Vmware中的NAT模式
NAT(地址转换模式):NAT模式借助虚拟NAT设备和虚拟DHCP服务器,使得虚拟机可以联网。在NAT模式中,主机网卡直接与虚拟NAT设备相连,然后虚拟NAT设备与虚拟DHCP服务器一起连接在虚拟交换机VMnet8上,这样就实现了虚拟机联网。我们的VMware Network Adapter VMnet8虚拟网卡主要是为了实现主机与虚拟机之间的通信。
1.安装Vmware之后,会在宿主机上产生两个网卡: Vmnet1和Vmnet8(Vmnet1: 仅主机,Vmnet8: NAT)
2.NAT的功能: 网络转换
3.Vmware上执行NAT转换功能的设备: 虚拟NAT设备: Vmnet8提供的功能
4.VMware上还提供了DHCP服务器
nmcli命令:
//nmcli对网络连接管理
[root@localhost ~]# nmcli connection
add delete edit help load monitor show
clone down export import modify reload up
1.设置一个为hello的网络:
[root@localhost ~]# nmcli connection add type ethernet con-name hello ifname ens160 ipv4.addresses 192.168.220.123/24 ipv4.gateway 192.168.220.2 ipv4.dns 114.114.114.114 ipv4.method manual connection.autoconnect yes
//配置内容为静态链接hello,基于ens160接口,地址为192.168.220.123/24,网关,手动连接
Connection 'hello' (a8e697c9-3f5a-446a-a3fe-ac550ce26216) successfully added.
[root@localhost ~]# nmcli connection up hello
此时链接断开(原因:我用的是ens160的接口连接,而我创建的连接依附于ens160的ip),重新链接则发现原来的ens160的地址无法连接,需要使用的是我定义的hello的地址
此时nmcli查看接口状态,发现ens160已经断开,使用的是hello接口
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
ens192 5dfea79d-6d5d-47de-a781-96b1f8478502 ethernet ens192
hello a8e697c9-3f5a-446a-a3fe-ac550ce26216 ethernet ens160
virbr0 3ae7e7a5-bb34-40ca-a9d4-7f99ba560e30 bridge virbr0
virbr0-nic fd71a0e9-15cb-476a-81a9-db160c698b77 tun virbr0-nic
ens160 e96d8802-1389-4ad0-9645-b1359f835ec8 ethernet -- 2.设置Team网卡的绑定
在 linux 中, Rhel7 之前都是使用 bond 机制来实现多网卡绑定同一个 IP 地址,来对网络提供访问,并按不同的模式来负载均衡或者轮回接替管理处理数据。而到了Rhel7 之后,提供了一种强大的工具,nmcli工具命令,使用此工具,将会根据命令参数的配置来重新生成特定的配置文件来供网络接口使用,方便而又灵活。在 Rhel7中,不再使用 bond 机制定义,而是使用网络组 team 机制,把 team 组当作一个设备
Team网络组的模式:①broadcast:每个网卡都传送数据包;②roundrobin:每个网卡轮询方式传送数据③activebackup:网卡之间有主备,主传送数据包,备的不传送,主网卡down了,备才传送④loadbalance:监控流量并使用哈希函数,使得每个网卡传送的数据包达到相等⑤lacp:需要借助交换机,实现高级的负载均衡
第一步:配置team0,并开始加入port1和port2接口
//第一步设置网组team0,并加入port1(ens160)和port2(ens192)
[root@localhost /]# nmcli connection add type team con-name team0 ifname team0 ipv4.addresses 192.168.220.111/24 ipv4.gateway 114.114.114.114 ipv4.method manual config '{"runner":{"name":"activebackup","hwaddr_policy":"by_active"}}'
Connection 'team0' (f75b3b3c-e0e7-4ca0-aac6-04ffcf78d628) successfully added.
[root@localhost ~]# nmcli connection add type team-slave con-name team0-port1 ifname ens160 master team0
Connection 'team0-port1' (bdace13c-3d3e-4c53-8c86-72d1d995ef6b) successfully added.
[root@localhost ~]# nmcli connection add type team-slave con-name team0-port2 ifname ens192 master team0
Connection 'team0-port2' (cc1e68db-a6d8-47c0-a62c-cfa987633255) successfully added.
//查看此时的连接状态
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
ens192 5dfea79d-6d5d-47de-a781-96b1f8478502 ethernet ens192
ens160 e96d8802-1389-4ad0-9645-b1359f835ec8 ethernet ens160
team0 f75b3b3c-e0e7-4ca0-aac6-04ffcf78d628 team team0
virbr0 3ae7e7a5-bb34-40ca-a9d4-7f99ba560e30 bridge virbr0
virbr0-nic fd71a0e9-15cb-476a-81a9-db160c698b77 tun virbr0-nic
hello a8e697c9-3f5a-446a-a3fe-ac550ce26216 ethernet --
team0-port1 bdace13c-3d3e-4c53-8c86-72d1d995ef6b ethernet --
team0-port2 cc1e68db-a6d8-47c0-a62c-cfa987633255 ethernet --
第二步:依次打开team-port接口和team0,并查看接口状态
//打开team0的port1和port2接口,最后打开team0的接口
[root@localhost ~]# nmcli connection up team0-port1
Connection successfully activated (D-Bus active path:/org/freedesktop/NetworkManager/ActiveConnection/11)
[root@localhost /]# nmcli connection up team0-port2
Connection successfully activated (master waiting for slaves) (D-Bus active path:/org/freedesktop/NetworkManager/ActiveConnection/11)
[root@localhost /]# nmcli connection up team0
Connection successfully activated (master waiting for slaves) (D-Bus active path:/org/freedesktop/NetworkManager/ActiveConnection/12)
//此时查看连接状态
[root@localhost /]# nmcli c show
NAME UUID TYPE DEVI>
team0 f75b3b3c-e0e7-4ca0-aac6-04ffcf78d628 team team>
team0-port1 bdace13c-3d3e-4c53-8c86-72d1d995ef6b ethernet ens1>
team0-port2 cc1e68db-a6d8-47c0-a62c-cfa987633255 ethernet ens1>
virbr0 3ae7e7a5-bb34-40ca-a9d4-7f99ba560e30 bridge virb>
virbr0-nic fd71a0e9-15cb-476a-81a9-db160c698b77 tun virb>
ens160 e96d8802-1389-4ad0-9645-b1359f835ec8 ethernet -- >
ens192 5dfea79d-6d5d-47de-a781-96b1f8478502 ethernet -- >
hello a8e697c9-3f5a-446a-a3fe-ac550ce26216 ethernet -- >
//此时查看team0的工作状态,显示活跃接口为ens160
[root@localhost /]# teamdctl team0 state view
setup:
runner: activebackup
ports:
ens160
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
ens192
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: ens160第三步:进行team0和活跃接口进行ping操作
//显示活跃接口为ens160,尝试去ping team0和team0的port1
[root@localhost /]# ping 192.168.220.111
PING 192.168.220.111 (192.168.220.111) 56(84) bytes of data.
64 bytes from 192.168.220.111: icmp_seq=1 ttl=64 time=0.020 ms
64 bytes from 192.168.220.111: icmp_seq=2 ttl=64 time=0.044 ms
64 bytes from 192.168.220.111: icmp_seq=3 ttl=64 time=0.062 ms
^C
--- 192.168.220.111 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 54ms
rtt min/avg/max/mdev = 0.020/0.042/0.062/0.017 ms
[root@localhost /]# ping 192.168.220.132
PING 192.168.220.132 (192.168.220.132) 56(84) bytes of data.
64 bytes from 192.168.220.132: icmp_seq=1 ttl=64 time=0.052 ms
64 bytes from 192.168.220.132: icmp_seq=2 ttl=64 time=0.031 ms
64 bytes from 192.168.220.132: icmp_seq=3 ttl=64 time=0.035 ms
64 bytes from 192.168.220.132: icmp_seq=4 ttl=64 time=0.031 ms
^C
--- 192.168.220.132 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 76ms
rtt min/avg/max/mdev = 0.031/0.037/0.052/0.009 ms
//关闭team0-port1接口
//此时显示的活跃接口为ens192继续ping
[root@localhost /]# ping 192.168.220.131
PING 192.168.220.131 (192.168.220.131) 56(84) bytes of data.
64 bytes from 192.168.220.131: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 192.168.220.131: icmp_seq=2 ttl=64 time=0.034 ms
^C
--- 192.168.220.131 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 47ms
rtt min/avg/max/mdev = 0.019/0.026/0.034/0.009 ms
[root@localhost /]# ping 192.168.220.111
PING 192.168.220.111 (192.168.220.111) 56(84) bytes of data.
64 bytes from 192.168.220.111: icmp_seq=1 ttl=64 time=0.025 ms
64 bytes from 192.168.220.111: icmp_seq=2 ttl=64 time=0.032 ms
^C
--- 192.168.220.111 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 12ms
rtt min/avg/max/mdev = 0.025/0.028/0.032/0.006 ms最后,删除接口team0-port1和team0-poet2及team0
[root@localhost /]# nmcli connection delete team0-port1
Connection 'team0-port1' (bdace13c-3d3e-4c53-8c86-72d1d995ef6b) successfully deleted.
[root@localhost /]# nmcli connection delete team0-port2
Connection 'team0-port2' (cc1e68db-a6d8-47c0-a62c-cfa987633255) successfully deleted.
[root@localhost /]# nmcli connection delete team0
Connection 'team0' (f75b3b3c-e0e7-4ca0-aac6-04ffcf78d628) successfully deleted.当然还可以去试着尝试其他类型的网卡模式 ,修改位置在'{"runner":{"name":"XXXXX","hwaddr_policy":"by_active"}}'
3.桥接配置
桥接就是把一台机器上的若干个网络接口连接起来(同一个网段),其结果是,其中一个网卡收到的报文会被复制给其他网卡发送出去。以使得网口之间的报文能够互相转发。(作用类似于交换机,将数据进行转发,桥接设备和主机之间互相不影响。此时ens192相当于一个在虚拟机里的虚拟主机,通过网桥和window进行连接)
//配置连接类型为桥接br1
[root@localhost ~]# nmcli connection add type bridge con-name br1 ifname br1
Connection 'br1' (10250b9f-c46a-4606-b8bb-c7d0fd9c6cc6) successfully added.
//修改桥接的ip地址,网关,与配置方式
[root@localhost ~]# nmcli connection modify br1 ipv4.addresses 192.168.220.222/24 ipv4.gateway 192.168.220.2 ipv4.method manual
[root@localhost ~]# nmcli connection add type bridge-slave con-name br1-port1 ifname ens192 master br1
Connection 'br1-port1' (3774aafa-cf29-4e72-bdb6-a1561fa3a347) successfully added.
//打开桥接接口
[root@localhost ~]# nmcli connection up br1-port1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/18)
//此时显示连接状态,此时ens192的接口为br1-port1
[root@localhost ~]# nmcli device status
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected hello
br1 bridge connected br1
virbr0 bridge connected virbr0
ens192 ethernet connected br1-port1
virbr0-nic tun connected virbr0-nic
lo loopback unmanaged -- 4.team网桥配置
//配置team1设备
[root@localhost ~]# nmcli connection add type team con-name team1 ifname team1 config '{"runner": {"name": "activebackup","hwaddr_policy":"by_active"}}'
//添加设备到team1
[root@localhost ~]# nmcli connection add type team-slave con-name team1-port1 ifname eno160 master team1
[root@localhost ~]# nmcli connection add type team-slave con-name team1-port2 ifname eno192 master team1
//激活team1的port设备
[root@localhost ~]# nmcli connection up team1-port1
[root@localhost ~]# nmcli connection up team1-port2
//激活team1设备
[root@localhost ~]# nmcli connection up team1
//查看team1状态
[root@localhost ~]# teamdctl team1 state
//断掉team1设备
[root@localhost ~]# nmcli device disconnect team1
//停用NetworkManager服务
[root@localhost ~]# systemctl stop NetworkManager.service
//禁止该服务开机启动
[root@localhost ~]# systemctl disable NetworkManager.service
//切换到网卡配置目录
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
//编辑team1配置文件
[root@localhost network-scripts]# vim ifcfg-team1
//追加如下内容:
BRIDGE=brteam1
//编辑team1从设备配置文件,只保留以下内容,移除和IP相关的信息
NAME=team1-port1
UUID=01de42d1-7304-4ef8-8c62-93c405cd8474
DEVICE=eno33554984
ONBOOT=yes
TEAM_MASTER=team1
DEVICETYPE=TeamPort
//配置brteam1配置文件
[root@localhost network-scripts]#vim ifcfg-brteam1
DEVICE=brteam1
ONBOOT=yes
TYPE=Bridge
IPADDR=192.168.171.152
PREFIX=24
//重启网络服务
[root@localhost ~]# systemctl restart NetworkManager
[root@localhost ~]#nmcli device connect team1
[root@localhost ~]# systemctl restart network
5906
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
