虚拟机做网关实现局域网上网
一直都是用的
XP
通过
ADSL
上网
,
由于
XP
没有路由的功能
,
所以一直只能让宿主机和客户机
(
虚拟机
)
其中的一个上网
.
今天突发奇想
,
用虚拟机做宿主机的网关
,
形成一个小型局域网上网的模型
.
宿主机
:XP,192.168.1.11
虚拟机
:redhat 9,192.168.1.13
首先要保证linux
上已经装了拨号软件pppoe
将虚拟机的网关设置去掉
[root@localhost root]# less /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
IPADDR=192.168.1.13
NETMASK=255.255.255.0
TYPE=Ethernet
USERCTL=no
PEERDNS=no
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
配置adsl
连接信息
[root@localhost root]# adsl-setup
Welcome to the ADSL client setup. First, I will run some checks on
your system to make sure the PPPoE client is installed properly...
LOGIN NAME
Enter your Login Name (default root):
输入
adsl
帐号
INTERFACE
Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where 'X' is a number.
(default eth0):
输入连接
modem
的网卡
Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter 'no' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
Enter the demand value (default no):
直接回车即可
DNS
Please enter the IP address of your ISP's primary DNS server.
If your ISP claims that 'the server will provide dynamic DNS addresses',
enter 'server' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here:
输入
DNS
的地址
,
如果是由
ADSL
自动获取
,
则输入
server
PASSWORD
Please enter your Password: ADSL
的密码
Please re-enter your Password:
再输入一次密码
USERCTRL
Please enter 'yes' (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes):
直接回车即可
FIREWALLING
Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.
The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
for a LAN
Choose a type of firewall (0-2):
是否启用防火墙
,0
表示不设
Start this connection at boot time
Do you want to start this connection at boot time?
Please enter no or yes (default no):
是否在系统启动的时候连接
.
默认是否
** Summary of what you entered **
之前输入的所有信息概要如下
Ethernet Interface: eth0
User name: xxx
Activate-on-demand: No
DNS addresses: Supplied by ISP's server
Firewalling: NONE
User Control: yes
Accept these settings and adjust configuration files (y/n)? y
是否写入配置文件
Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
(But first backing it up to /etc/ppp/chap-secrets.bak)
(But first backing it up to /etc/ppp/pap-secrets.bak)
Congratulations, it should be all set up!
Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'
to bring it down.
Type '/sbin/adsl-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
to see the link status.
启动adsl,
开始拨号
[root@localhost root]# adsl-start
拨号成功查看当前网络信息
[root@localhost root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:XX:XX:XX:XX
inet addr:192.168.1.13 Bcast:192.168.1.255 Mask:255.255.255.0
ppp0 Link encap:Point-to-Point Protocol
inet addr:59.175.103.180 P-t-P:59.175.102.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:54 (54.0 b) TX bytes:54 (54.0 b)
测试,ping
外网域名
[root@localhost root]# ping [url]www.baidu.com[/url]
PING
[url]www.a.shifen.com[/url] (220.181.37.4) 56(84) bytes of data.
64 bytes from 220.181.37.4: icmp_seq=1 ttl=52 time=100 ms
64 bytes from 220.181.37.4: icmp_seq=2 ttl=52 time=102 ms
这样就实现了虚拟机通过
ADSL
上网
,
查看当前路由信息
[root@localhost root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
59.175.102.1 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 59.175.102.1 0.0.0.0 UG 0 0 0 ppp0
默认网关已经指向了外网的出口
.
开始启用转发和nat,
实现内外网的路由和NAT
转换
[root@localhost root]# echo 0 > /proc/sys/net/ipv4/ip_forward
[root@localhost root]# iptables -t filter -F
[root@localhost root]# iptables -t nat -F
[root@localhost root]# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQU
ERADE
[root@localhost root]# echo 1 > /proc/sys/net/ipv4/ip_forward
将
xp
的网关设为
linux
的
ip192.168.1.13,DNS
设为
ADSL
的
DNS,
如武汉的为
202.103.24.68.
这样就可以在
XP
上上网了
.
在上一篇文章
linux
做网关的时候
,
并没有使用
iptables.
例如在
linux 1.13
上增加另一个网络的
ip 0.13,
只需要使用
echo 1 > /proc/sys/net/ipv4/ip_forward
来
启用转发
,
客户
xp1.11
的网关指向
1.13
就可以
ping
通
1.13
了
因为此时
linux
只是单纯的路由转发
,
而它做
adsl
内网网关的时候发生了
NAT,
所以需要使用
iptables.
记得每次修改IP设置之后要重启网卡,并且重新启动转发
echo 1 > /proc/sys/net/ipv4/ip_forward
附记:
做完
linux
虚拟机网关的实验后
,
关闭
vmware
回到
xp
中连接
adsl,
报错
:
域上的用户名
/
密码错误
.
禁用本地连接发现死在那里了
,
启用的时候报连接失败
.
只能重启看看了
,
谁知道就停在那里了
,
不耐烦就按了
reset.
发现在选择系统的那个地方停住了
,
选择进入安全模式也是停在那个地方
.
重复若干次都不行
.
害怕
,
懊恼
,
郁闷
….
难道要重新装系统
??
拿出系统盘
,
放入光驱
,
还是觉得不甘心
,
准备尝试一下
,
仍然停在那个地方
,
把插着的
U
盘拔了
,
竟然就进去了
.
不由得长嘘一口气
,
一场虚惊啊
…
佛祖保佑
….
不过实验几次后发现确实有这个问题
,
修改了本地连接之后
,
再用
adsl
连接会报域上的用户名
/
密码错误
.
没办法只好把
modem
重启了
.