众客华禹 – 网站运维分享-IT技术资源教程-运维成长之路-个人随笔-华禹个人博客网站

一、网卡配置

1、nat转换，kvm 网卡配置默认安装虚拟机是nat

二、基本查看命令

查看宿主机网卡：

[root@centoszhu opt]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.207.133  netmask 255.255.255.0  broadcast 192.168.207.255
        inet6 fe80::42dc:4fac:357f:ed9c  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:84:c4:39  txqueuelen 1000  (Ethernet)
        RX packets 7270  bytes 899317 (878.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3332  bytes 421317 (411.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 34  bytes 2744 (2.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34  bytes 2744 (2.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:93:4c:f8  txqueuelen 1000  (Ethernet)
        RX packets 582  bytes 40920 (39.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 520  bytes 46710 (45.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500                                          第一个虚拟机的网卡
        inet6 fe80::fc54:ff:fe6b:ebb9  prefixlen 64  scopeid 0x20<link>
        ether fe:54:00:6b:eb:b9  txqueuelen 1000  (Ethernet)
        RX packets 183  bytes 14700 (14.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1350  bytes 80145 (78.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500                                           第二个虚拟机的网卡
        inet6 fe80::fc54:ff:fe96:81cd  prefixlen 64  scopeid 0x20<link>
        ether fe:54:00:96:81:cd  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

查看虚拟交换机:

[root@centoszhu opt]# brctl show
bridge name    bridge id        STP enabled    interfaces
virbr0        8000.525400934cf8    yes        virbr0-nic
                            vnet0
                            vnet1

查看内核转发参数：

[root@centoszhu opt]# sysctl -a|grep ipv4|grep forward
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.ens33.forwarding = 1
net.ipv4.conf.ens33.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.virbr0.forwarding = 1
net.ipv4.conf.virbr0.mc_forwarding = 0
net.ipv4.conf.virbr0-nic.forwarding = 1
net.ipv4.conf.virbr0-nic.mc_forwarding = 0
net.ipv4.conf.vnet0.forwarding = 1
net.ipv4.conf.vnet0.mc_forwarding = 0
net.ipv4.conf.vnet1.forwarding = 1
net.ipv4.conf.vnet1.mc_forwarding = 0
net.ipv4.ip_forward = 1                                                   1为开启
net.ipv4.ip_forward_use_pmtu = 0
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0-nic.stable_secret"
sysctl: reading key "net.ipv6.conf.vnet0.stable_secret"
sysctl: reading key "net.ipv6.conf.vnet1.stable_secret"[root@centoszhu opt]# sysctl net.ipv4.ip_forward=0                        临时调内核参数

查看规则：

[root@centoszhu opt]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
PREROUTING_direct  all  --  0.0.0.0/0            0.0.0.0/0           
PREROUTING_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
PREROUTING_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
OUTPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
RETURN     all  --  192.168.122.0/24     224.0.0.0/24        
RETURN     all  --  192.168.122.0/24     255.255.255.255     
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24                                    只要是192.168.122.0段的就模拟成本机的外网地址

三、修改虚拟机网卡为桥接

1、拓扑图

2、手动配置桥接网卡

编辑网卡配置文件

vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=80960b0d-54cd-41db-bb42-28d30da2afa4
DEVICE=ens33
ONBOOT=yes
BRIDGE="br0" //添加这一行，如果配置过静态ip，需要把ipaddr，gateway，netmask，dns配置删除

添加网卡配置文件

vim /etc/sysconfig/network-scripts/ifcfg-br0

DEVICE="br0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Bridge"
BOOTPROTO=dhcp   #这里也可以设置成静态IP

重启网卡服务

systemctl restart network

查看当前IP

ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 192.168.10.13  netmask 255.255.255.0  broadcast 192.168.10.255
    inet6 fe80::20c:29ff:febe:8be8  prefixlen 64  scopeid 0x20<link>
    ether 00:0c:29:be:8b:e8  txqueuelen 1000  (Ethernet)
    RX packets 1109336  bytes 4514990433 (4.2 GiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 984697  bytes 53197602 (50.7 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
　　ether 00:0c:29:be:8b:e8 txqueuelen 1000 (Ethernet)
　　RX packets 3280291 bytes 4647765745 (4.3 GiB)
　　RX errors 0 dropped 0 overruns 0 frame 0
　　TX packets 984898 bytes 59123703 (56.3 MiB)
　　TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
    inet 127.0.0.1  netmask 255.0.0.0
    inet6 ::1  prefixlen 128  scopeid 0x10<host>
    loop  txqueuelen 1000  (Local Loopback)
    RX packets 0  bytes 0 (0.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 0  bytes 0 (0.0 B)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
 
virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
    inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
    ether 52:54:00:67:94:c0  txqueuelen 1000  (Ethernet)
    RX packets 0  bytes 0 (0.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 0  bytes 0 (0.0 B)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
 
vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet6 fe80::fc54:ff:fed1:8167  prefixlen 64  scopeid 0x20<link>
    ether fe:54:00:d1:81:67  txqueuelen 1000  (Ethernet)
    RX packets 85  bytes 7298 (7.1 KiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 731  bytes 62680 (61.2 KiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

查看桥接信息