Lab介紹:
宿主機:rhel6.5 eth0一塊網卡
客戶機:guest1 192.168.18.10/25 gw:192.168.18.1 vlan10
guest2 192.168.18.199/25 gw:192.168.18.192 vlan20
Lab思路:
實驗需要兩個vlan[vlan10,vlan20],所以需要基於eth0需要虛擬兩個邏輯網卡,邏輯網卡命名方式是:物理網卡.vlan_ID,這樣設置的目的是自動將網卡加入不同vlan.
eth0.10 默認該網卡屬於 vlan10
eth0.20 默認該網卡屬於 vlan20
編輯邏輯網卡,開啓vlan功能。
創建兩個橋br10 br20.將邏輯網卡和橋接網卡建立鏈接。
eth0.10 <======> br10
eth0.20 <======> br20
Lab步驟:
1.進入網卡配置文件的保存目錄
[root@baism network-scripts]# cd /etc/sysconfig/network-scripts/
2.新建邏輯網卡及橋接網卡文件
[root@baism network-scripts]# ls
ifcfg-br10 ifcfg-eth0.10 ifcfg-wlan0 ifdown-eth ifdown-isdn ifdown-routes ifup ifup-eth ifup-isdn ifup-post ifup-sit init.ipv6-global network-functions-ipv6
ifcfg-br20 ifcfg-eth0.20 ifdown ifdown-ippp ifdown-post ifdown-sit ifup-aliases ifup-ippp ifup-plip ifup-ppp ifup-tunnel net.hotplug
ifcfg-eth0 ifcfg-lo ifdown-bnep ifdown-ipv6 ifdown-ppp ifdown-tunnel ifup-bnep ifup-ipv6 ifup-plusb ifup-routes ifup-wireless network-functions
3.物理網卡配置信息
[root@baism network-scripts]# more ifcfg-eth0
DEVICE=eth0
HWADDR=F0:DE:F1:76:80:F7
TYPE=Ethernet
UUID=761f4340-1168-47d7-9cf9-357f51a2ac5e
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
4. eth0.10 邏輯網卡配置信息
[root@baism network-scripts]# more ifcfg-eth0.10
DEVICE=eth0.10
HWADDR=F0:DE:F1:76:80:F7
TYPE=Ethernet
UUID=761f4340-1168-47d7-9cf9-357f51a2ac5e
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
BRIDGE=br10
VLAN=yes
5. eth0.20 邏輯網卡配置信息
[root@baism network-scripts]# more ifcfg-eth0.20
DEVICE=eth0.20
HWADDR=F0:DE:F1:76:80:F7
TYPE=Ethernet
UUID=761f4340-1168-47d7-9cf9-357f51a2ac5e
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
BRIDGE=br20
VLAN=yes
6. 橋接網卡br10配置信息
[root@baism network-scripts]# more ifcfg-br10
DEVICE=br10
TYPE=Bridge
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.18.1
NETMASK=255.255.255.128
GATEWAY=192.168.18.1
7.橋接網卡br20配置信息
[root@baism network-scripts]# more ifcfg-br20
DEVICE=br20
TYPE=Bridge
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.18.192
NETMASK=255.255.255.128
GATEWAY=192.168.18.192
8.重啓網絡服務後查看vlan信息
[root@baism network-scripts]# cat /proc/net/vlan/
config eth0.10 eth0.20
[root@baism network-scripts]# cat /proc/net/vlan/config
VLAN Dev name | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.10 | 10 | eth0
eth0.20 | 20 | eth0
9.查看橋接是否建立
[root@baism network-scripts]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.f0def17680f7 no eth0
br10 8000.f0def17680f7 no eth0.10
br20 8000.f0def17680f7 no eth0.20
pan0 8000.000000000000 no
virbr0 8000.525400f9b02a yes virbr0-nic
10.啓動客戶機並設置IP
爲 guest1 設置IP 192.168.18.10/25/192.168.18.1
爲 guest2 設置IP 192.168.18.199/25/192.168.18.192
11.ping測試
guest1 ----> 192.168.18.10 OK
guest1 ----> 192.168.18.1 OK
guest1 ----> 192.168.18.192 OK
guest1 ----> 192.168.18.199 FAIL
guest2 ----> 192.168.18.199 OK
guest1 ----> 192.168.18.192 OK
guest1 ----> 192.168.18.1 OK
guest1 ----> 192.168.18.10 FAIL
從上述測試結果可以看出vlan內的機器可以互通,不同vlan不能通信
12.vlan間互通,開啓宿主機路由,並清空防火牆,因爲默認防火牆拒絕轉發。
[root@baism network-scripts]#echo 1 > /proc/sys/net/ipv4/ip_forward
[root@baism network-scripts]#iptables -F
guest1 ----> 192.168.18.199 OK
guest1 ----> 192.168.18.10 OK
ping test OK