文章目录
前言
按照要求设定ip
会配置dhcp服务
网关and桥接
ip
- 对与ip的说明:inter proto address
协议名称:tcp/ip
协议版本:ipv4
ip地址:2^32
11111111.11111111.11111111.11111111 === 255.255.255.255
11111110.11111110.11111110.11111110 === 254.254.254.254
什么地方相当于网络位,什么人相当于主机位。子网掩码用来区分这两个。 - 子网掩码:
ip地址:11111110.11111110.11111110.11111110
网络位:11111111.11111111.00000000.00000000 === 255.255.0.0(子网掩码)
主机个数范围:2^16=254.254.0.0(不可表示)~254.254.254.254(广播地址)
真实地址范围:254.254.0.1 ~ 254.254.254.253 === 2^16-2 - 什么样的两个ip可以通信
网络位相同,主机位不同的两个ip是可以直接通信的
172.25.254.1/24 === 172.25.254.1/255.255.255.0
172.25.254.*/24内主机可以通信
实验步骤(关于ip的命令)
1.关于ip的命令(都是临时的)
- 查看ip地址
ip addr show
ifconfig - 检测网络通畅
ping
-c 1(只ping1次)
-w 1(等待1秒) - 设定ip
ifconfig device ip netmask(格式)
ifconfig ens33 172.25.254.11 netmask 255.255.255.0 - 删除ip
ip addr del 172.25.254.11/24 dev ens33 - 添加ip
ip addr add 172.25.254.11/24 dev ens33
实验步骤(文件方式更改ip)
1.图形方式
nm-connection-editor
nmtui
注意:在使用这两个命令之前,得保证network manager这个命令是开启的
2.命令方式
nmcli
[root@rhel7_node1 ~]# nmcli
agent device help networking
connection general monitor radio
nmcli device status ##查看设备状态
[root@rhel7_node1 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens33 ethernet connected System ens33
virbr0 bridge connected virbr0
lo loopback unmanaged --
virbr0-nic tun unmanaged --
nmcli device disconnect ens33(关闭设备,设备上的ip就不见了)
nmcli device connect ens33(开启设备)
nmcli connection show(查看网卡信息)
[root@rhel7_node1 ~]# nmcli connection show
NAME UUID TYPE DEVICE
System ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
virbr0 d5dbe442-73b4-4e96-8748-f99d3706383b bridge virbr0
nmcli connection down westos(关闭链接)
nmcli connection up westos(打开链接)
nmcli connection modify westos ip4 172.25.254.31/24(添加ip,添加完成后必须要重启连接才能生效)
nmcli connection delete westos (删除连接)
nmcli connection add con-name westos ifname ens33 type ethernet ip4
172.25.254.31/24(添加连接)
connection add con-name westos ifname ens33 type ethernet ipv4.method
auto(添加dhcp网络)
3.文件方式
配置目录:/etc/sysconfig/network-scripts/
配置文件:ifcfg-任意名称
dhcp动态网络:
vim /etc/sysconfig/network-scripts/ifcfg-westos
DEVICE=ens33(网卡名称)
ONBOOT=yes(网络服务启动网卡激活)
BOOTPROTO=dhcp(网卡工作模式为dhcp)
NAME=westos(连接名称为westos)
- 重启网络:
在rhel7:
systemctl restart network()
在rhel8中:
systemctl restart NetworkManager
nmcli connection down 老的连接
nmcli connection up 新的连接
静态网络:
vim /etc/sysconfig/network-scripts/ifcfg-westos
DEVICE=ens33(网卡名称)
ONBOOT=yes(网络服务启动网卡激活)
BOOTPROTO=none|static(网卡工作模式为dhcp)
NAME=westos(连接名称为westos)
IPADDR=172.25.254.222(IP地址)
NETMASK=255.255.255.0(子网掩码)
- 重启网络:
在rhel7:
systemctl restart network
在rhel8中:
systemctl restart NetworkManager
nmcli connection down 老的连接
nmcli connection up 新的连接
dhcp服务器
实验步骤(dhcp服务器的搭建)
在rhel8中:
1.配置静态网络
2.把镜像光盘接入光驱
3.df查看光驱挂载位置
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 910520 0 910520 0% /dev
tmpfs 924700 0 924700 0% /dev/shm
tmpfs 924700 9888 914812 2% /run
tmpfs 924700 0 924700 0% /sys/fs/cgroup
/dev/nvme0n1p3 8181760 4119960 4061800 51% /
/dev/nvme0n1p1 199328 141328 58000 71% /boot
tmpfs 184940 16 184924 1% /run/user/42
tmpfs 184940 3492 181448 2% /run/user/0
/dev/sr0 6935944 6935944 0 100% /run/media/root/RHEL-8-0-0-BaseOS-x86_64==光驱挂载点==
4.进入下面位置
[root@localhost root]# cd /run/media/root/RHEL-8-0-0-BaseOS-x86_64/BaseOS/Packages/
[root@localhost Packages]# ls dhcp-*
dhcp-client-4.3.6-30.el8.x86_64.rpm dhcp-libs-4.3.6-30.el8.x86_64.rpm
dhcp-common-4.3.6-30.el8.noarch.rpm dhcp-relay-4.3.6-30.el8.x86_64.rpm
dhcp-libs-4.3.6-30.el8.i686.rpm dhcp-server-4.3.6-30.el8.x86_64.rpm
5.安装dhcp(配置文件空,此时无法启动)
[root@localhost Packages]# rpm -ivh dhcp-server-4.3.6-30.el8.x86_64.rpm
warning: dhcp-server-4.3.6-30.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
package dhcp-server-12:4.3.6-30.el8.x86_64 is already installed
6.配置dhcp文件
配置目录:[root@localhost ~]# cd /etc/dhcp/
[root@localhost Packages]# cd /etc/dhcp/
[root@localhost dhcp]# ls
dhclient.conf dhclient.d dhcpd6.conf dhcpd.conf(配置文件)
生成配置文件:
[root@localhost dhcp]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
添加行号且显示:vim /etc/dhcp/dhcpd.conf
1 # dhcpd.conf
2 #
3 # Sample configuration file for ISC dhcpd
4 #
5
6 # option definitions common to all supported networks...
7 option domain-name "westos.com"; (域名设定)
8 option domain-name-servers 114.114.114.114; #dns
9
10 default-lease-time 600;
11 max-lease-time 7200;
12
13 # Use this to enble / disable dynamic dns updates globally.
14 #ddns-update-style none;
15
16 # If this DHCP server is the official DHCP server for the local
17 # network, the authoritative directive should be uncommented.
18 #authoritative;
19
20 # Use this to send dhcp log messages to a different log file
(you also
21 # have to hack syslog.conf to complete the redirection).
22 log-facility local7;
23
24 # No service will be given on this subnet, but declaring it
helps the
25 # DHCP server to understand the network topology.
26
27 subnet 10.152.187.0 netmask 255.255.255.0 { #删除
28 } #删除
29
30 # This is a very basic subnet declaration.
31
32 subnet 172.25.254.0 netmask 255.255.255.0 { #设定网段
33 range 172.25.254.100 172.25.254.200; #分配地址范围
34 option routers 172.25.254.10; #网关
35 }
36 ################以下内容全部删除###################
37 # This declaration allows BOOTP clients to get dynamic
addresses,
38 # which we don't really recommend.
.........
7.重启服务systemctl restart dhcpd并检测状态
[root@localhost dhcp]# systemctl restart dhcpd
[root@localhost dhcp]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor pres>
Active: active (running) since Tue 2020-03-17 22:26:41 CST; 1min 18s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 33180 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1 (limit: 11380)
Memory: 7.7M
CGroup: /system.slice/dhcpd.service
└─33180 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gro>
......
8.测试
rhel7中配置dhcp网络看是否可以获得ip
在rhel7中查看网卡的物理硬件地址
[root@rhel7_node1 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast
172.25.254.255
inet6 fe80::20c:29ff:fe4e:5b61 prefixlen 64 scopeid
0x20<link>
ether 00:0c:29:4e:5b:61 txqueuelen 1000 (Ethernet) (**物理硬件地址**)
RX packets 22740 bytes 7150801 (6.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6810 bytes 744115 (726.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
在rhel8中查看ip分配情况
root@localhost ~]# cat /var/lib/dhcpd/dhcpd.leases
#The format of this file is documented in the dhcpd.leases(5) manual
page.
##This lease file was written by isc-dhcp-4.3.6
#authoring-byte-order entry is generated, DO NOT DELETE
authoring-byte-order little-endian;
server-duid "\000\001\000\001%\332\216M\000\014)\217\340\321";
lease 172.25.254.100 { (分配出去的ip)
starts 6 2020/02/15 11:14:04;
ends 6 2020/02/15 11:24:04;
cltt 6 2020/02/15 11:14:04;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:4e:5b:61; (获取此ip的网卡硬件地址)
client-hostname "rhel7_node1";
}
*注意:在rhel7中dhcp的安装如下
cd "/run/media/root/RHEL-7.6 Server.x86_64/Packages"
rpm -ivh dhcp-4.2.5-68.el7_5.1.x86_64.rpm
网关
假设有一台主机A 192.168.0.11
还有一台主机B 172.25.254.11
因为两台主机不在同一个网段,所以就算是连接了网线,两台主机也不能互相通信,若需要两台主机之间可以互相通信,则需要路由器。
此路由器一边和172网段,一边和192网段通信。
内核路由功能可以使不同网段的ip直接通信。
路由器功能主要是NAT(网络地址转换)
-
获取此ip的网卡网关:
路由器上和客户主机处在同一个网段的ip叫做客户主机的网关 -
网关设定方式
命令方式:<临时>
ip route add default via 172.25.254.100 #添加默认网关
ip route del default via 172.25.254.100 #删除默认网关
文件方式:<永久>
方式1 修改系统全局网关vim /etc/sysconfig/network GATEWAY=172.25.254.10在rhel8中
systemctl restart NetworkManager
nmcli connection down 链接名称
nmcli connection up 链接名称
在rhel7中
systemctl stop NetworkManager
systemctl restart network
systemctl start NetworkManager方式2.修改网卡设定网关(只对针对的网卡生效)
vim /etc/sysconfig/network-scripts/ifcfg-westos DEVICE=ens160 ONBOOT=yes BOOTPROTO=none IPADDR=172.25.254.10 NETMASK=255.255.255.0 GATEWAY=172.25.254.100 #网关在rhel8中
systemctl restart NetworkManager
nmcli connection down 链接名称
nmcli connection up 链接名称
在rhel7中
systemctl stop NetworkManager
systemctl restart network
实验步骤(设置路由器进行不同网段的通信)
前提情况:
在windows上有两个虚拟系统,分别是rhel7和rhel8
windows:192.168.0.103
rhel8:172.25.254.10
rhel7准备充当路由器,所以设置为待定
1.在rhel7中添加一块网卡使rhel7主机变成双网卡主机
在虚拟机上添加一块网卡,选择桥接模式
编辑 vim /etc/sysconfig/network-scripts/ifcfg-ens38文件
DEVICE=ens38
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.25.254.100
NETMASK=255.255.255.0
NAME=westos
2.设定rhel7主机的两块网卡地址为:
网卡1ens33:192.168.0.100(和windows主机处在统一个网段)
网卡2ens38:172.25.254.100(rhel8主机处在统一个网段)
[root@rhel7_node1 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.100 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::20c:29ff:fe1d:b92 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1d:0b:92 txqueuelen 1000 (Ethernet)
RX packets 90864 bytes 31948435 (30.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 22379 bytes 2869247 (2.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens38: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::20c:29ff:fe1d:b9c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1d:0b:9c txqueuelen 1000 (Ethernet)
RX packets 1701 bytes 143745 (140.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 71 bytes 7989 (7.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
3.在rhel7中打开内核路由功能
[root@rhel8_node1 network-scripts]# sysctl -a |grep ip_forward
.....
net.ipv4.ip_forward = 0 #表示内核路由功能未开启
.....
开启内核路由功能:
vim /etc/sysctl.conf
net.ipv4.ip_forward=1 #开启内核路由功能
sysctl -p #设定更改立即生效
4.在rhel7中打开地址伪装功能(由火墙来控管)
[root@rhel7_node1 network-scripts]# systemctl start firewalld
[root@rhel7_node1 network-scripts]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33 ens38
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: no #地址伪装功能未开启
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@rhel7_node1 network-scripts]# firewall-cmd --permanent --add-masquerade
[root@rhel7_node1 network-scripts]# firewall-cmd --reload
操作完成之后:
[root@rhel7_node1 network-scripts]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33 ens38
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: yes #地址伪装开启
forward-ports:
source-ports:
icmp-blocks:
rich rules:
测试
在rhel8中:
1.测试能否通信:
ping 192.168.0.103 #测试能否和windows主机通信,测试结果为不能
2.添加网关:
ip route add default via 172.25.254.100 #添加本机网关为172.25.254.100
3.route -n #查询网关
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.254.100 0.0.0.0 UG 0 0 0 ens160
172.25.254.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160
172.25.254.100 0.0.0.0 255.255.255.255 UH 0 0 0 ens160
4.再次检测:
[root@localhost ~]# ping 192.168.0.103
PING 192.168.0.103 (192.168.0.103) 56(84) bytes of data.
64 bytes from 192.168.0.103: icmp_seq=1 ttl=63 time=1.69 ms
64 bytes from 192.168.0.103: icmp_seq=2 ttl=63 time=0.553 ms
64 bytes from 192.168.0.103: icmp_seq=3 ttl=63 time=1.52 ms
DNS
dns:负责作域名转换成ip这个工作的主机叫做dns服务器(地址解析)
-
dns服务器指向文件临时:
vim /etc/resolv.conf ## nameserver 114.114.114.114 ##114.114.114.114 为电信dns服务相当于:
ping www.baidu.com-----> /etc/resolv.conf ---->114.114.114.114 ---->www.baidu.com =39.156.66.18 -
本地解析文件(临时):
vim /etc/hosts #叫做本地解析文件(很有限,需要手动加入) 39.156.66.18 www.baidu.com -
dns的永久设定:
vim /etc/sysconfig/network-scripts/ifcfg-ens160 # DNS1=114.114.114.114 DNS2= DNS3=
重启网络服务
实验步骤(了解DNS)
1.设定主机ip和windows在一个网段
2.设定主机网关和windows相同
3.在windows中ping www.baidu.com 查看百度ip
4.在linux中ping 百度ip可以
5.在linux中ping www.baidu.com 不可以
6.编写/etc/hosts
39.156.66.18 www.baidu.com
ping www.baidu.com 可以
ping www.qq.com 不可以
7.更改 /etc/resolv.conf
nameserver 114.114.114.114
ping www.qq.com 可以
网桥
网桥就是网络桥接,可以帮助虚拟机直接和网络进行连接,不必通过主机内核。
实验步骤(网桥的设定)
1.删除原始网卡链接:
nmcli connection delete System\ ens160
2.修改网卡配置文件:
vim /etc/sysconfig/network-scripts/ifcfg-ens160
DEVICE=ens160
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br0
3.修改桥接接口配置文件:
vim /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.25.254.10
NETMASK=255.255.255.0
TYPE=Bridge
4.重启网络服务:
systemctl restart NetworkManager
5.测试:
[root@localhost ~]# bridge link show
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 master virbr0 state disabled priority 32 cost 100
此时虚拟机与物理机就处于平行的网络环境,虚拟机不需要占用物理机的内核与网络通信哦了。
后记
nat方式与桥接各有何性质
