「Linux路由实践」之实现物理隔断的两个网段通信【默认路由篇】

2019-03-05 16:14:56 浏览数 (1)

环境说明: 同一交互机物理隔断的2个私有网络,每个网络中分别为CentOS 6 * 1, CentOS 7 * 1

好的,现在我们开始~

1.首先我们先看一下2台主机的网络配置信息 先看CentOS 6的:

代码语言:javascript复制
[root@Centos6 ~]# ifconfig
eth1      Link encap:Ethernet  HWaddr 00:0C:29:40:43:BC
          inet addr:192.168.10.10  Bcast:192.168.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe40:43bc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:84 errors:0 dropped:0 overruns:0 frame:0
          TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14932 (14.5 KiB)  TX bytes:9438 (9.2 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
[root@Centos6 ~]# ping 192.168.20.20
connect: Network is unreachable
[root@Centos6 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

然后是CentOS 7的:

代码语言:javascript复制
[root@Centos7 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.20.20  netmask 255.255.255.0  broadcast 192.168.20.255
        inet6 fe80::20c:29ff:fe03:b85f  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:03:b8:5f  txqueuelen 1000  (Ethernet)
        RX packets 61  bytes 6951 (6.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 100  bytes 15953 (15.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 268  bytes 21616 (21.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 268  bytes 21616 (21.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@Centos7 ~]# ping 192.168.10.10
connect: Network is unreachable
[root@Centos7 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33

2.那么,如果要让这2台不同网段的主机能够通信该怎么办呢?

嗯,当然有办法,而且有3种:

  • 新增一台拥有2张网卡的服务器(或在交换机上进行相关设置),分别指向192.168.10.0/24和192.168.20.0/24的网络;
  • 为环境中的Centos 6或7中任意一台服务器添加一张网卡,指向对方网络,然后开启内核转发功能;
  • 使用默认路由;

这里我们以方法三为例 另2种方法参见本博其他文章 此处不赘述

3.由于10.0和20.0这2个私有网络是交换机物理隔断的,所以我们可以通过添加默认网关的方法实现通信(当然还有第二步中提到的其他方法),但不同的是指向的网关为自己同交换机的直连网口地址

代码语言:javascript复制
[root@Centos6 ~]# route add default gw 192.168.10.10                #Centos 6上
[root@Centos6 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.10.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         192.168.10.10   0.0.0.0         UG    0      0        0 eth1

[root@Centos7 ~]# route add default gw 192.168.20.20                #Centos 7上
[root@Centos7 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.20.20   0.0.0.0         UG    0      0        0 ens33
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 ens33

4.接下来,我们进行PING测试并在Centos 7上抓包

代码语言:javascript复制
[root@Centos6 ~]# ping 192.168.20.20                #Centos 6上
PING 192.168.20.20 (192.168.20.20) 56(84) bytes of data.
64 bytes from 192.168.20.20: icmp_seq=1 ttl=64 time=0.646 ms
64 bytes from 192.168.20.20: icmp_seq=2 ttl=64 time=0.251 ms
64 bytes from 192.168.20.20: icmp_seq=3 ttl=64 time=1.37 ms
64 bytes from 192.168.20.20: icmp_seq=4 ttl=64 time=1.19 ms
64 bytes from 192.168.20.20: icmp_seq=5 ttl=64 time=0.269 ms
64 bytes from 192.168.20.20: icmp_seq=6 ttl=64 time=2.11 ms
64 bytes from 192.168.20.20: icmp_seq=7 ttl=64 time=0.652 ms

[root@Centos7 ~]# tcpdump -i ens33 -nn icmp                #Centos 7上
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 65535 bytes
05:16:44.057527 IP 192.168.10.10 > 192.168.20.20: ICMP echo request, id 33029
, seq 149, length 64
05:16:44.057580 IP 192.168.20.20 > 192.168.10.10: ICMP echo reply, id 33029,
seq 149, length 64
05:16:45.058726 IP 192.168.10.10 > 192.168.20.20: ICMP echo request, id 33029
, seq 150, length 64
05:16:45.058806 IP 192.168.20.20 > 192.168.10.10: ICMP echo reply, id 33029,
seq 150, length 64
05:16:46.059739 IP 192.168.10.10 > 192.168.20.20: ICMP echo request, id 33029
, seq 151, length 64
05:16:46.059886 IP 192.168.20.20 > 192.168.10.10: ICMP echo reply, id 33029,
seq 151, length 64
05:16:47.060638 IP 192.168.10.10 > 192.168.20.20: ICMP echo request, id 33029
, seq 152, length 64

5.至此,环境中的两个不同网段的主机已成功互通。

centos linux 私有网络

0 人点赞