實驗：主機間跨網絡通訊

實驗：主機間跨網絡通訊

實驗拓撲圖：

第一步：建立四個虛擬機

第二步：配置vmnet6和vmnet8網段

vmnet6:10.0.0.0/8

vmnet8:192.168.38.0/24

vmnet0:172.18.0.0/24

3、如上圖所示，配置好每一個虛擬機的網卡類型

4、配置IP

第一個虛擬機

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.38.123
NETMASK=255.255.255.0
GATEWAY=192.168.38.2
NAME=ens33
DEVICE=ens33
ONBOOT=yes
[root@localhost ~]# systemctl restart network

第二個虛擬機

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.38.200
NETMASK=255.255.255.0
GATEWAY=192.168.38.2
NAME=ens33
DEVICE=ens33
ONBOOT=yes
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE=Ethernet
BOOTPROTO=static
IPADDR=10.0.0.200
NETMASK=255.0.0.0
GATEWAY=10.0.0.1
NAME=ens37
DEVICE=ens37
ONBOOT=yes
[root@localhost ~]# systemctl restart network

第三個虛擬機

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
IPADDR=10.0.0.201
NETMASK=255.0.0.0
GATEWAY=10.0.0.1
NAME=ens33
DEVICE=ens33
ONBOOT=yes
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE=Ethernet
BOOTPROTO=static
IPADDR=172.18.28.201
NETMASK=255.255.0.0
GATEWAY=172.18.0.1
NAME=ens37
DEVICE=ens37
ONBOOT=yes
[root@localhost ~]# systemctl restart network

第四個虛擬機

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
IPADDR=172.18.28.202
NETMASK=255.255.0.0
GATEWAY=172.18.0.1
NAME=ens33
DEVICE=ens33
ONBOOT=yes
[root@localhost ~]# systemctl restart network

5、配置路由規則

如今B還ping不通A

[root@b ~]# ping 192.168.38.123
PING 192.168.38.123 (192.168.38.123) 56(84) bytes of data.
From 172.18.28.28 icmp_seq=1 Redirect Network(New nexthop: 172.18.0.1)
From 172.18.28.28: icmp_seq=1 Redirect Network(New nexthop: 172.18.0.1)

A的默認網關應該是192.168.38.200（或者給A加一條路由，讓A知道172.18網段是要經過192.168.38.200出去的，否則數據包全發到192.168.38.2去了）

[root@localhost ~]# ip route add default via 192.168.38.200

R1走172.18網段經過10.0.0.201

[root@localhost ~]# ip route add 172.18.0.0/16 via 10.0.0.201

R2走192.168.38網段經過10.0.0.200

[root@r2 ~]# ip route add 192.168.38.0/24 via 10.0.0.200

B的默認網關應該是172.18.28.201

[root@b ~]# ip route add default via 172.18.28.201

6、第二三個虛擬機開啓路由轉發

第二個和第三個虛擬機都要執行

[root@localhost ~]# echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/ip_forward.conf
[root@localhost ~]# sysctl -p /etc/sysctl.d/ip_forward.conf
net.ipv4.ip_forward = 1

7、接下來就是見證奇蹟的時刻

B ping A

[root@b ~]# ping 192.168.38.123 -c3
PING 192.168.38.123 (192.168.38.123) 56(84) bytes of data.
64 bytes from 192.168.38.123: icmp_seq=1 ttl=62 time=4.83 ms
64 bytes from 192.168.38.123: icmp_seq=2 ttl=62 time=1.03 ms
64 bytes from 192.168.38.123: icmp_seq=3 ttl=62 time=1.12 ms

--- 192.168.38.123 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 1.034/2.329/4.832/1.770 ms

A ping B (第一次實驗作完後NAT就能夠直接ping到橋接了，不知道什麼緣由)

[root@localhost ~]# ping 172.18.28.202 -c3
PING 172.18.28.202 (172.18.28.202) 56(84) bytes of data.
64 bytes from 172.18.28.202: icmp_seq=1 ttl=62 time=2.20 ms
64 bytes from 172.18.28.202: icmp_seq=2 ttl=62 time=1.14 ms
64 bytes from 172.18.28.202: icmp_seq=3 ttl=62 time=0.876 ms

--- 172.18.28.202 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.876/1.408/2.202/0.573 ms

A到B怎麼走的：

[root@localhost ~]# tracepath -n 172.18.28.202
 1?: [LOCALHOST]                                         pmtu 1500
 1:  192.168.38.200                                        0.558ms 
 1:  192.168.38.200                                        1.848ms 
 2:  10.0.0.201                                            2.290ms 
 3:  172.18.28.202                                         4.786ms reached
     Resume: pmtu 1500 hops 3 back 3

B到A怎麼走的

[root@b ~]# tracepath -n 192.168.38.123
 1?: [LOCALHOST]                                         pmtu 1500
 1:  172.18.28.201                                         0.887ms 
 1:  172.18.28.201                                         0.863ms 
 2:  10.0.0.200                                            5.798ms 
 3:  192.168.38.123                                        9.648ms reached
     Resume: pmtu 1500 hops 3 back 3

如今虛擬機不知道怎麼了默認NAT就能ping到橋接的虛擬機，如今tracepath看一下(這是新的一臺虛擬機)

# 能ping通
[qqq@ubuntu ~]$ ping 172.18.28.202 -c2
PING 172.18.28.202 (172.18.28.202) 56(84) bytes of data.
64 bytes from 172.18.28.202: icmp_seq=1 ttl=128 time=2.15 ms
64 bytes from 172.18.28.202: icmp_seq=2 ttl=128 time=0.738 ms

--- 172.18.28.202 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 0.738/1.442/2.146/0.704 ms
#看一下怎麼走的
[qqq@ubuntu ~]$ tracepath -n 172.18.28.202
 1?: [LOCALHOST]                      pmtu 1500
 1:  192.168.38.2                                          0.480ms 
 1:  192.168.38.2                                          0.120ms 
 2:  no reply
 3:  no reply
 4:  no reply
 ...   (確實是到了NAT橋那裏，後面一直noreply了)

持久化路由表

思路:能夠把添加路由的命令寫入開機啓動文件

方法一：

寫入rc.local文件

方法二（推薦）：

# CentOS7可行，其餘未測
[root@localhost ~]# ip route > /etc/sysconfig/network-scripts/route-ens33