Article Directory
Foreword
Accordance with the requirements set ip
configures dhcp service
gateway and bridge
ip
- A description of the ip: inter proto address
protocol name: tcp / ip
protocol version: ipv4
ip address: 2 ^ 32
11111111.11111111.11111111.11111111 === 255.255.255.255
11111110.11111110.11111110.11111110 === 254.254.254.254
where the network equivalent position, who is equivalent to the host site. The subnet mask is used to distinguish between the two. - Subnet Mask:
IP Address: 11111110.11111110.11111110.11111110
network bits: 11111111.11111111.00000000.00000000 === 255.255.0.0 (subnet mask)
number of master range: 2 ^ 16 = 254.254.0.0 (not represented) ~ 254.254.254.254 ( broadcast address)
real address range: 254.254.0.1 ~ 254.254.254.253 === 2 ^ 16-2 - What may communicate with two ip
same network location, position two different hosts can directly communicate ip
172.25.254.1/24 === 172.25.254.1/255.255.255.0
172.25.254. * / 24 can communicate with the host
Experimental Procedure (about ip command of)
1. On the ip command (are temporary)
- Check ip address
ip addr show
ifconfig - Detection network open
ping
-c 1 (only ping1 times)
-w 1 (wait 1 second) - Setting IP
the ifconfig IP Netmask Device (format)
the ifconfig ens33 172.25.254.11 255.255.255.0 Netmask - Delete ip
ip addr del 172.25.254.11/24 dev ens33 - Add ip
ip addr the Add 172.25.254.11/24 dev ens33
Experimental Procedure (papers change ip)
1. graphically
nm-Connection-Editor
nmtui
Note: Before using these two commands, network manager must ensure that the order is on the
2. command mode
nmcli
[root@rhel7_node1 ~]# nmcli
agent device help networking
connection general monitor radio
nmcli device status ## view device status
[root@rhel7_node1 ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens33 ethernet connected System ens33
virbr0 bridge connected virbr0
lo loopback unmanaged --
virbr0-nic tun unmanaged --
nmcli device disconnect ens33 (ip closed on the device, the device was gone)
nmcli Device Connect ens33 (open device)
nmcli Connection Show (view card information)
[root@rhel7_node1 ~]# nmcli connection show
NAME UUID TYPE DEVICE
System ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
virbr0 d5dbe442-73b4-4e96-8748-f99d3706383b bridge virbr0
nmcli connection down westos (close link)
nmcli Connection up westos (open link)
nmcli the Modify Connection westos ip4 172.25.254.31/24 (add ip, added after the completion of the connection must be restarted to take effect)
nmcli Connection westos the Delete (Delete Connection)
nmcli Connection CON-name westos ifname the Add ens33 Ethernet type IP4
172.25.254.31/24 (Add connection)
connection the Add-CON Ethernet type name westos ifname ens33 ipv4.method
Auto (dhcp added network)
3 papers
arranged directories: / etc / sysconfig / network-scripts /
configuration file: ifcfg- any name
dhcp dynamic network:
vim /etc/sysconfig/network-scripts/ifcfg-westos
DEVICE=ens33(网卡名称)
ONBOOT=yes(网络服务启动网卡激活)
BOOTPROTO=dhcp(网卡工作模式为dhcp)
NAME=westos(连接名称为westos)
- Restart the network:
: In rhel7
systemctl restart Network ()
in rhel8 in:
systemctl restart NetworkManager
nmcli Connection Down the old connection
nmcli connection up new connections
Static Network:
vim /etc/sysconfig/network-scripts/ifcfg-westos
DEVICE=ens33(网卡名称)
ONBOOT=yes(网络服务启动网卡激活)
BOOTPROTO=none|static(网卡工作模式为dhcp)
NAME=westos(连接名称为westos)
IPADDR=172.25.254.222(IP地址)
NETMASK=255.255.255.0(子网掩码)
- Restart the network:
rhel7 in:
systemctl restart Network
in rhel8 in:
systemctl restart NetworkManager
nmcli Connection Down the old connection
nmcli connection up new connections
dhcp server
Experimental procedure (building dhcp server)
inrhel8In:
Configuring a static network
2. The access to the mirroring disc drive
3.df See drive mount position
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 910520 0 910520 0% /dev
tmpfs 924700 0 924700 0% /dev/shm
tmpfs 924700 9888 914812 2% /run
tmpfs 924700 0 924700 0% /sys/fs/cgroup
/dev/nvme0n1p3 8181760 4119960 4061800 51% /
/dev/nvme0n1p1 199328 141328 58000 71% /boot
tmpfs 184940 16 184924 1% /run/user/42
tmpfs 184940 3492 181448 2% /run/user/0
/dev/sr0 6935944 6935944 0 100% /run/media/root/RHEL-8-0-0-BaseOS-x86_64==光驱挂载点==
4. Enter the following positions
[root@localhost root]# cd /run/media/root/RHEL-8-0-0-BaseOS-x86_64/BaseOS/Packages/
[root@localhost Packages]# ls dhcp-*
dhcp-client-4.3.6-30.el8.x86_64.rpm dhcp-libs-4.3.6-30.el8.x86_64.rpm
dhcp-common-4.3.6-30.el8.noarch.rpm dhcp-relay-4.3.6-30.el8.x86_64.rpm
dhcp-libs-4.3.6-30.el8.i686.rpm dhcp-server-4.3.6-30.el8.x86_64.rpm
5. Installation DHCP (empty profile, can not start at this time)
[root@localhost Packages]# rpm -ivh dhcp-server-4.3.6-30.el8.x86_64.rpm
warning: dhcp-server-4.3.6-30.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
package dhcp-server-12:4.3.6-30.el8.x86_64 is already installed
6. dhcp configuration file
configuration directory: [root @ localhost ~] # cd / etc / dhcp /
[root@localhost Packages]# cd /etc/dhcp/
[root@localhost dhcp]# ls
dhclient.conf dhclient.d dhcpd6.conf dhcpd.conf(配置文件)
Generate a configuration file:
[root@localhost dhcp]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
Add line numbers and show: vim /etc/dhcp/dhcpd.conf
1 # dhcpd.conf
2 #
3 # Sample configuration file for ISC dhcpd
4 #
5
6 # option definitions common to all supported networks...
7 option domain-name "westos.com"; (域名设定)
8 option domain-name-servers 114.114.114.114; #dns
9
10 default-lease-time 600;
11 max-lease-time 7200;
12
13 # Use this to enble / disable dynamic dns updates globally.
14 #ddns-update-style none;
15
16 # If this DHCP server is the official DHCP server for the local
17 # network, the authoritative directive should be uncommented.
18 #authoritative;
19
20 # Use this to send dhcp log messages to a different log file
(you also
21 # have to hack syslog.conf to complete the redirection).
22 log-facility local7;
23
24 # No service will be given on this subnet, but declaring it
helps the
25 # DHCP server to understand the network topology.
26
27 subnet 10.152.187.0 netmask 255.255.255.0 { #删除
28 } #删除
29
30 # This is a very basic subnet declaration.
31
32 subnet 172.25.254.0 netmask 255.255.255.0 { #设定网段
33 range 172.25.254.100 172.25.254.200; #分配地址范围
34 option routers 172.25.254.10; #网关
35 }
36 ################以下内容全部删除###################
37 # This declaration allows BOOTP clients to get dynamic
addresses,
38 # which we don't really recommend.
.........
7. Restart Service systemctl restart dhcpd detection state and
[root@localhost dhcp]# systemctl restart dhcpd
[root@localhost dhcp]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor pres>
Active: active (running) since Tue 2020-03-17 22:26:41 CST; 1min 18s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 33180 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1 (limit: 11380)
Memory: 7.7M
CGroup: /system.slice/dhcpd.service
└─33180 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gro>
......
8. Test
rhel7 in the dhcp ip network to see if you can get
to see the card in rhel7 physical hardware address
[root@rhel7_node1 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast
172.25.254.255
inet6 fe80::20c:29ff:fe4e:5b61 prefixlen 64 scopeid
0x20<link>
ether 00:0c:29:4e:5b:61 txqueuelen 1000 (Ethernet) (**物理硬件地址**)
RX packets 22740 bytes 7150801 (6.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6810 bytes 744115 (726.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Check in ip allocation in rhel8
root@localhost ~]# cat /var/lib/dhcpd/dhcpd.leases
#The format of this file is documented in the dhcpd.leases(5) manual
page.
##This lease file was written by isc-dhcp-4.3.6
#authoring-byte-order entry is generated, DO NOT DELETE
authoring-byte-order little-endian;
server-duid "\000\001\000\001%\332\216M\000\014)\217\340\321";
lease 172.25.254.100 { (分配出去的ip)
starts 6 2020/02/15 11:14:04;
ends 6 2020/02/15 11:24:04;
cltt 6 2020/02/15 11:14:04;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:4e:5b:61; (获取此ip的网卡硬件地址)
client-hostname "rhel7_node1";
}
* Note: In the following rhel7 mounted in dhcp
cd "/run/media/root/RHEL-7.6 Server.x86_64/Packages"
rpm -ivh dhcp-4.2.5-68.el7_5.1.x86_64.rpm
Gateway
Suppose a host A 192.168.0.11
there is a host B 172.25.254.11
because two hosts not in the same network segment, even if the network cable is connected, two hosts can not communicate with each other, if desired, between each two hosts communications, you need a router.
This router 172 and the side segment, while segment 192 and communication.
Kernel routing enables direct communication ip different network segments.
The main function of a router isNAT(Network Address Translation)
-
Get this card ip gateway:
router and gateway client host in the same network segment ip called the client host -
Gateway setting mode
command mode: <temporary>
Via the Add default route ip 172.25.254.100 # Add a default gateway
via ip route del default 172.25.254.100 # delete the default gateway
papers: <Permanent>
way to modify the system global gateway 1vim /etc/sysconfig/network GATEWAY=172.25.254.10inrhel8In
systemctl restart NetworkManager
nmcli Connection Down link name
nmcli connection up link name
inrhel7中
systemctl stop NetworkManager
systemctl restart network
systemctl start NetworkManager2. Modify the gateway mode network card set (only works on the card against)
vim /etc/sysconfig/network-scripts/ifcfg-westos DEVICE=ens160 ONBOOT=yes BOOTPROTO=none IPADDR=172.25.254.10 NETMASK=255.255.255.0 GATEWAY=172.25.254.100 #网关inrhel8In
systemctl restart NetworkManager
nmcli Connection Down link name
nmcli connection up link name
inrhel7中
systemctl stop NetworkManager
systemctl restart network
Experimental procedure (the router communicates different network)
The premise of the case:
there are two windows on virtual systems, are rhel7 and rhel8
windows: 192.168.0.103
rhel8: 172.25.254.10
rhel7 ready to act as a router, it is set to be confirmed
1. Add an NIC rhel7 into the dual card host so that the host rhel7
在虚拟机上添加一块网卡,选择桥接模式
编辑 vim /etc/sysconfig/network-scripts/ifcfg-ens38文件
DEVICE=ens38
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.25.254.100
NETMASK=255.255.255.0
NAME=westos
2. Set rhel7 host address for two network cards:
the card 1ens33: 192.168.0.100 (and windows hosts in a unified network segments)
card 2ens38: 172.25.254.100 (rhel8 host in a unified network segment)
[root@rhel7_node1 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.100 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::20c:29ff:fe1d:b92 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1d:0b:92 txqueuelen 1000 (Ethernet)
RX packets 90864 bytes 31948435 (30.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 22379 bytes 2869247 (2.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens38: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::20c:29ff:fe1d:b9c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1d:0b:9c txqueuelen 1000 (Ethernet)
RX packets 1701 bytes 143745 (140.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 71 bytes 7989 (7.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
3. Open the kernel routing function in rhel7
[root@rhel8_node1 network-scripts]# sysctl -a |grep ip_forward
.....
net.ipv4.ip_forward = 0 #表示内核路由功能未开启
.....
Open core routing function:
vim /etc/sysctl.conf
net.ipv4.ip_forward=1 #开启内核路由功能
sysctl -p #设定更改立即生效
4. Open the rhel7 address masquerading function (by the firewall to Controls)
[root@rhel7_node1 network-scripts]# systemctl start firewalld
[root@rhel7_node1 network-scripts]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33 ens38
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: no #地址伪装功能未开启
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@rhel7_node1 network-scripts]# firewall-cmd --permanent --add-masquerade
[root@rhel7_node1 network-scripts]# firewall-cmd --reload
After the operation is complete:
[root@rhel7_node1 network-scripts]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33 ens38
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: yes #地址伪装开启
forward-ports:
source-ports:
icmp-blocks:
rich rules:
test
In rhel8:
1. Can Test communication:
ping 192.168.0.103 #测试能否和windows主机通信,测试结果为不能
2. Add Gateway:
ip route add default via 172.25.254.100 #添加本机网关为172.25.254.100
3.route -n # query Gateway
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.254.100 0.0.0.0 UG 0 0 0 ens160
172.25.254.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160
172.25.254.100 0.0.0.0 255.255.255.255 UH 0 0 0 ens160
4. Again Detection:
[root@localhost ~]# ping 192.168.0.103
PING 192.168.0.103 (192.168.0.103) 56(84) bytes of data.
64 bytes from 192.168.0.103: icmp_seq=1 ttl=63 time=1.69 ms
64 bytes from 192.168.0.103: icmp_seq=2 ttl=63 time=0.553 ms
64 bytes from 192.168.0.103: icmp_seq=3 ttl=63 time=1.52 ms
DNS
dns: responsible for domain names into ip of this work is called the host dns server (ARP)
-
dns server pointing to a temporary file:
vim /etc/resolv.conf ## nameserver 114.114.114.114 ##114.114.114.114 为电信dns服务Equivalent:
the ping www.baidu.com -----> /etc/resolv.conf ----> 114.114.114.114 ----> www.baidu.com = 39.156.66.18 -
Local parse the file (provisional):
vim /etc/hosts #叫做本地解析文件(很有限,需要手动加入) 39.156.66.18 www.baidu.com -
dns permanent settings:
vim /etc/sysconfig/network-scripts/ifcfg-ens160 # DNS1=114.114.114.114 DNS2= DNS3=
Network Service Restart
Experimental Procedure (understand DNS)
1. Setting the host ip and windows in a network
2. Set the same host gateway windows
3. See www.baidu.com Baidu ping ip in windows
4. In linux ping ip can Baidu
5. ping in linux www.baidu.com not
6. writing / etc / hosts
39.156.66.18 www.baidu.com
the ping www.baidu.com can
www.qq.com not the ping
7. change /etc/resolv.conf
nameserver 114.114.114.114
can ping www.qq.com
Bridge
Network bridge is a bridge that helps virtual machines and network connection directly, without going through the host kernel.
Experimental Procedure (bridge setting)
1. Delete the original card link:
nmcli connection delete System\ ens160
2. Modify the network card configuration file:
vim /etc/sysconfig/network-scripts/ifcfg-ens160
DEVICE=ens160
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br0
3. Modify the bridge interface configuration file:
vim /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.25.254.10
NETMASK=255.255.255.0
TYPE=Bridge
4. Restart network services:
systemctl restart NetworkManager
5. Test:
[root@localhost ~]# bridge link show
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 master virbr0 state disabled priority 32 cost 100
At this time, the virtual machines and physical machines in parallel on network environment, the virtual machine does not take up core communications network with a physical machine Oh.
postscript
nat way and what the nature of each bridge
