Shulou(Shulou.com)06/01 Report--

The purpose of this article is to share with you the content of an example analysis of routing configuration in a Linux system with multiple network cards. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

Routing configuration commands under Linux

1. Add host rout

Route add-host 192.168.1.11 dev eth0route add-host 192.168.1.12 gw 192.168.1.1

two。 Add Network rout

Route add-net 192.168.1.11 netmask 255.255.255.0 eth0route add-net 192.168.1.11 netmask 255.255.255.0 gw 192.168.1.1route add-net 192.168.1.0 net 24 eth0route add-net 192.168.1.0 gw 192.168.1.1

3. Add default Gateway

Route add default gw 192.168.1.1

4. Delete a rout

Route del-host 192.168.1.11 dev eth0

5. Delete default rout

Route del default gw 192.168.1.1

Several ways to configure permanent routing under Linux

1. Add routing information to / etc/rc.local

Route add-net 192.168.1.0 netmask 24 dev eth0# or route add-net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

two。 Add to / etc/sysconfig/network

GATEWAY= [gateway IP or gateway Nic name]

3. / etc/sysconfig/static-routes

Any net 192.168.1.0 any net 192.168.1.0 gw or 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

4. Enable IP forwarding

1. Temporary opening

Echo "1" > / proc/sys/net/ipv4/ip_forward

two。 Permanently open

Vim / etc/sysctl.conf

Modify net.ipv4.ip_forward=1

Lab: configure dual Nic hosts to use both internal and external networks

The background of this experiment is a problem encountered by the author in practice, and this experiment tries to restore the network environment at that time. Take it as a note and share it with the students who encounter this problem.

But I don't have any hardware right now. VMware Workstation and eNSP can only be used to simulate the experimental environment.

Problem background

As shown in the following topology, if the client node is removed, the internal and external networks are isolated from each other.

But the actual situation is that client nodes need to access both external and intranet resources, while client can only configure one default route. If the default route is configured on the external network card, client can access the resources of the 172.16.2.0 Universe 24 network and the resources of the external network, but the rest of the internal network resources cannot be accessed. If the default route is configured on the internal network card, client can fully access the internal network resources, but it cannot access the external network resources.

How to solve it?

Experimental environment

VMware Workstation Pro

4 minimally installed CentOS 7.3virtual machines

Huawei eNSP Simulator

Experimental topology

Without the client node, the internal network and the external network are isolated.

The external network is 10.0.0.0amp 16, which represents the operator's access network.

The intranet network is 172.16.0.0amp 16, which represents the intranet part (for security reasons, direct access to the Internet is not allowed).

Where:

Client is a host with dual network cards, and the network segments of the two network cards are 10.0.0.0Universe 16 and 172.16.2.0Universe 24, respectively.

A server with a server2 of 172.16.2.0 and a server of 24 network segments

A server with a server3 of 172.16.3.0 and a server of 24 network segments

The server4 is the server on the 24 network segment of 172.16.4.0.

Network planning

IP allocation

Node name IP address subnet mask remarks client10.0.0.101255.255.0.0client external network card 172.16.2.101255.255.255.0client internal network card Server2172.16.2.11255.255.255.0172.16.2.0/24 network segment some server Server3172.16.3.11255.255.255.0172.16.3.0/24 network segment some server Server4172.16.4.11255.255.255.0172 A server in the .16.4.0 / 24 network segment. The gateway of the intranet router 172.16.2.254255.255.0172.2.0Univer 24 is 172.16.3.254255.255.255.3.0172.3.0It is the gateway of 172.16.4.254255.255.0172.16.4.0Univer 24.

Virtual machine network card type

Network name VMware network card type network range operator network bridging 10.0.0.0/16VMnet2 host only 172.16.2.0/24VMnet3 host only 172.16.3.0/24VMnet4 only host 172.16.4.0 hand 24

How to implement the intranet router?

VMnet2, VMnet3 and VMnet4 are all in host-only mode, so under normal circumstances, only the computers in the network can communicate. How can we realize the communication between the three networks?

The answer is to use Cloud in Huawei's eNSP simulator. Using Cloud devices, you can connect the router in eNSP to the network card of the VMware virtual machine.

Configure the private network environment

Configure the router for eNSP

Interface IP address Subnet Mask G0swap 0172.16.2.254255.255.255.255.0G0G0G0G0G0G0G0Grex1172.16.3.254255.255.255.255.0G0G0Systematio [Huawei] 254255.255.0systemationview[ Huawei] int g0exex0Uniplex 0 [Huawei-GigabitEthernet0/0/0] ip address 172.16.2.254255.255.255.0 [Huawei-GigabitEthernet0/0/0] quit[ Huawei] int g0UniGue 1 [Huawei-GigabitEthernet0/0/] 1] ip address 172.16.3.254 255.255.255.0 [Huawei-GigabitEthernet0/0/1] quit[huawei] int g0/0/2 [Huawei-GigabitEthernet0/0/2] ip address 172.16.4.254 255.255.255.0 [Huawei-GigabitEthernet0/0/2] quit [huawei]

Modify the IP address of the virtual machine

Client

Nic name IP address subnet mask default gateway remarks ens3310.0.0.101255.255.0.010.0.0.1 public network card ens37172.16.2.101255.255.255.0

Internal network card

Server2

Nic name IP address subnet mask default gateway remarks ens33172.16.2.11255.255.255.0172.16.2.254

Server3

Nic name IP address subnet mask default gateway remarks ens33172.16.3.11255.255.255.0172.16.3.254

Server4

Nic name IP address subnet mask default gateway remarks ens33172.16.4.11255.255.255.0172.16.4.254

Build HTTP service on server

Take server2 as an example:

Create a simple HTTP service using Python

Cd ~ echo "server2" > index.htmlpython-m SimpleHTTPServer 8080

Control trial

Access the public network on client

Ping www.baidu.com-c 4

Access server2 on client

Ping 172.16.2.11-c 4

Access server3 on client

Ping 172.16.3.11-c 4

Access server4 on client

Ping 172.16.4.11-c 4

In the control experiment, it can be seen that when client configures the default gateway on the external network card, the client of the dual network card can normally access the 172.16.2.0 Unix 24 part of the external network and the internal network, while 172.16.3.0 Universe 24 and 172.16.4.0 Universe 24 cannot be accessed.

Why can client access the 172.16.2.0 ax 24 network, but not the rest of the 172.16.0 amp 16 network?

Because client is located in the 172.16.2.0 Universe 24 network and communicates within the network, packets do not have to be sent to other networks, and of course the default gateway does not work.

When client communicates with the rest of the 172.16.0.0Comp16 network, the routing table of client does not record the path to the destination address, so client can only foolishly send the packet to the default gateway, and from then on the packet and the real destination address are "poles apart". Of course, the result of ping is that the network is unreachable.

Routing configuration

View the routing table on client

Route

Add routes on client

Route add-net 172.16.0.0amp 16 gw 172.16.2.254

Permanent configuration, then add routing information to / etc/rc.local

Route add-net 172.16.0.0amp 16 gw 172.16.2.254

View routing tabl

Route

Experimental results

Test connectivity

Ping www.baidu.com-c 4

Ping 172.16.2.11-c 4

Ping 172.16.3.11-c 4

Ping 172.16.4.11-c 4

Access to internal and external network resources

Curl http://www.baidu.com/

Curl http://172.16.2.11:8080/index.htmlcurl http://172.16.3.11:8080/index.htmlcurl http://172.16.4.11:8080/index.html

The solution is very simple. It's just a command.

However, the principles, concepts and theories behind this command need us to study deeply.

Thank you for reading! This is the end of the article on "example analysis of routing configuration in Linux system with multiple network cards". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.