服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 虚拟networking,路由networking
Intereting Posts
Dante服务器不接受连接 如何监视多台机器之间的连接 / var / lib / ureadahead / debugfs使用磁盘空间 代理确实提供匿名吗? 在bind9的dns中删除'www' mysqlnt.exe使用50%的CPU 从httpd获取回溯? 为什么我不能login到这个服务器? 如何添加包及其依赖关系到我自己的apt库 如何在Cygwin中启用清漆守护进程? grepfind从模式A开始的行,直到模式B匹配 Windows Server 2008 DNS在断电后停止工作 将PHP从5.3.5降级到5.3.2 具有双邮箱/ DAGangular色的Exchange安装程序 将所有请求redirect到一个特定的文件夹,除SSL之外的作品不?

虚拟networking,路由networking

我已经安装了一个centos 6.5。

我已经安装了一个主机pipe理程序libvirt(kvm-qemu),使用virt-manager进行pipe理,我已经安装了两个虚拟机(包括kvm),每个包含6.5个虚拟机。 例如centos65_1和centos65_2。

第一个centos65_1使用默认虚拟networking(NAT) 

name: default device: virbr0 state: active autoboot: yes ipv4 configuration net: 192.168.122.0/24 dhcp: start: 192.168.122.2 end: 192.168.122.254 forward: NAT

第二个centos65_2使用另一个我创build的虚拟networking(路由networking) 

 name: routed_network device: virbr1 state: active autoboot: yes ipv4 configuration net: 192.168.100.0/24 dhcp: start: 192.168.100.128 end: 192.168.100.254 forward: Routed

主办:

ifconfig当两个虚拟机正在运行 

 [root@isis jvr]# ifconfig Auto_eth0 Link encap:Ethernet HWaddr 20:CF:30:AE:65:47 inet addr:192.168.1.15 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::22cf:30ff:feae:6547/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:35 errors:0 dropped:0 overruns:0 frame:0 TX packets:35 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:19218 (18.7 KiB) TX bytes:2888 (2.8 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4958 errors:0 dropped:0 overruns:0 frame:0 TX packets:4958 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1546831 (1.4 MiB) TX bytes:1546831 (1.4 MiB) virbr0 Link encap:Ethernet HWaddr 52:54:00:96:45:DE inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:31 errors:0 dropped:0 overruns:0 frame:0 TX packets:16 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1886 (1.8 KiB) TX bytes:1344 (1.3 KiB) virbr1 Link encap:Ethernet HWaddr 52:54:00:2C:02:F9 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:29 errors:0 dropped:0 overruns:0 frame:0 TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1774 (1.7 KiB) TX bytes:1204 (1.1 KiB) vnet0 Link encap:Ethernet HWaddr FE:54:00:77:ED:C8 inet6 addr: fe80::fc54:ff:fe77:edc8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:31 errors:0 dropped:0 overruns:0 frame:0 TX packets:194 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:2320 (2.2 KiB) TX bytes:10756 (10.5 KiB) vnet1 Link encap:Ethernet HWaddr FE:54:00:A2:8D:8B inet6 addr: fe80::fc54:ff:fea2:8d8b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:29 errors:0 dropped:0 overruns:0 frame:0 TX packets:148 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:2180 (2.1 KiB) TX bytes:8328 (8.1 KiB) [root@isis jvr]# iptables -v -n -L --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT udp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 2 0 0 ACCEPT tcp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 0 0 ACCEPT udp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 4 0 0 ACCEPT tcp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 5 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 6 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 7 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 8 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 9 4997 1566K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 10 4 336 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 11 4 240 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 12 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 13 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5900 14 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5903 15 10 572 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 6 504 ACCEPT all -- * virbr1 0.0.0.0/0 192.168.100.0/24 2 6 504 ACCEPT all -- virbr1 * 192.168.100.0/24 0.0.0.0/0 3 0 0 ACCEPT all -- virbr1 virbr1 0.0.0.0/0 0.0.0.0/0 4 0 0 REJECT all -- * virbr1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 5 0 0 REJECT all -- virbr1 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 6 0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED 7 0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0 8 0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0 9 0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 10 0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 11 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT 5015 packets, 1551K bytes) num pkts bytes target prot opt in out source destination 
 [root@isis jvr]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.100.0 * 255.255.255.0 U 0 0 0 virbr1 192.168.1.0 * 255.255.255.0 U 1 0 0 Auto_eth0 192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0 default 192.168.1.1 0.0.0.0 UG 0 0 0 Auto_eth0 [root@isis jvr]# brctl show bridge name bridge id STP enabled interfaces virbr0 8000.5254009645de yes virbr0-nic vnet0 virbr1 8000.5254002c02f9 yes virbr1-nic vnet1

ping到客户端(vms)正在工作。

客户端(虚拟机)

centos65_1

它有静态IP

nano / etc / sysconfig / network-scripts / ifcfg-eth0 

 DEVICE=eth0 TYPE=Ethernet UUID=2b991cfa-4c3f-4619-8073-806710299fef ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none IPADDR=192.168.122.5 PREFIX=24 GATEWAY=192.168.122.1 DNS1=192.168.122.1 DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no NAME="System eth0" HWADDR=52:54:00:77:ed:c8 NETMASK=255.255.255.0 USERCTL=no

在centos65_1 ping到第二个虚拟机192.168.100.130,并到192.168.1.15和192.168.122.1的作品。 ping到192.168.1.1正在工作ping到google.com它的工作原理

NAT模式工作。

centos65_2

它有静态IP

nano / etc / sysconfig / network-scripts / ifcfg-eth0 

 DEVICE=eth0 HWADDR=52:54:00:a2:8d:8b TYPE=Ethernet UUID=d61375fb-6e4f-4f43-8015-9f7a218e1b39 ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=none DNS1=192.168.100.1 IPV6INIT=no USERCTL=no IPADDR=192.168.100.130 NETMASK=255.255.255.0 GATEWAY=192.168.100.1

在centos65_2 ping到第二个vm 192.168.122.5,并到192.168.1.15和192.168.100.1工作。

ping到192.168.1.1不工作ping到google.com不工作路由模式不工作

我怎么可能不能去外面的世界呢?

这个想法是在virt-manager为vms安装了一个路由器+防火墙的centos主机。 我以为新的虚拟networking(routed_network)已经使所有networking的东西。

我需要做什么,使networking正常工作? 我是虚拟networking的新手。

我不会在我的本地networking中使用DMZ,我想在本地networking和服务器上进行相同的networkingconfiguration。

谢谢。 问候。

IP转发是否启用? 检查sysctl net.ipv4.ip_forward 。 如果没有,那么使用sysctl -w net.ipv4.ip_forward=1来启用它(为了使这个更改永久化,请将net.ipv4.ip_forward = 1添加到/etc/sysctl.conf中。