设置虚拟机hostonly网络上网
虚拟机hostonly网络默认只能和物理主机(宿主机)通信,但是有时候有特殊需求hostonly网络需要和外网通信,怎么设置?前提是另外有一台虚拟机能和外网通信,如果是在家里,有路由器的情况,这台虚拟机的网络通常设置为bridge,但是如果在公司,因为不能桥接到路由器上,所以一般是将网络设置为NAT的方式,通过映射物理机(一般是Windows机器)ip来访问外网
下面简单描述一下hostonly网络通过另外一台NAT网络虚拟机访问外网的方法:
NAT网络虚拟机,两块网卡,一块网卡是NAT,一块网卡是hostonly
NAT网卡的地址是192.168.85.128,网关为192.168.85.2 ,能上外网
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.85.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.75.0 0.0.0.0 255.255.255.0 U 1 0 0 rename3 0.0.0.0 192.168.85.2 0.0.0.0 UG 0 0 0 eth0
# ping www.qq.com PING www.qq.com (14.17.42.40) 56(84) bytes of data. 64 bytes from 14.17.42.40: icmp_seq=1 ttl=128 time=2.70 ms
hostonly网卡的ip是192.168.75.128
# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:35:54:1C inet addr:192.168.85.128 Bcast:192.168.85.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe35:541c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:84942 errors:0 dropped:0 overruns:0 frame:0 TX packets:21059 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:97826497 (93.2 MiB) TX bytes:2158651 (2.0 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:230 errors:0 dropped:0 overruns:0 frame:0 TX packets:230 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:14016 (13.6 KiB) TX bytes:14016 (13.6 KiB) eth1 Link encap:Ethernet HWaddr 00:0C:29:35:54:26 inet addr:192.168.75.128 Bcast:192.168.75.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe35:5426/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5398 errors:0 dropped:0 overruns:0 frame:0 TX packets:802 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:538577 (525.9 KiB) TX bytes:344300 (336.2 KiB)
NAT网络虚拟机添加防火墙转发规则并打开路由转发
# iptables -t nat -A POSTROUTING -s 192.168.75.0/24 -j SNAT --to-source 192.168.85.128
# iptables -L -t nat -n Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.75.0/24 0.0.0.0/0 to:192.168.85.128 Chain OUTPUT (policy ACCEPT) target prot opt source destination
打开路由转发
# vim /etc/sysctl.conf #永久生效 net.ipv4.ip_forward = 1 # sysctl -p
或者
# echo 1 >/proc/sys/net/ipv4/ip_forward # cat /proc/sys/net/ipv4/ip_forward 1
hostonly虚拟机,只有一块网卡,网络设置是hostonly
1、如果网卡设置为static,可以设置默认网关
# ifconfig eth1 192.168.75.130 netmask 255.255.255.0
# route add default gw 192.168.75.128
注意:以上命令只是临时生效,如果要永久生效,需要编辑
# cat /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 HWADDR=00:0C:29:E8:45:D1 TYPE=Ethernet UUID=9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c05 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=static IPADDR=192.168.75.130 NETMASK=255.255.255.0 GATEWAY=192.168.75.128
2、如果网卡设置为dhcp,则hostonly网络的默认网关被设定为了192.168.75.1,不可以再将默认网关修改为192.168.75.128,必须要设置静态路由才行
# /etc/init.d/network restart #dhcp分配的ip为192.168.131 # cat /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 HWADDR=00:0C:29:C5:D9:00 TYPE=Ethernet UUID=9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c05 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=dhcp # ifconfig eth1 Link encap:Ethernet HWaddr 00:0C:29:C5:D9:00 inet addr:192.168.75.131 Bcast:192.168.75.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fec5:d900/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4549 errors:0 dropped:0 overruns:0 frame:0 TX packets:3356 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:663542 (647.9 KiB) TX bytes:482779 (471.4 KiB)
不可以设置默认网关,则设置静态路由,
# cat /etc/sysconfig/static-routes any net 192.168.85.0/24 gw 192.168.75.128 any net 0.0.0.0 gw 192.168.75.128
3、设置DNS
# vim /etc/resolv.conf
# Generated by NetworkManager search localdomain.com nameserver 114.114.114.114 nameserver 8.8.4.4
# ping www.baidu.com PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data. 64 bytes from 14.215.177.38: icmp_seq=1 ttl=127 time=7.20 ms 64 bytes from 14.215.177.38: icmp_seq=2 ttl=127 time=8.26 ms
本文出自 “小鱼的博客” 博客,转载请与作者联系!