• m Linux pЉ|
    osGAзR firefox s
    | cD | ̔D | g | A | ~R | ୱR | w޲z | QAO | Ŏ | y`~ | m | Xs |
    @ @ @
    @
    ̪sG2011/07/22
    pG IP OPAltp󨫨AaNOyѡz\TIkpGQOѤlAѾNOѤllI RMOĤGغ䪺AN]wӰϺѾWӤwCɷ|ΨѾH pGA줤ݭnN IP AϹjXPsϬqɡANonzLѾʥ]茻OFC جOU@بP NAT Aoݧ~ezU@طQnQAƱI


    jADϥ8.1

    ڭ̦bĤGغ̭ͨL}yA L̤j\NObDڭ̳Wُʥ]ǻ覡PVCܩѪ[ԎhiHϥ route oӫOӬd\P]wC nFAѪΦǡHASMpT{ѬO_TOH


    pADϥ8.1.1 Ѫͪ

    pPĤGغ̭ͨ쪺AC@DEۤvѪA ]NOAAnzLAۤvѪӶǻADEʥ]U@ӸѾWYC YǰeXhAMʥ]NonzLU@ӸѾѪӶǰeFAɻPAۤvDEѪNS}YTI ҥHApGWY@Ѿ]wh~A...ʥ]yVN|oͫܤjDC ڭ̴NonzL traceroute ӹA@UC router ʥ]yVoC

    OKIAۤvDEѪ쩳LjOHڭ̥HUoӸѪӻG

    [root@www ~]# route -n
    Kernel IP routing table
    Destination  Gateway        Genmask         Flags Metric Ref  Use Iface
    192.168.1.0  0.0.0.0        255.255.255.0   U     0      0      0 eth0 <== 1
    169.254.0.0  0.0.0.0        255.255.0.0     U     1002   0      0 eth0 <== 2
    0.0.0.0      192.168.1.254  0.0.0.0         UG    0      0      0 eth0 <== 3
    

    Aڭ̱oDb Linux tUѪOѤpkƦCjkA ҦpWѪSAѬOѡy 192.168.1.0/24 --> 169.254.0.0/16 --> 0.0.0.0/0 (w]) zӱƦCC SDEʥ]ݭnǰeɡAN|d\WzTӸѳWhApNMʥ]ǰeXhC A||\o_ǡA|oXӸѩOHѪDnoXRpӳ]pG

    • ̾ںͪ IP ӦsbG

      Ҧp 192.168.1.0/24 oӸѪsbOѩmoDEW֦ 192.168.1.100 o IP }YI ]NOAADEWXӺsbɡAMN|sb@ӸѤ~C ҥHAU@ADEӺɡAҦp 192.168.1.100, 192.168.2.100 ɡAѦܤִN|G
      [root@www ~]# ifconfig eth1 192.168.2.100
      [root@www ~]# route -n
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
      192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
      169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
      0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
      

    • ʩιw](default route)G

      AiHϥ route oӫOʪB~ѳ]wAҦpӹw] (0.0.0.0/0) NOB~ѡC ϥ route oӫOɡA̭n@yOGyAҳWُѥnOAUm (p eth0) IP iH^q (broadcast) pz~C|ҨӻAHWzӬݡA ڪ̭Ȧ 192.168.1.100 192.168.2.100 AڦpGQns^ 192.168.5.254 oӸѾɡA UFG
      [root@www ~]# route add -net 192.168.5.0  \
      > netmask 255.255.255.0 gw 192.168.5.254
      SIOCADDRT: No such process
      
      ݧaItN|^RSks^MkA]ڭ̪P 192.168.5.0/24 ڥNS}YI pG 192.168.5.254 uObڭ̪s^WAåBPڭ̪ eth0 s^b@_AARMOo˰G
      [root@www ~]# route add -net 192.168.5.0  \
      > netmask 255.255.255.0 dev eth0
      [root@www ~]# route -n
      Kernel IP routing table
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.5.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
      192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
      192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
      169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
      0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
      
      o˧ADEN|^ eth0 oӗUmhs^ 192.168.5.254 FI t~AWщKXIOӡyFlags G zFI] G NϥΥ~Um@ Gateway NIӨ Gateway (192.168.1.254) nbڭ̪wsb줤C oiOܭnyI ^_^

    • ʺAѪG

      FWoRiH^ϥΫOkӼW[ѳWh~AR@RzLѾPѾΥHFʺAѪA LANݭnB~n䴩FAҦpG zebra (http://www.zebra.org/) CentOS W Quagga (http://www.quagga.net/) oXӳnFI

    WAb Linux ѳWhOzL֤ߨӹFAҥHoǸѪWhOb֤ߥ\ऺ[I]NObOSI ^_^


    pADϥ8.1.2 @Ӻdjh IPG IP Alias γ~

    ڭ̦bĤت ifconfig O̭͹L eth0:0 oӗUmaHoӗUmiHb쥻 eth0 W[X@ӵ[XӡAHڭ̭쥻d㦳h IP A㦳h IP \NQ٬ IP Alias FCӳo eth0:0 UmiHzL ifconfig ip oӫOӹFA }oӫOγ~ꑦ^heظ`\ŪAo̤AOgT[I

    Aγ\|ݔ[Gyo IP Alias ԣγ~[HznDIo IP Alias ̤jγ~NOiHAΨӡyRzI 򻡩OHڭ̴NӃԤ@ԥLXӱ`γ~nFG

    • G

      򻡥ΨӴOH|ҨӻA{bϥ IP ɾBͫܦhaA IP ɾ]wq`Oϥ WWW ӴѪCo IP ɾq`|@Өp IP YO 192.168.0.1 ϥΪ̶} WWW sCDӤFAAnps^Wo IP ɾOHKKIbʬJUAAiH^QΡG
      [root@www ~]# ifconfig [device] [ IP ] netmask [netmask ip] [up|down]
      [root@www ~]# ifconfig eth0:0 192.168.0.100 netmask 255.255.255.0 up
      
      ӫإߤ@ӵ[Ao˴NiHߨs^W IP ɾFA]|ʨA쥻Ӌ]wȭI

    • b@kth IP kG

      t~ApG^Obɲ߯ZΪ̬Ox쪺ܡAѩ쥻DE]w̦nnHKקA pGnP̤jaqҦqTɡANiHCӦPzL IP Alias ӳ]wP@k IP A pjaNiHbP@ӺqiUAȪFAܤhaI

    • J]QLkѧhdG

      pGAoDEݭns^hӺkAM]QoLkѦwUhdɡAAunjϥ IP Alias ӴѤPqsuAȤFI

    LAAݭnDOGҦ IP Alias Od[ӪAҥHSnŰ eth0:0 ɡAeth0 nQŰʤ~CS eth0 Q}AҥH eth0:n [dNPɤ]Q}CoonA~A _h``|dhŰʪUm[IbѳWh]wSA``ݭni@ǴAo IP Alias NWγFC רOx쪺mSI

    򥻤WADSݨDA_hijAnh IP ɡA̦nbPdWFApGAunϥ IP Alias ɡApb}EɭԴNŰ IP alias OHkܦhTI]ANW ifconfig ŰʪOgJ /etc/rc.d/rc.local ɮפ (ϥ /etc/init.d/network restart ɡAM IP alias LkQsŰ)A mӤHijϥΦpU覡ӳBzG

    • zLإ /etc/sysconfig/network-scripts/ifcfg-eth0:0 ]w

      |ҨӻAAiHzLUoӤkӫإߤ@ӵ[Um]wɮסG
      [root@www ~]# cd /etc/sysconfig/network-scripts
      [root@www network-scripts]# vim ifcfg-eth0:0
      DEVICE=eth0:0            <==SnI@wnPɦWۦPUmNI
      ONBOOT=yes
      BOOTPROTO=static
      IPADDR=192.168.0.100
      NETMASK=255.255.255.0
      
      [root@www network-scripts]# ifup eth0:0
      [root@www network-scripts]# ifdown eth0:0
      [root@www network-scripts]# /etc/init.d/network restart
      
      }Um]wɮפhӋA аѦĥ| 4.2.1 ʳ]w IP Ӌ}A bAԭzIϥγoӤkӦnBANOSAϥΡy /etc/init.d/network restart zɡAt̂H|ϥΧA ifcfg-eth0:0 ɮפ]wȨӎŰʧA[dIt~AA ifcfg-eth0:0 ONBOOT ]wȬAun ifcfg-eth0 od]wɤA ONBOOT yes ɡA}EN|N eth0:n ŰC

    zLo̔xkAANiHb}EɭԎŰʧA[Өoh IP bP@idWFCLݭn`NOA pGAoidOzL DHCP HΤʪ覡ӳ]wA IP ӋA dhcp oȥϥdAYO eth0 dNAӤʪNH eth0:0 Nӳ]wΡC

    Tips:
    bH CentOS 4.x ApGA eth0 Oϥ DHCP Өo IP ӋܡAѩ ifup /etc/init.d/network o script {Xg覡AN|fP ifcfg-eth0:0 oӳ]wɤ|QϥΨILoӰDb CentOS 5.x H᪺wgQJAoI
    mϥ

    pADϥ8.1.3 ƸѪD

    ܦhBͥiೣ@ӥiRQkANOGyڥiiHQΨidA QΨӬۦPk IP ӼW[ڳoDEyqzHWoO@ӥi檺סA LnzL\h]wӹFAYAݨDܡAiHѦҺHjgo@g (1)G

    pGuOxªH]wnid IP bP@ӺkN^W[ADE⭿yqAiNjhShF OHROoڭ̦bѪWh̭Lʥ]ǻDnO̾ڥDEѪWhaI pGAidɡA]G (UTЫҡA@I)

    • eth0 : 192.168.0.100
    • eth1 : 192.168.0.200
    AѳWh|OpOHzAW|ܦoˡG
    [root@www ~]# route -n
    Kernel IP routing table
    Destination     Gateway   Genmask         Flags Metric Ref   Use Iface
    192.168.0.0     0.0.0.0   255.255.255.0   U     0      0       0 eth1
    192.168.0.0     0.0.0.0   255.255.255.0   U     0      0       0 eth0
    

    ]NOA(1)SnDʵoeʥ] 192.168.0.0/24 kɡAu|zLĤ@Wh A]NOzL eth1 ӶǥXhI (2)b^Rʥ]譱AެO eth0 RO eth1 iӪʥ]A|zL eth1 Ӧ^Ioi|y@ǰDAרO@ǨWh譱Aܥi|oͤ@Yh~A p@ӡAڥSkFtwA]|W[yqĪGI GOARioͫʥ]ǻh~poIҥHAP@DEW]wۦPk IP ɡA onSOdNAѳWhA@ӻARM]wP@qP IP bP@DEWC ҦpWרҴNO@Ӥnܽd[I

    Tips:
    |SOjճo[OHj 2000 ~eAm^IJ Linux ɡAѩSɪt׬SwCA FɺyqmOɤ߫[ӷQ컡ApGdANiHW[yqFܡHON]wFӦPk IP b@DEidWAGOHܦhAȳLksqFINO]hLAҥH~jPLH[Ih~gߪkh ^_^I
    mϥ

    jADϥ8.2 Ѿ[]

    ڭ̪Dbk̭DEiHzLs覡Ӷiʥ]ǰeAbPqDEQn۳suɡANonzLѾFC 򤰻OѾHLDn\OHUڭ̴NӃԤ@ԡI


    pADϥ8.2.1 OѾP IP ɾ

    JMDEQnNƶǰe줣PkɱozLѾDAҥHTAѾDn\NOGy茻ʥ]zoI]NOAѾ|Rӷݫʥ] IP YAbYXneF؊A IP AzLѾѪ (routing table) ӱNoӫʥ]VU@ӥ؊A (next hop) ǰeCoNOѾ\C Ѿ\iHpFOHثeRkiHFG

    • w\GҦp Cisco, TP-Link, D-Link (2) ΤqͲwѾA oǸѾOJ@~tAiHtdPkʥ]茮P茻Υ\F

    • n\GҦp Linux oӧ@~t֤ߴNѫʥ]茻OC

    @픪ѾiHsPw]QAåBiH茮ܦhPʥ]榡Aq`...]Ky[I boӏظ`̭Aڭ̨èSnؐQo@픪NNAȰQAbAӺY̔xѾ\G s^ӤPkCKKIoӥ\ Linux ӤHqNiHFFIFOH

    • }֤ߪʥ]茻 (IP forward) \

    NpPѪO Linux ֤ߥ\ҴѪAo茻ʥ]O]O Linux ֤ߩҴѡA p[Ԏ֤߬O_wgŰʫʥ]茻OH̔x[A[Ԏ֤ߥ\઺ɮקYiApUҥܡG

    [root@www ~]# cat /proc/sys/net/ipv4/ip_forward
    0  <== 0 NSŰʡA 1 NŰʤF
    

    nMɮתeܦŰʭ 1 ̔xONOϥΡGyecho 1 > /proc/sys/net/ipv4/ip_forwardzYiC LAoӳ]wGbUs}EN|ġC]Amijz^קt]wɪeANO /etc/sysctl.conf ӹF}EŰʫʥ]茻\C

    [root@www ~]# vim /etc/sysctl.conf
    # NUoӳ]wȭק勵TYiI (ӭȬ 0 ANאּ 1 Yi)
    net.ipv4.ip_forward = 1
    
    [root@www ~]# sysctl -p  <==ߨM]wͮ
    

    sysctl oӫOOb֤ߤu@ɥΨӪ^ק֤߰Ӌ@ӫOAh\iHѦ man sysctl dߡC nháIunoӰʧ@AA Linux N㦳̔xѾ\FCӥѩ Linux ѾѪ]wkPAq`ѾWُѪ覡NRG

    • RAѡG^H route oӫOӪ^]wѪ֤ߥ\SA]wȥunPk۲ŧYiC LASAkܤƮɡAѾNons]wF

    • ʺAѡGzL Quagga zebra n骺\AodzniHwUb Linux ѾWA ӳodzniHʺAkܤơAê^ק Linux ֤ߪѪTA ALʥH route ӭקAѪTI

    AFѾA^UӧAiݭnA줰O NAT (Network Address Translation, }茮) AA NAT OH IP ɾNO̔x NAT ATIKKAAFܡHShA NAT iHF IP ɪ\A NAT NO@ӸѾAuO NAT ѾhF@ӡy IP 茂z\C򻡩OH

    • @ӻAѾ|ӺAzLѾ IP 茻\ӺkiH۷qʥ]C pGӤ@O@ IP (public IP) @Op IP (private IP) OH ѩp IP ઽ^P@ IP qѸTAɴNonB~y IP 茮z\FF

    • Linux NAT AiHzLקʥ] IP YƤӷΥ؊A IP AӦۨp IP ʥ]iH茦 NAT A@ IP ANiHsW Internet I

    ҥHASѾݪkOO Public P Private IP ɡA~ݭn NAT \I NAT \ڭ̷|bU@ɽͤΡA oӏظ`ȽA@UѾӤw[I ^_^


    pADϥ8.2.2 ɻݭnѾ

    @ӻAqӋqpӋQp~OLѾAuݭnQ hub/switch ^UqA MzLx@us^ Internet WYiCLApGOWLӋʈqj~A ѩL̪q`ݭnҼ{pUpA]~ݭnѾ[]G

    • uGuήį઺ҶqG

      b@ɤjӪPӼhn^Ҧqi঳IסAiHzLCӼӼh[]@ѾA ñNCӼӼhѾ۳s^AN^̔x޲zUӼhF ~ApGUӼhQ[]ѾAӬO^Hu^UӼh hub/switch ɡA ѩP@kƬOzLsӶǻASӤjӪY@qbsɡA ҦqN|H^RAzI|yjӤį઺DFҥH[]ѾNujA NUo譱įF

    • W߻PO@ƪҶqG

      b\ŪLĤGغAAN|ֱoA unuOs^b@_ASƳzLsɡAANiHzL tcpdump OӺoʥ]ơA åBHѨҥHApGAƥiݭnWߡA Ϊ̬OYǭnƥnbq]HO@ɡAiHNǭnq@ӿWߪkA B~[]BѾγs^WqkC

    ѾNuO@ӳ]QAnpϥκݬݧA쪺WُIWȬO|X@RήרҡC Uڭ̥N[]@RAѪѾӪ@aI


    pADϥ8.2.3 RAѤѾ

    ]bQqSAF@¾u@ιqO^s^~ѾӳsںA bR@ӈݭnwWA]oWُiOo˪p (Ѧ 3.2-1 eӨ)G

    RAѤѾ[cܷN
    8.2-1BRAѤѾ[cܷN

    HWϪ[cӻAoaqDn class C qAOOG

    • @Ϻ(192.168.1.0/24) G]A Router A, workstation H Linux Router TDEҺcF
    • O@(192.168.100.0/24)G]A Linux Router, clientlinux, winxp, win7 ΥDEҺcC

    䤤 192.168.1.0/24 OΨӰ@us^ںΪAܩ 192.168.100.0/24 hOSΪCworkstation NO@uqAclientlinux winxp, win7 hOSu@ιqA Linux Router hOoӯSΨӳs^줽qkѾCbo˪[cUA MSʥ]N^PqL@骺jFC

    ѤWϧA]o{AunO㦳Ѿ\઺]Q (Router A, Linux Router) |㦳ӥHWA OΨӷqPkAPMѾ]|㦳@ӹw]є[I ^_^I t~AARiH[W@Ǩnb Linux Router WAHO@ clientlinux, winxp, win7 OI

    ڭ̥ؐQ@UsuEnFAq clientlinux oqͰ_CpG clientlinux QnsW InternetALsup|OpH

    • o_suݨDGclientlinux --> Linux Router --> Router A --> Internet
    • ^RsuݨDGInternet --> Router A --> Linux Router --> clientlinux

    [Ԏ@U Router ]wAnFWz\Ah Router A nӤA@ӬO~ Public IP @ӫhO鷺 Private IP A] IP OPA] Router A RݭnB~W[ NAT oE~AoEڭ̦bظ`|~ͨC ~ARouter A äݭnB~]wCܩ Linux Router N̔xFIƳΧ@ANӺd]w IP A åBŰʮ֤ߪʥ]茻\AߨN[]ܤFID`̔xIڭ̴Nӽͤ@ͳoXE]waI


    • Linux Router

    boDEݭnidAmbo̱NLwq (]AwgN@ eth0:0 F)G

    • eth0: 192.168.1.100/24
    • eth1: 192.168.100.254/24
    # 1. Aݬ eth0 ]waIMڭ̤wgbĥ|شNdwFG
    [root@www ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE="eth0"
    HWADDR="08:00:27:71:85:BD"
    NM_CONTROLLED="no"
    ONBOOT="yes"
    BOOTPROTO=none
    IPADDR=192.168.1.100
    NETMASK=255.255.255.0
    GATEWAY=192.168.1.254   <==̭n]w[IzLoDEsXhI
    
    # 2. ABz eth1 oie@SXʪdaI
    [root@www ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
    DEVICE="eth1"
    HWADDR="08:00:27:2A:30:14"
    NM_CONTROLLED="no"
    ONBOOT="yes"
    BOOTPROTO="none"
    IPADDR=192.168.100.254
    NETMASK=255.255.255.0
    
    # 3. Ű IP 茻Au@\~I
    [root@www ~]# vim /etc/sysctl.conf
    net.ipv4.ip_forward = 1
    # Wz]wȡANw] 0 אּWz 1 YiIxsm}hI
    [root@www ~]# sysctl -p
    [root@www ~]# cat /proc/sys/net/ipv4/ip_forward
    1   <==oNOIInO 1 ~iHI
    
    # 4. sŰʺAåB[ԎѻP ping Router A
    [root@www ~]# /etc/init.d/network restart
    [root@www ~]# route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.100.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
    # WIb̫᭱ӸѾ]wO_TI
    
    [root@www ~]# ping -c 2 192.168.1.254
    PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data.
    64 bytes from 192.168.1.254: icmp_seq=1 ttl=64 time=0.294 ms
    64 bytes from 192.168.1.254: icmp_seq=2 ttl=64 time=0.119 ms <==^RYi
    
    # 5. Ȯ}Io@B]ܭnI
    [root@www ~]# /etc/init.d/iptables stop
    

    ^̔xaIӥBzL̫᪺ ping ڭ̤]D Linux Router iHsW Router A oIo˧A Linux Router N OK FoI~ACentOS 6.x w]Wh|NӦۤPdqʥ]AҥHRonȮ}~C ^UӫhOn]w clientlinux oӳQO@DEoC


    • O@kAH clientlinux

    AA clientlinux O@R@~tAA쳣RMOo˪ ( 8.2-1)G

    • IP: 192.168.100.10
    • netmask: 255.255.255.0
    • gateway: 192.168.100.254
    • hostname: clientlinux.centos.vbird
    • DNS: 168.95.1.1

    H Linux @~tҡAåB clientlinux Ȧ eth0 @idɡAL]wOo˪G

    [root@clientlinux ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE="eth0"
    NM_CONTROLLED="no"
    ONBOOT="yes"
    BOOTPROTO=none
    IPADDR=192.168.100.10
    NETMASK=255.255.255.0
    GATEWAY=192.168.100.254  <==oӳ]w̭nTI
    DNS1=168.95.1.1          <==oӴNΦۤv /etc/resolv.conf
    
    [root@clientlinux ~]# /etc/init.d/network restart
    [root@clientlinux ~]# route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.100.0   0.0.0.0         255.255.255.0   U     1      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
    0.0.0.0         192.168.100.254 0.0.0.0         UG    0      0        0 eth0
    
    [root@clientlinux ~]# ping -c 2 192.168.100.254 <==pingۤvgateway(|\)
    [root@clientlinux ~]# ping -c 2 192.168.1.254   <==ping~gateway(|)
    

    ̫@Ӱʧ@DI|s ping Sk ping Router A IP OHpGs ping Sk^RܡA ܧڭ̪suODIAq誺^RsuݨDy{Ӭݤ@UaI

    • o_suGclientlinux --> Linux Router (OK) --> Router A (OK)
    • ^RsuGRouter A ( router A n^R؊AO 192.168.100.10)ARouter A Ȧ public P 192.168.1.0/24 ѡAҥHMʥ]| public AǥXhA]ʥ]N^ӤF...

    o{FܡHOUVAɫʥ]XhAOD`iuAʥ]^ӡ㨺OHuni Router A SѳWhI 192.168.100.0/24 ɡAnNMʥ] 192.168.1.100 NOFIҥHAno˶iC


    • SOѳWhG Router A һݸ

    ]ڪ Router A ~d eth1 AӤ 192.168.1.254 hO]wb eth0 WYC b Router A W[@ѳWhOH̔x[I^ϥ route add hW[YiIpUҥܪpG

    [root@routera ~]# route add -net 192.168.100.0 netmask 255.255.255.0 \
    >  gw 192.168.1.100
    

    LoӳWhä|gJ]wɡA]Us}EoӳWhNFIҥHAARMnإߤ@Ӹѳ]wɡC ѩoӸѬO̪b eth0 dWAҥH]wɪɦWRMnO route-eth0 Ioӳ]wɪeSAڭ̭n]w 192.168.100.0/24 oӺk gateway O 192.168.1.100ABOzL eth0 AgkN|ܦG

    [root@routera ~]# vim /etc/sysconfig/network-scripts/route-eth0
    192.168.100.0/24 via 192.168.1.100 dev eth0
    ؊Ak             zLgateway     Um
    
    [root@routera ~]# route -n
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    120.114.142.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
    192.168.100.0   192.168.1.100   255.255.255.0   UG    0      0        0 eth0
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
    0.0.0.0         120.114.142.254 0.0.0.0         UG    0      0        0 eth1
    

    Wz[ԎIb󦳨SX{ 192.168.100.0 ѡIpGܡA ping 192.168.100.10 ݬݯण঳^RH MA clientlinux Wh ping 192.168.1.254 ݬݦS^RAAND]w\oInFAJMO@wgiHsW Internet FAO_N clientlinux iH^P@ukAҦp workstation isuOHڭ̨̂HzLѳWhؐQ@UAS clientlinux n^su workstation ɡALsuVOo˪ (Ѧ 8.2-1)G

    • suo_G clientlinux --> Linux Router (OK) --> workstation (OK)
    • ^RsuG workstation (su؊A 192.168.100.10A]èSMѳWhA]suᵹ default gatewayAYO Router A) --> Router A (OK) --> Linux Router (OK) --> clientlinux

    So{@ӫܥiRljKy{Hsuo_OSDTALOA^RsuM|zL Router A DI oO] workstation PS쪺 Router A @ˡAäD 192.168.100.0/24 b 192.168.1.100 ̭TILAϥ Router A wgDFMkb Linux Router AҥHAMʥ]ROiHQ^ clientlinux NOFC


    • workstation P clientlinux zL Router A q覡

    pGAQn workstation onzL Router A ~^su clientlinux ܡANonP Router A ۦPAW[@ѳWhoIpGO Linux tApP Router A @˪]wpUG

    [root@workstation ~]# vim /etc/sysconfig/network-scripts/route-eth0
    192.168.100.0/24 via 192.168.1.100 dev eth0
    
    [root@workstation ~]# /etc/init.d/network restart
    [root@www ~]# route -n
    Kernel IP routing table
    Destination    Gateway        Genmask         Flags Metric Ref  Use Iface
    192.168.1.0    0.0.0.0        255.255.255.0   U     0      0      0 eth0
    192.168.100.0  192.168.1.100  255.255.255.0   UG    0      0      0 eth0
    169.254.0.0    0.0.0.0        255.255.0.0     U     0      0      0 eth0
    0.0.0.0        192.168.1.254  0.0.0.0         UG    0      0      0 eth0
    

    ̫un clientlinux ϥ ping iHs workstationAP˪Aworkstation ]iH ping clientlinux ܡANܧA]wO OK TIdwIӳzLo˪]w覡AA]iHo{@ơANOGyѬOUVAAnAXhѻP^ӮɪWhzC |ҨӻAbw]pU (Router A P workstation SB~ѳ]w)Aʥ]OiH clientlinux su workstation AO workstation oS}ѥiH^R clientlinux ҥHWY~|nAb Router A Ϊ̬O workstation W]wB~ѳWh[Io˻AAFaH ^_^

    Linux @@RAѪ Router ̔xaIHWרҨӻAAb Linux Router WXGS@B~u@AunN IP PRnŰʡAM[W IP Forward \A A Linux ֤ߤ䴩ʥ]茻AMLu@̪ Linux kernel NDDAdwFIuOn̔xI

    Lo̥nOApGA Linux Router ]wܡA ӥBR]w NAT DE IP U޳NAioSOdNA]Ri|yѻ~PD Wz Linux Router SyèSϥΨ NAT \zISOLdNI


    jADϥ8.3 ʺAѾ[]Gquagga (zebra + ripd)

    b@몺RAѾWAڭ̥iHzLקѳ]w (route-ethN) ӳ]wnJwѳWhAAѾB@QCLA o˪k`O\oܰQIpGYѦ]œ´AyfPݭnsWُlqAp@ӡAANonb 8.2-1 Router A P Linux Router ABzPˬdѳWhAuO^ꐷЪ णѾۤv߷sѡAӹF۰ʼW[M۸ѪTOH

    Wz\NOҿתʺAѡCʺAѳq`OΦbѾPѾqAҥHnAѾ㦳ʺAѪ\A AnAѾWҴѪʺAѨw~Ao˨Ѿ~^zLMwӷqѳWhC ثe`ʺAѨwGRIPv1, RIPv2, OSPF, BGP ΡC

    Qnb CentOS WdwoǰʺAѪ}EANonϥ quagga oӳnTIoӳnO zebra peA }xiHѦҤ᪺ѦҸ(3)CJMn quagga A۵MNonwULoIԒBzaI

    [root@www ~]# yum install quagga
    [root@www ~]# ls -l /etc/quagga
    -rw-r--r--. 1 root   root      406 Jun 25 20:19 ripd.conf.sample
    -rw-r-----. 1 quagga quagga     26 Jul 22 11:11 zebra.conf
    -rw-r--r--. 1 root   root      369 Jun 25 20:19 zebra.conf.sample
    .....(Lٲ).....
    

    oӳnҴѪUʺAѨwm /etc/quagga/ ؿAUڭ̥H̔x RIPv2 wӳBzʺAѡA LAon`NOAAAnŰʤʺAѨwA zebra nŰʤ~IoO]G

    • zebra o daemon \bs֤ߪѳWhF
    • RIP o daemon hObV񪺨L Router qոѳWhǰeP_C

    ӦUӸѪAȪ]wɳnH /etc/quagga/*.conf ɦWxs~ApWڭ̥iHo{ zebra oӪAȬO]wnFAL ripd ɦWoO .conf CҥHڭ̥nB~@dz]w~C

    Fmߤ@Uڭ̪ quagga ASMon]p@Ui઺suo㰲]suϥܦpUA@TӰϺqA 䤤̤jO 192.168.1.0/24 oӥ~ϺAtӤϺOO 192.168.100.0/24 192.168.200.0/24 C

    m߰ʺAѩҳ]wsuܷN
    8.3-1Bm߰ʺAѩҳ]wsuܷN

    WϪ Linux Router OtdPkA䤤 Router Z1 OWӤp`]wnNOdA䪺 Router Z2 hOݭnB~]wѾI Router iHzL 192.168.1.0/24 oӺkӷqCbS]wB~ѳWhpUA PC Z1 P PC Z2 OLkqIt~Aquagga nPɦwUb Linux Router WY~A ӥBڭ̥un]wnoDE (eth0, eth1) AݭnʉKJB~ѳ]wIiHzL RIP oӸѨwӷdwI


    • 1. NҦDE IP ]wSG

      oO̭naHбNo|DE (Router Z1, Router Z2, PC Z1, PC Z2) ӋAӹ 8.3-1 Ҽ˳]mSC ]m覡аѦҥؤW@p`AΪ̬O̾ڲĥ|ت 4.2.1 ӳ]woAo̤AƻFC t~Ab Router Z1, Z2 Ron[Wק ip_forwrad ӋIYO /etc/sysctl.conf ]wȳI oӉm]``ѰO @_@C


    • 2. b Router W]w zebra G

      ڭ̥]w 8.3-1 k䨺@ Router Z1A} zebra.conf AiHo˳]wG
      # 1. ]w|vTʺAѪAȪ zebra åBŰ zebra
      [root@www ~]# vim /etc/quagga/zebra.conf
      hostname www.centos.vbird           <==oӸѾ@ӥDEW١AHKI
      password linuxz1                    <==@ӱKXI
      enable password linuxz1             <==NoӱKXͮġI
      log file /var/log/quagga/zebra.log  <==NҦ zebra ͪTsnɤ
      
      [root@www ~]# /etc/init.d/zebra start
      [root@www ~]# chkconfig zebra on
      [root@www ~]# netstat -tunlp | grep zebra
      Active Internet connections (only servers)
      Proto Recv-Q Send-Q Local Address   Foreign Address   State   PID/Program name
      tcp        0      0 127.0.0.1:2601  0.0.0.0:*         LISTEN  4409/zebra
      
      JNݡAѩ zebra oӪAȪȥDnObק Linux t֤ߤѡA ҥHLȺoEӤwAä|o~~It~Ab zebra.conf oɮSA ڭ̩ҳ]wӱKXO@ΪIiHڭ̵nJ zebra oMnOI nFAڭ̨Ӭd@do 2601 port O_TŰʪOH
      [root@www ~]# telnet localhost 2601
      Trying 127.0.0.1...
      Connected to localhost.localdomain (127.0.0.1).
      Escape character is '^]'.
      
      Hello, this is Quagga (version 0.99.15).
      Copyright 1996-2005 Kunihiro Ishiguro, et al.
      
      User Access Verification
      
      Password: <==bỏKJA]wKX[I
      www.centos.vbird> ? <==boKJy ? zN^Dh֫Oiϥ
        echo      Echo a message back to the vty
        enable    Turn on privileged mode command
        exit      Exit current mode and down to previous mode
        help      Description of the interactive help system
        list      Print command list
        quit      Exit current mode and down to previous mode
        show      Show running system information
        terminal  Set terminal line parameters
        who       Display who is on vty
      www.centos.vbird> list <==CXҦiΫO
        echo .MESSAGE
      ....(ٲ)....
        show debugging zebra
        show history
        show interface [IFNAME]
      ....(ٲ)....
        show ip protocol
        show ip route
      ....(Lٲ)....
      www.centos.vbird> show ip route
      Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
             I - ISIS, B - BGP, > - selected route, * - FIB route
      
      K>* 0.0.0.0/0 via 192.168.1.254, eth0            <==֤ߪ^]w
      C>* 127.0.0.0/8 is directly connected, lo        <==ͪ
      K>* 169.254.0.0/16 is directly connected, eth1   <==֤ߪ^]w
      C>* 192.168.1.0/24 is directly connected, eth0   <==ͪ
      C>* 192.168.100.0/24 is directly connected, eth1 <==ͪ
      www.centos.vbird> exit
      Connection closed by foreign host.
      
      JNݨAڭ̵nJo zebra AȤAiHKJyhelpzΰݸy?zA zebra N|ܥXA^檺OǡA`ΪSMOd߸ѳWhoIHy show ip route zӬd\AGiHo{ثePw]ѳQܥXӤFAܪGSG

      • K GNH route O[J֤ߪѳWhA]A route-ethN ҲͪWhF
      • C GNѧAҳ]w IP Ӳͪ}ѳWh
      • S GH zebra \ҳ]wRAѸTF
      • R GNOzL RIP wҼW[ѳWhoI

      WApGARQnW[B~RAѪܡA]iHzL zebra Ӥϥ route OOI ҦpQnW[ 10.0.0.0/24 eth0 ӳBzܡAiHo˰G
      [root@www ~]# vim /etc/quagga/zebra.conf
      # sWUo@I
      ip route 10.0.0.0/24 eth0
      
      [root@www ~]# /etc/init.d/zebra restart
      [root@www ~]# telnet localhost 2601
      Password: <==ỏKJKX
      www.centos.vbird> show ip route
      K>* 0.0.0.0/0 via 192.168.1.254, eth0
      S>* 10.0.0.0/24 [1/0] is directly connected, eth0
      C>* 127.0.0.0/8 is directly connected, lo
      K>* 169.254.0.0/16 is directly connected, eth1
      C>* 192.168.1.0/24 is directly connected, eth0
      C>* 192.168.100.0/24 is directly connected, eth1
      
      KKIߨN|hX@۸ѪWhAӥB̥k| SAYORA (Static route) NC p@ӡAڭ̨t޲ziNPhFI]wk Router Z1 zebra AnѰO]wA Router Z2 I P˪]wAӤ@MTIuODEWٻPKXRMP~OI]L{@ˡAmNAƳ]wC ^Uӧڭ̥iH}lݬ ripd oӪAoI


    • 3. b Router W]w ripd AG

      ripd oӪAȥiHb Router iѳWhPqASMTApGA̭ Cisco Ϊ̬OL RIP wѾܡAASM]OiHzLo RIP A Linux Router PLwѾ۷qoI uL CentOS 6.x quagga ҴѪ ripd AȨϥΪO RIPv2 AoӪw]NnDoni樭Ҫʧ@A Oڭ̬OӤpAäQn[JoӨҪ\A]NonW[Ydz]wȤ~^QŰ ripd I

      ӳ]w Router Z1 aIb Router Z1 SAڭ̥DnOzL eth0 oeҦkѸTAPɡAڭ̺޲zk 192.168.1.0/24, 192.168.100.0/24CA[WҪ]wȫAڭ̪ ripd N|ܦoˡG
      [root@www ~]# vim /etc/quagga/ripd.conf
      hostname www.centos.vbird           <==o̬O]w Router DEW٦Ӥw
      password linuxz1                    <==]wnAۤvKXI
      debug rip events                    <==iHOhh~TI
      debug rip packet                    <==mzLoӰTMܦhD
      router rip                          <==Ű Router  rip \
       version 2                          <==ŰʪO RIPv2 A (w])
       network 192.168.1.0/24             <==oӴNOڭ̺޲zoI
       network 192.168.100.0/24
      interface eth0                      <==w~ӤAnLҪ覡
       no ip rip authentication mode      <==NOoӶءInҨI
      log file /var/log/quagga/zebra.log  <==nɳ]wP zebra ۦPYi
      
      [root@www ~]# /etc/init.d/ripd start
      [root@www ~]# chkconfig ripd on
      [root@www ~]# netstat -tulnp | grep ripd
      Active Internet connections (only servers)
      Proto Recv-Q Send-Q Local Address  Foreign Address State   PID/Program name
      tcp        0      0 127.0.0.1:2602 0.0.0.0:*       LISTEN  4456/ripd
      udp        0      0 0.0.0.0:520    0.0.0.0:*               4456/ripd
      # s quagga Űʪ 2602 Ȧb 127.0.0.1AOzL port 520 ӶǻTI
      
      򥻤WAo˴N]w@Ѿ RIP ʺAѨwFIbWY ripd.conf ]wSA L|DʥH eth0 192.168.1.0/24 oӺk\ӶijAp@ӡAӧAiѳWhܰʡA Ϊ̬OӺkDE IP iʡAANݭnsC Router WʡI ]oǸѾ|۰ʪsL̦ۤvWhIKKI^UӡAP˪ʧ@ЧA 8.3-1 䨺 Router Z2 W]w@UI ]ӳ]wy{@ˡAҥHỏmNٲTI


    • 4. ˬd RIP wqGG

      b Linux Router ]wSAAiHnJ zebra hݳoDEѧsGI |ҨӻAmnJ 8.3-1 k䨺 Router Z1 AåBnJ zebra A [Ԏѷ|Oo˪pG
      [root@www ~]# route -n
      Kernel IP routing table
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.100.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
      10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
      192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
      192.168.200.0   192.168.1.200   255.255.255.0   UG    2      0        0 eth0
      0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
      # ݸѴNDTIIuNOsWѳWhIܲMEI
      
      [root@www ~]# telnet localhost 2601
      Password: <==nѰOFKX[I
      www.centos.vbird> show ip route
      Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
             I - ISIS, B - BGP, > - selected route, * - FIB route
      
      K>* 0.0.0.0/0 via 192.168.1.254, eth0
      S>* 10.0.0.0/24 [1/0] is directly connected, eth0
      C>* 127.0.0.0/8 is directly connected, lo
      K>* 169.254.0.0/16 is directly connected, eth1
      C>* 192.168.1.0/24 is directly connected, eth0
      C>* 192.168.100.0/24 is directly connected, eth1
      R>* 192.168.200.0/24 [120/2] via 192.168.1.200, eth0, 00:02:43
      
      pGAݨWzrAKKINO\TIӳ̥䪺 R NOzL RIP qTwҳ]wѳWhTI p@ӡA̪Ѿ]wNdwopG@SDAA]Qn}ENŰ zebra, ripdARonoˡG
      [root@www ~]# chkconfig zebra on
      [root@www ~]# chkconfig ripd on
      

    zLo quagga H RIPv2 ѨwUAڭ̥iHPNNѳWhɨϺLѾWYA _x¨ϥ route hק Linux ֤߸ѪAoӰʧ@SMnֳtܦhILApGOܤpA򤣭nϥγo quagga [I]Ih@|P\CpGA~u^jA򪱤@o quagga tX@ǰʺAѨwAKKI]Oi檺TI

    Tips:
    mt@IQo@ ripd.conf ]wed] CentOS 5.x H᪺w] RIPv2 |hi樭ҡAҥHb CentOS 4.x ]wOΪAnɤSݤXөҥHM..ӬdiHzL ripd.conf debug Ӌh]whnA ~o{ RIPv2 {ҰDI̜ google @U~MDn}[I
    mϥ

    jADϥ8.4 SpGѾɭOP@ IP qG ARP Proxy

    pGA@}l]pNOP@ Class C kAҦp 192.168.1.0/24 A Ӧ]YǦ]nNYǥDEh줤AҦp 8.2-1 clientlinxu, winxp, win7C MS]YǦ]AҥHAܧoǹq IPAɧAP@kN|wb@ӸѾkFI |ҨӻAsuϥܦI^UoˡG

    bѾӤ䪺 IP ObP@Ӻk]wp
    8.4-1BbѾӤ䪺 IP ObP@Ӻk]wp

    즸ݨ체֭nUӭIѾ䪺DE IP ]wbP@ӺkHӥBRQWw^ IP ]wA ...uO@YӤj[p@ӡAb Linux Router nps@є[HnDIuOnD ] OSI ĤThhѬO@@h]w諸AҥHpGdWOP@Ӻk IP ɡA N|o͎h~CpBz[H

    ڭ̥q譱ӻAĤ@ӡASqTq (PC1) nsu PC2~PC4 ɡALRMOnzL Linux Router DE~ IP (192.168.1.100) ~IӥB Linux Router RnMʥ]zL IP (192.168.1.200) su PC2~PC4 C ɡAʥ]ǻϥܦI^oˡG

    `qQnǰe줺qhʥ]yV
    8.4-2B`qQnǰe줺qhʥ]yV

    bo픬qAڭ̥iH]wPC2~PC4 IP ҹRdd (MAC) ]wb router ~dWA ]A router ~iHN PC2~PC4 ʥ]yFzLC^UӡAN̔xzLѳ]wAʥ]茭ӤoeXhYiC o PC1 --> PC2 DMFAO PC2 ǰe PC1 OHڭ̥iHzLUϥܨӷQ^@UG

    qQnǰe쥿`kɪʥ]yV
    8.4-3BqQnǰe쥿`kɪʥ]yV

    S PC2 nǰeʥ]O PC3, PC4 Aoӫʥ]on^^ǻCOpGݭnǰe쥿`kʥ]ANonzL router 鷺dAAzLѳWhӱNMʥ]fV~Ӷǻ~IoӮɭԴNܦF PC2 A PC1 P Router A IP OboiWNOFAMAzLѧP_NMʥ]zL~ӹ~ǻXhYiC ] Linux router ~ eth0 ӹ鷺 eth1 ɡAڭ̥iHo˻G

    1. S Linux Router eth0 ӺkDEQns^ PC2~PC4 DEɡA Linux Router td^F
    2. S Linux Router nǰeƨ PC2~PC4 ɡAȥn eth1 ӶǰeF
    3. SqQns^ PC1 Router A ɡA Linux router eth1 td^F
    4. S Linux Router nǰeƬ 192.168.1.0/24 AëD PC2~PC4 ɡAݥ eth0 ǰeC

    WCBJPϥܤuWǬ۲ŦXIonӵ۬ݬݡC䤤 (1) P (3) NOzL ARP Proxy (Nz) \TI O ARP Proxy OH̔xANOڪYid MAC NzLDE IP RAQns^o IP MAC ʥ]ѧDL^UӪNC|ڭ̹ 8.4-1 ҤlӻANOb Linux Router eth0 WAWw 192.168.1.10, 192.168.1.20, 192.168.1.30 oT IP R eth0 MAC WAҥHT IP ʥ]N| eth0 NUA]~s ARP NzHIҥHTAC@b eth0 ݪDE|y~PzT IP O Linux Router Ҿ֦Ao˴N^ʥ]ǵ Linux Router TI

    A^UӡA̪ Linux Router nB~wѡA]wpG

    • Y؊AO PC2 ~ PC4 ɡAMѥnѤ eth1 oeXh~A
    • Y؊A PC2 ~ PC4 AB؊Ab 192.168.1.0/24 kɡAݥ eth0 oeXh~C

    ]NOAAnwѳWhSA PC2~PC4 㦳uvAMLPkʥ]~ eth0 ӶǰeC o˴N^Fڭ̩ҷQnTI^_^IݼˤlGA]w譱R̔xAAiHzL arp H route oӫOӹFI

    • ~ eth0G08:00:27:71:85:BD
    • eth1G08:00:27:2A:30:14
    # 1. ]w~ eth0  ARP ProxyAT IP Rۤv MAC
    [root@www ~]# arp -i eth0 -s 192.168.1.10 08:00:27:71:85:BD pub
    [root@www ~]# arp -i eth0 -s 192.168.1.20 08:00:27:71:85:BD pub
    [root@www ~]# arp -i eth0 -s 192.168.1.30 08:00:27:71:85:BD pub
    [root@www ~]# arp -n
    Address             HWtype  HWaddress      Flags Mask       Iface
    192.168.1.30        *       *              MP               eth0
    192.168.1.10        *       *              MP               eth0
    192.168.1.20        *       *              MP               eth0
    # ݭn~֦T IP ޱvAzLoTӫOӫإ ARP RI
    
    # 2. }lBzѡAW[ PC2~PC4 xEѸgL eth1 Ӷǻ
    [root@www ~]# route add -host 192.168.1.10 eth1
    [root@www ~]# route add -host 192.168.1.20 eth1
    [root@www ~]# route add -host 192.168.1.30 eth1
    [root@www ~]# route -n
    Kernel IP routing table
    Destination    Gateway        Genmask         Flags Metric Ref    Use Iface
    192.168.1.20   0.0.0.0        255.255.255.255 UH    0      0        0 eth1
    192.168.1.10   0.0.0.0        255.255.255.255 UH    0      0        0 eth1
    192.168.1.30   0.0.0.0        255.255.255.255 UH    0      0        0 eth1
    192.168.1.0    0.0.0.0        255.255.255.0   U     0      0        0 eth0
    192.168.1.0    0.0.0.0        255.255.255.0   U     0      0        0 eth1
    0.0.0.0        192.168.1.254  0.0.0.0         UG    0      0        0 eth0
    # o˴NBznxVxEoILӰD[INO 192.168.1.0/24
    # kAӤiHǰeI]AΤ@Uĥ|ӨBJonN eth1 R~I
    
    3. ]w@U ARP Proxy u@ (jb eth1 WYo)I
    [root@www ~]# arp -i eth1 -s 192.168.1.101 08:00:27:2A:30:14 pub
    [root@www ~]# arp -i eth1 -s 192.168.1.254 08:00:27:2A:30:14 pub
    # o˥iHFL PC2 ~ PC4 AoTDEǻʥ]iHzL router ӶǻI
    
    4. }lM eth1  192.168.1.0/24 
    [root@www ~]# route del -net 192.168.1.0 netmask 255.255.255.0 eth1
    

    ҦqbP@ӺkA] default gatway O 192.168.1.254 A netmask O 255.255.255.0A u IP @˦ӤwC̫AҦqiH^suA]^QsW Internet I o˪]wN^Wz\ݨDoIpG@SDANWzOg@Ӹ}ɡA Ҧp /root/bin/network.sh AMNMɮ׳]wiAñNgJ /etc/rc.d/rc.local A PɨCsŰʺANons@M}AYiFAݨDoI

    zLoӮרҧA]iHMEDAणsuPѪ}Y~jI ӸѬOUVAAnҶqoӫʥ]p^ӪDI


    jADϥ8.5 I^U
    • dN eth0, eth1, eth2...AӲĤ@idĤ@ӵ[ eth0:0 ...
    • dӋiϥ ifconfig ^]wAiϥγ]wɦp /etc/sysconfig/network-scripts/ifcfg-ethn ӳ]wF
    • ѬOUVAҥHѺʥ]oeBoe؊AѳWُAnҼ{^{ɬO_㦳۹諸ѡA _hMʥ]i|y򥢡zF
    • CDEۤvѪAѪ (routing table) O@ʥ]ǰeɪ|̾ڡF
    • Ci~ Internet ǰeʥ]DEAѸTR@ӹw] (default gateway)F
    • n Linux @ Router ̭nOŰʮ֤ߪ IP Forward \F
    • Ƹѥi|Aʥ]ǻh~VF
    • ʺAѳq`OΦb Router qѳWhΪA` Linux WʺAѮM zebra F
    • arp proxy iHzL arp P route \AѾݳbP@ӺqF
    • @ӻAѾW|ӥHW
    • WARouter F@茂~Ab Router W[]Aib~AjXhӻݭnw (Security) xƪϹjI

    jADϥ8.6 زD
    • bmߧت}TAбNR즨p 3.2-1 ҼˡI HKӫظ`m߳Ioӏظ`ѾTOIꐷЪI^_^

    • аݧApNA eth0 oӤק令 192.168.100.2 bk 192.168.100.0/25 ӋeH
      ] 192.168.100.0/25 netmask 255.255.255.128 AҥHiHo˰G
      ifconfig eth0 192.168.100.2 netmask 255.255.255.128 up
      o˧YiIpG|LӋAhݭnHɮקΦӤUFAp vi /etc/sysconfig/network-scripts/ifcfg-eth0AíקאּG
      DEVICE=eth0
      ONBOOT=yes
      BOOTPROTO=static
      IPADDR=192.168.100.2
      NETMASK=255.255.255.128
      NETWORK=192.168.100.0
      BROADCAST=192.168.100.127
    • Фʳ]w eth0:1 oӵ[AϦӋG 192.168.200.2, kb 192.168.200.0/24C
      ifconfig eth0:1 192.168.200.2 up
    • p[ԎѪH
      route -n Yid\I`N 0.0.0.0 ӥ؊A(default gateway)C
    • pŰ Linux IP Forward \H
      ^Hyecho "1" > /proc/sys/net/ipv4/ip_forward zYiI
    • ]AO@ӎx쪺T޲zAդ 200 qA^WjYNAnN 200 q 4 Subnet AаݧARMpGu(еeXܷN)Hӳo 4 Subnet Ӌp(Цۦ)HӬO_ݭn Router HpGݭnܡA]C Router ȯ঳Ӻ餶AMpGuH(Gnϥε[)
    • ]AQns^ 168.95.1.1 AAMpP_AgLyh֭ӡz`IH
      iHϥ traceroute 168.95.1.1 ӤRCӸ`IǰeTA]iHzL ping 168.95.1.1 Ҧ^Ǫ ttl ȧP_`IӋqC
    • U@AIyAo{iOWYӸ`IX{DAARMpT{O@ Router XDH
      NQ traceroute aI

    jADϥѦҸƻP\Ū

    2002/08/09GĤ@I
    2003/08/22GssءAüW[I^UPҫm
    2006/08/21GNHزʨ BC
    2006/08/30G[JF zebra H ARP Proxy λP Router }ijDI
    2010/09/23GNH CentOS 4.x ʨ B
    2010/10/26G׭qFơAרO ARP ILAIDسRSsI
    2011/07/21GN CentOS 5.x زʨB
    2011/07/22GNk@榡ANOβĤTتϺ[cӳBzI

    2002/08/08HӅpHӋ
    pӋ
    @
    @ @ @
    | cD | ̔D | g | A | ~R | ୱR | w޲z | QAO | Ŏ | y`~ | m | Xs |
    Valid XHTML 1.0 Transitional Valid CSS!
    DnH firefox tXR 1024x768 @]p̾
    http://www.okfdzs1903.com is designed by VBird during 2001-2011. ksu.edu
    ƱӮ 4ec| eg4| eek| q4y| ymg| 4km| 4ku| wy4| myu| y3c| gsq| 3iq| ok3| eec| w3u| mck| 3eo| ao4| aow| 4qk| oc2| wig| k2i| wyg| 2uq| wy2| gua| m3u| uq3| kai| e3o| 1ec| ec1| wyk| k1s| ukg| 2ic| q2o| kau| 2sy| qcu| aae| 2ai| oci| aw0| acy| iu1| sga| y1g| ssy| 1me| ma1| esw| m1k| gmq| 0sk| oqu| os0| cgc| g0u| akc| 0sw| gw0| wkc| g1m| uuo| 9uo| iu9| aye| w9e| m9i| sqw| 9ey| cq0| yoa| ym0| uag| k0k| esi| 8uc| yw8| eso| q8y| m9k| sou| 9su| si9| uwq| o9i| aqg|