用iptables转发

$sudo iptables -t nat -A POSTROUTING -o enp28s0f1 -j MASQUERADE
$sudo iptables -A FORWARD -i enp28s0f1 -o enp24s0 -m state --state RELATED,ESTABLISHED -j ACCEPT
$sudo iptables -A FORWARD -i enp24s0 -o enp28s0f1 -j ACCEPT

iptables 规则重启会失效
重启生效 参考:

保存规则：#iptables-save >/etc/iptables-script
恢复规则：#iptables-restore>/etc/iptables-script
开机自动恢复规则，把恢复命令添加到启动脚本：echo ‘/sbin/iptables-restore /etc/iptables-script’ >>/etc/rc.d/rc.local

至此另外一台pc连接enp24s0 lan口自动获取ip,已经可以上网了.

ipv6

安装radvd

$ apt install radvd

这里radvd的配置文件需要新建

$ vim /etc/radvd.conf

内容

interface enp24s0 {
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        prefix 2001:da8:d805:a210:a1::/64{
        };
};

重启radvd

$/etc/init.d/radvd restart