linux拿虚拟机充当路由,利用linux虚拟机实现路由转发功能

实验:路由连接与转发

1、五台机器,其中三台充当路由器,剩余两台作为主机

VMnet1 192.168.41.0

VMnet4 192.168.141.0

VMnet5 172.26.41.0

VMnet6 10.41.41.0

主机1 centos6 :192.168.41.171

适配器3:VMnet1 192.168.41.0

路由:

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 eth2

0.0.0.0 192.168.41.161 0.0.0.0 UG 0 0 0 eth2

路由器1 centos6 :192.168.41.161 172.26.41.161

适配器:VMnet1 192.168.41.0

适配器5:VMnet5 172.26.41.0

路由:

Destination Gateway Genmask Flags Metric Ref Use Iface

172.26.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0

169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1

0.0.0.0 172.26.41.162 0.0.0.0 UG 0 0 0 eth1

路由器2 centos7 :172.26.41.162 10.41.41.162

适配器5:VMnet1 172.26.41.0

适配器6:VMnet5 10.41.41.0

路由:

Destination Gateway Genmask Flags Metric Ref Use Iface

10.41.41.0 0.0.0.0 255.255.255.0 U 102 0 0 ens38

172.26.41.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37

192.168.41.0 172.26.41.161 255.255.255.0 UG 0 0 0 ens37

192.168.141.0 10.41.41.163 255.255.255.0 UG 0 0 0 ens38

路由器3 centos7 :10.41.41.163 192.168.141.163

适配器6:VMnet5 172.26.41.0

适配器4:VMnet4 192.168.141.0

路由:

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 10.41.41.162 0.0.0.0 UG 0 0 0 ens37

10.41.41.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37

192.168.141.0 0.0.0.0 255.255.255.0 U 102 0 0 ens38

主机2 centos7 :192.168.141.164

适配器4:VMnet4 192.168.141.0

路由:

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 192.168.141.163 0.0.0.0 UG 0 0 0 ens38

169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 ens38

192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 ens38

2、实验2 6台机器实现路由转发

1、虚拟网卡规划:

使用到的虚拟网卡全部为仅主机,对应地址和设置为

VMnet1 192.168.41.0/24

VMnet3 10.41.141.0/24

VMnet4 192.168.141.0/24

VMnet5 172.26.41.0/24

VMnet6 10.41.41.0/24

2、实验机器6台

1、3、5号机器为centos6

2、4、6号机器为centos7

IP地址分配与配置(所有的网卡配置都不配置网卡的网关):

机器1: 网卡1:VMnet1 IP:192.168.41.221

机器2: 网卡1:VMnet1 IP:192.168.41.222

网卡2:VMnet3 IP:10.41.141.222

机器3: 网卡1:VMnet3 IP:10.41.141.223

网卡2:VMnet4 IP:192.168.141.223

机器4、 网卡1:VMnet4 IP:192.168.141.224

网卡2:VMnet5 IP:172.26.41.224

机器5、 网卡1:VMnet5 IP:172.26.41.225

网卡2:VMnet6 IP:10.41.41.225

机器6、 网卡1:VMnet6 IP:10.41.41.226

3、主机配置修改

所有机器统一修改设置:

所有的主机关闭selinux:

直接编辑修改配置文件/etc/selinux/config,修改为

SELINUX=disabled

或者直接命令修改

sed -i.bak 's@SELINUX=enforcing@SELINUX=disabled@g' /etc/selinux/config;setenforce 0;getenforce

所有的主机的iptables:

Centos 6

#service iptables stop;chkconfig iptables off;service iptables status

显示如下为成功

iptables: Firewall is not running.

Centos 7

#systemctl stop firewalld.service ;systemctl disable firewalld.service ;systemctl status firewalld.service|grep Active

显示如下为成功

Active: inactive (dead)

开启路由转发功能:注意/proc/sys/net/ipv4/ip_forward的值,实验过程中可能会变化,

测试路由时必须确认是否为1

echo 1 > /proc/sys/net/ipv4/ip_forward

cat /proc/sys/net/ipv4/ip_forward

配置信息检查:

centos7检查的方法:

cat /proc/sys/net/ipv4/ip_forward;echo -e "\n";systemctl status firewalld;echo -e;getenforce

扩展:

下面的显示出的结果显示颜色 结果分别为1 、dead 、Disabled三个红色部分

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward| grep 1;echo -e "\n";systemctl status firewalld|grep dead;echo -e;getenforce|grep -i 'disabled'

centos6检查的方法:

cat /proc/sys/net/ipv4/ip_forward;echo -e "\n";service iptables status;echo -e;getenforce

扩展:

下面的显示出的结果显示颜色 结果分别为1 、not running 、Disabled三个红色部分

需要先设置grep别名,设置了的直接执行下面命令即可,否则不显示颜色

设置别名:alias grep='grep --color=auto'

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward|grep 1;echo -e "\n";service iptables status|grep 'not running';echo -e;getenforce|grep -i 'disabled'

4、使用到的相关命令使用方法

ip route命令:

关于路由的相关设置:ip route

查看路由信息:ip route show

添加一条路由

# ip route add 10.10.10.0/24 via 172.16.0.254 dev eth0

删除一条路由

# ip route del 10.10.10.0/24

添加默认路由

# ip route add default via 172.16.0.254 dev eth0

删除默认路由

# ip route del default via 172.16.0.254 dev eth0

route命令:

查看路由:route -n

添加路由:route add -net 192.168.146.0/24 gw 192.168.192.200

删除路由:route del -net 192.168.192.0/24 gw 192.168.166.200

添加默认路由:route add default gw 192.168.192.200

删除默认路由:route del default gw 192.168.192.200

5、修改路由表

机器1:

网卡1:VMnet1 IP:192.168.41.221 网卡1名称:eth1

因为没有配置网卡的网关,所以需要制定默认路由,机器1可以设置默认路由(如果设置了默认网关,

不需要再配置默认路由)

添加默认路由:

route add default gw 192.168.41.222

结果如下:

[root@centos6 ~]# route add default gw 192.168.41.222

[root@centos6 ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth1

0.0.0.0 192.168.41.222 0.0.0.0 UG 0 0 0 eth1

机器2: 网卡1:VMnet1 IP:192.168.41.222 网卡1名称:ens33

网卡2:VMnet3 IP:10.41.141.222 网卡2名称:ens37

因为机器2和机器1同一个网段,它们不需要设置路由,因此机器2只需要设置一个默认路由即可

配置转发

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward

配置路由:

ip route add default via 10.41.141.223 dev ens37

结果如下:

[root@centos7ys ~]# ip route add default via 10.41.141.223 dev ens37

[root@centos7ys ~]# ip route show

default via 10.41.141.223 dev ens37

10.41.141.0/24 dev ens37 proto kernel scope link src 10.41.141.222 metric 101

192.168.41.0/24 dev ens33 proto kernel scope link src 192.168.41.222 metric 100

机器3: 网卡1:VMnet3 IP:10.41.141.223 网卡1名称:eth2

网卡2:VMnet4 IP:192.168.141.223 网卡2名称:eth1

因为机器3属于中间的路由器,需要向两个方向转发路由,因此需要配置多条路由

配置转发

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward

配置路由:

route add -net 172.26.41.0/24 gw 192.168.141.224

route add -net 192.168.41.0/24 gw 10.41.141.222

* route add -net 172.26.41.0/24 gw 192.168.141.224

扩展:

可以合并上述其中的两条记录为一条,即将 192.168.141.224设置为默认路由

route add default gw 192.168.141.224

route add -net 192.168.41.0/24 gw 10.41.141.222

结果如下:

[root@centos6 ~]# route add -net 172.26.41.0/24 gw 192.168.141.224

[root@centos6 ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1

192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1

[root@centos6 ~]#

[root@centos6 ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1

192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

192.168.41.0 10.41.141.222 255.255.255.0 UG 0 0 0 eth2

10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1

[root@centos6 ~]# route add -net 10.41.41.0/24 gw 192.168.141.224

[root@centos6 ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

172.26.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1

10.41.41.0 192.168.141.224 255.255.255.0 UG 0 0 0 eth1

192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

192.168.41.0 10.41.141.222 255.255.255.0 UG 0 0 0 eth2

10.41.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1

机器4、 网卡1:VMnet4 IP:192.168.141.224 网卡1名称:ens33

网卡2:VMnet5 IP:172.26.41.224 网卡2名称:ens37

因为机器4属于中间的路由器,需要向两个方向转发路由,因此需要配置多条路由

配置转发

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward

配置路由:

ip route add 10.41.141.0/24 via 192.168.141.223

ip route add 10.41.41.0/24 via 172.26.41.225

* ip route add 192.168.41.0/24 via 192.168.141.223

扩展:

可以合并上述其中的两条记录为一条,即将 192.168.141.223设置为默认路由

ip route add default via 192.168.141.223

ip route add 10.41.41.0/24 via 172.26.41.225

结果如下:

[root@centos7ys ~]# ip route add 10.41.141.0/24 via 192.168.141.223

[root@centos7ys ~]# ip route add 10.41.41.0/24 via 172.26.41.225

[root@centos7ys ~]# ip route show

10.41.41.0/24 via 172.26.41.225 dev ens37

10.41.141.0/24 via 192.168.141.223 dev ens33

172.26.41.0/24 dev ens37 proto kernel scope link src 172.26.41.224 metric 101

192.168.41.0/24 via 192.168.141.223 dev ens33

192.168.141.0/24 dev ens33 proto kernel scope link src 192.168.141.224 metric 100

机器5、 网卡1:VMnet5 IP:172.26.41.225 网卡1名称:eth1

网卡2:VMnet6 IP:10.41.41.225 网卡2名称:eth2

因为机器5和机器6同一个网段,它们之间不需要设置路由,因此机器5只需要设置一个默认路由即可

配置转发

echo 1 > /proc/sys/net/ipv4/ip_forward;cat /proc/sys/net/ipv4/ip_forward

配置路由:

route add default gw 172.26.41.224

结果如下:

[root@centos6 ~]# route add default gw 172.26.41.224

[root@centos6 ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

172.26.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

10.41.41.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth1

169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth2

0.0.0.0 172.26.41.224 0.0.0.0 UG 0 0 0 eth1

机器6、 网卡1:VMnet6 IP:10.41.41.226 网卡1名称:ens33

因为没有配置网卡的网关,所以需要制定默认路由,机器6可以设置默认路由(如果设置了默认网关,不需要再配置默认路由)

添加默认路由:

ip route add default via 10.41.41.225

结果如下:

[root@centos7ys ~]# ip route add default via 10.41.41.225

[root@centos7ys ~]# ip route show

default via 10.41.41.225 dev ens33

10.41.41.0/24 dev ens33 proto kernel scope link src 10.41.41.226 metric 100

6、最终结果:

从1到6

ping结果:

[root@centos6 ~]# ping 10.41.41.226 -c 6

PING 10.41.41.226 (10.41.41.226) 56(84) bytes of data.

64 bytes from 10.41.41.226: icmp_seq=1 ttl=60 time=2.53 ms

64 bytes from 10.41.41.226: icmp_seq=2 ttl=60 time=3.17 ms

64 bytes from 10.41.41.226: icmp_seq=3 ttl=60 time=3.21 ms

64 bytes from 10.41.41.226: icmp_seq=4 ttl=60 time=3.43 ms

64 bytes from 10.41.41.226: icmp_seq=5 ttl=60 time=3.39 ms

64 bytes from 10.41.41.226: icmp_seq=6 ttl=60 time=6.93 ms

--- 10.41.41.226 ping statistics ---

6 packets transmitted, 6 received, 0% packet loss, time 5017ms

rtt min/avg/max/mdev = 2.536/3.782/6.939/1.443 ms

traceroute结果:

[root@centos6 ~]# traceroute 10.41.41.226

traceroute to 10.41.41.226 (10.41.41.226), 30 hops max, 60 byte packets

1 192.168.41.222 (192.168.41.222) 0.224 ms 0.177 ms 0.144 ms

2 10.41.141.223 (10.41.141.223) 0.403 ms 0.861 ms 0.816 ms

3 192.168.141.224 (192.168.141.224) 0.613 ms 0.598 ms 0.532 ms

4 172.26.41.225 (172.26.41.225) 1.166 ms 1.615 ms 1.583 ms

5 10.41.41.226 (10.41.41.226) 2.507 ms !X 2.480 ms !X 2.426 ms !X

从6到1

ping结果

[root@centos7ys ~]# ping 192.168.41.221 -c 6

PING 192.168.41.221 (192.168.41.221) 56(84) bytes of data.

64 bytes from 192.168.41.221: icmp_seq=1 ttl=60 time=2.24 ms

64 bytes from 192.168.41.221: icmp_seq=2 ttl=60 time=6.62 ms

64 bytes from 192.168.41.221: icmp_seq=3 ttl=60 time=3.16 ms

64 bytes from 192.168.41.221: icmp_seq=4 ttl=60 time=3.20 ms

64 bytes from 192.168.41.221: icmp_seq=5 ttl=60 time=5.68 ms

64 bytes from 192.168.41.221: icmp_seq=6 ttl=60 time=4.55 ms

--- 192.168.41.221 ping statistics ---

6 packets transmitted, 6 received, 0% packet loss, time 5012ms

rtt min/avg/max/mdev = 2.240/4.244/6.626/1.534 ms

traceroute结果:

[root@centos7ys ~]# traceroute 192.168.41.221

traceroute to 192.168.41.221 (192.168.41.221), 30 hops max, 60 byte packets

1 gateway (10.41.41.225) 0.157 ms 0.091 ms 0.042 ms

2 172.26.41.224 (172.26.41.224) 0.241 ms 0.210 ms 0.187 ms

3 192.168.141.223 (192.168.141.223) 0.544 ms 0.506 ms 0.467 ms

4 10.41.141.222 (10.41.141.222) 0.523 ms 0.474 ms 0.406 ms

5 192.168.41.221 (192.168.41.221) 0.508 ms !X 0.611 ms !X 0.557 ms !X

你可能感兴趣的:(linux拿虚拟机充当路由)