虛拟機hostonly網絡預設隻能和實體主機(主控端)通信,但是有時候有特殊需求hostonly網絡需要和外網通信,怎麼設定?前提是另外有一台虛拟機能和外網通信,如果是在家裡,有路由器的情況,這台虛拟機的網絡通常設定為bridge,但是如果在公司,因為不能橋接到路由器上,是以一般是将網絡設定為NAT的方式,通過映射實體機(一般是Windows機器)ip來通路外網
下面簡單描述一下hostonly網絡通過另外一台NAT網絡虛拟機通路外網的方法:
NAT網絡虛拟機,兩塊網卡,一塊網卡是NAT,一塊網卡是hostonly
NAT網卡的位址是192.168.85.128,網關為192.168.85.2 ,能上外網
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.85.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
192.168.75.0 0.0.0.0 255.255.255.0 U 1 0 0 rename3
0.0.0.0 192.168.85.2 0.0.0.0 UG 0 0 0 eth0 # ping www.qq.com
PING www.qq.com (14.17.42.40) 56(84) bytes of data.
64 bytes from 14.17.42.40: icmp_seq=1 ttl=128 time=2.70 ms hostonly網卡的ip是192.168.75.128
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:35:54:1C
inet addr:192.168.85.128 Bcast:192.168.85.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe35:541c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:84942 errors:0 dropped:0 overruns:0 frame:0
TX packets:21059 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:97826497 (93.2 MiB) TX bytes:2158651 (2.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:230 errors:0 dropped:0 overruns:0 frame:0
TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14016 (13.6 KiB) TX bytes:14016 (13.6 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:35:54:26
inet addr:192.168.75.128 Bcast:192.168.75.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe35:5426/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5398 errors:0 dropped:0 overruns:0 frame:0
TX packets:802 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:538577 (525.9 KiB) TX bytes:344300 (336.2 KiB) NAT網絡虛拟機添加防火牆轉發規則并打開路由轉發
# iptables -t nat -A POSTROUTING -s 192.168.75.0/24 -j SNAT --to-source 192.168.85.128
# iptables -L -t nat -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 192.168.75.0/24 0.0.0.0/0 to:192.168.85.128
Chain OUTPUT (policy ACCEPT)
target prot opt source destination 打開路由轉發
# vim /etc/sysctl.conf #永久生效
net.ipv4.ip_forward = 1
# sysctl -p 或者
# echo 1 >/proc/sys/net/ipv4/ip_forward
# cat /proc/sys/net/ipv4/ip_forward
1 hostonly虛拟機,隻有一塊網卡,網絡設定是hostonly
1、如果網卡設定為static,可以設定預設網關
# ifconfig eth1 192.168.75.130 netmask 255.255.255.0
# route add default gw 192.168.75.128
注意:以上指令隻是臨時生效,如果要永久生效,需要編輯
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:0C:29:E8:45:D1
TYPE=Ethernet
UUID=9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c05
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.75.130
NETMASK=255.255.255.0
GATEWAY=192.168.75.128 2、如果網卡設定為dhcp,則hostonly網絡的預設網關被設定為了192.168.75.1,不可以再将預設網關修改為192.168.75.128,必須要設定靜态路由才行
# /etc/init.d/network restart #dhcp配置設定的ip為192.168.131
# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:0C:29:C5:D9:00
TYPE=Ethernet
UUID=9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c05
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
# ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:C5:D9:00
inet addr:192.168.75.131 Bcast:192.168.75.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec5:d900/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4549 errors:0 dropped:0 overruns:0 frame:0
TX packets:3356 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:663542 (647.9 KiB) TX bytes:482779 (471.4 KiB) 不可以設定預設網關,則設定靜态路由,
# cat /etc/sysconfig/static-routes
any net 192.168.85.0/24 gw 192.168.75.128
any net 0.0.0.0 gw 192.168.75.128 # Generated by NetworkManager
search localdomain.com
nameserver 114.114.114.114
nameserver 8.8.4.4 # ping www.baidu.com
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38: icmp_seq=1 ttl=127 time=7.20 ms
64 bytes from 14.215.177.38: icmp_seq=2 ttl=127 time=8.26 ms ![做一個有思想的程式員[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)