1. 虚拟机网络模式概述
虚拟机网络模式决定了虚拟机与外部网络的连接方式,常见的网络模式包括NAT、桥接、仅主机和内部网络。不同的网络模式适用于不同的应用场景。更多学习教程www.fgedu.net.cn
参考Red Hat Enterprise Linux 10官方文档中的System administration章节 from LinuxDBA视频:www.itpux.com
# VBoxManage showvminfo “RHEL10-Learning” | grep -i nic
NIC 1: MAC: 080027123456, Attachment: NAT, Cable connected: on
NIC 2: disabled
NIC 3: disabled
NIC 4: disabled
NIC 5: disabled
NIC 6: disabled
NIC 7: disabled
NIC 8: disabled
# 查看可用的网络接口
# VBoxManage list bridgedifs
Name: enp0s3
GUID: 12345678-1234-1234-1234-123456789012
DHCP: enabled
IPAddress: 192.168.1.100
NetworkMask: 255.255.255.0
IPV6Address: fe80::1234:5678:90ab:cdef
IPV6NetworkMaskPrefixLength: 64
HardwareAddress: 00:11:22:33:44:55
MediumType: Ethernet
Status: Up
VBoxNetworkName: HostInterfaceNetworking-enp0s3
# 查看仅主机网络
# VBoxManage list hostonlyifs
Name: vboxnet0
GUID: 12345678-1234-1234-1234-123456789012
DHCP: disabled
IPAddress: 192.168.56.1
NetworkMask: 255.255.255.0
IPV6Address: fe80::1234:5678:90ab:cdef
IPV6NetworkMaskPrefixLength: 64
HardwareAddress: 0a:00:27:00:00:00
MediumType: Ethernet
Status: Up
VBoxNetworkName: HostInterfaceNetworking-vboxnet0
# 查看所有虚拟机
# VBoxManage list vms
“RHEL10-Learning” {12345678-1234-1234-1234-123456789012}
“RHEL10-Test” {12345678-1234-1234-1234-123456789013}
“RHEL10-Prod” {12345678-1234-1234-1234-123456789014}
2. NAT模式配置
NAT(Network Address Translation)模式是VirtualBox的默认网络模式,虚拟机通过主机的网络访问外网,外网无法直接访问虚拟机。学习交流加群风哥微信: itpux-com
# VBoxManage modifyvm “RHEL10-Learning” –nic1 nat
# 查看NAT配置
# VBoxManage showvminfo “RHEL10-Learning” | grep -A 10 “NIC 1”
NIC 1: MAC: 080027123456, Attachment: NAT, Cable connected: on
NIC 1 Settings: MTU: 0, Socket(send: 64, receive: 64), TCP Window(0x0)
NIC 1 Rule(0): name = ssh, protocol = tcp, host ip = , host port = 2222, guest ip = , guest port = 22
NIC 1 Rule(1): name = http, protocol = tcp, host ip = , host ip = , host port = 8080, guest ip = , guest port = 80
# 配置NAT端口转发
# 转发SSH端口(主机2222端口 -> 虚拟机22端口)
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “ssh,tcp,,2222,,22”
# 转发HTTP端口(主机8080端口 -> 虚拟机80端口)
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “http,tcp,,8080,,80”
# 转发HTTPS端口(主机8443端口 -> 虚拟机443端口)
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “https,tcp,,8443,,443”
# 转发MySQL端口(主机3306端口 -> 虚拟机3306端口)
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “mysql,tcp,,3306,,3306”
# 查看端口转发规则
# VBoxManage showvminfo “RHEL10-Learning” | grep -i natpf
NIC 1 Rule(0): name = ssh, protocol = tcp, host ip = , host port = 2222, guest ip = , guest port = 22
NIC 1 Rule(1): name = http, protocol = tcp, host ip = , host port = 8080, guest ip = , guest port = 80
NIC 1 Rule(2): name = https, protocol = tcp, host ip = , host port = 8443, guest ip = , guest port = 443
NIC 1 Rule(3): name = mysql, protocol = tcp, host ip = , host port = 3306, guest ip = , guest port = 3306
# 删除端口转发规则
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 delete ssh
# 测试端口转发
# ssh -p 2222 user@localhost
The authenticity of host ‘[localhost]:2222 ([127.0.0.1]:2222)’ can’t be established.
ECDSA key fingerprint is SHA256:1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[localhost]:2222’ (ECDSA) to the list of known hosts.
user@localhost’s password:
Last login: Wed Apr 2 10:00:00 2026 from 10.0.2.2
[user@rhel10-learning ~]$
3. 桥接模式配置
桥接模式使虚拟机与物理机在同一网络中,虚拟机拥有独立的IP地址,可以与网络中的其他设备直接通信。学习交流加群风哥QQ113257174
# VBoxManage modifyvm “RHEL10-Learning” –nic1 bridged
# 指定桥接网络接口
# VBoxManage modifyvm “RHEL10-Learning” –bridgeadapter1 enp0s3
# 查看桥接配置
# VBoxManage showvminfo “RHEL10-Learning” | grep -A 5 “NIC 1”
NIC 1: MAC: 080027123456, Attachment: Bridged Interface ‘enp0s3’, Cable connected: on
NIC 1 Settings: MTU: 0, Socket(send: 64, receive: 64), TCP Window(0x0)
# 在虚拟机中配置网络
# 查看网络接口
# ip addr show
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp0s3:
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.101/24 brd 192.168.1.255 scope global dynamic enp0s3
valid_lft 86399sec preferred_lft 86399sec
inet6 fe80::a00:27ff:fe12:3456/64 scope link
valid_lft forever preferred_lft forever
# 配置静态IP地址
# sudo nmcli connection modify “System eth0” ipv4.addresses 192.168.1.101/24
# sudo nmcli connection modify “System eth0” ipv4.gateway 192.168.1.1
# sudo nmcli connection modify “System eth0” ipv4.dns “8.8.8.8 8.8.4.4”
# sudo nmcli connection modify “System eth0” ipv4.method manual
# sudo nmcli connection up “System eth0”
# 测试网络连通性
# ping -c 4 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.123 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.098 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.105 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.110 ms
— 192.168.1.1 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.098/0.109/0.123/0.009 ms
4. 仅主机模式配置
仅主机模式创建一个隔离的网络,虚拟机只能与物理机通信,无法访问外网,外网也无法访问虚拟机。
# VBoxManage hostonlyif create
Interface ‘vboxnet1’ was successfully created
# 配置仅主机网络
# VBoxManage hostonlyif ipconfig vboxnet1 –ip 192.168.57.1 –netmask 255.255.255.0
# 启用DHCP服务器
# VBoxManage dhcpserver add –ifname vboxnet1 –ip 192.168.57.100 –netmask 255.255.255.0 –lowerip 192.168.57.101 –upperip 192.168.57.200
# 配置虚拟机使用仅主机网络
# VBoxManage modifyvm “RHEL10-Learning” –nic1 hostonly
# VBoxManage modifyvm “RHEL10-Learning” –hostonlyadapter1 vboxnet1
# 在虚拟机中验证网络配置
# ip addr show enp0s3
2: enp0s3:
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.57.101/24 brd 192.168.57.255 scope global dynamic enp0s3
valid_lft 86399sec preferred_lft 86399sec
inet6 fe80::a00:27ff:fe12:3456/64 scope link
valid_lft forever preferred_lft forever
# 测试与物理机的连通性
# ping -c 4 192.168.57.1
PING 192.168.57.1 (192.168.57.1) 56(84) bytes of data.
64 bytes from 192.168.57.1: icmp_seq=1 ttl=64 time=0.123 ms
64 bytes from 192.168.57.1: icmp_seq=2 ttl=64 time=0.098 ms
64 bytes from 192.168.57.1: icmp_seq=3 ttl=64 time=0.105 ms
64 bytes from 192.168.57.1: icmp_seq=4 ttl=64 time=0.110 ms
— 192.168.57.1 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.098/0.109/0.123/0.009 ms
5. 内部网络配置
内部网络模式创建一个完全隔离的网络,多个虚拟机之间可以通信,但无法访问外网,物理机也无法访问虚拟机。 更多视频教程www.fgedu.net.cn
# VBoxManage modifyvm “RHEL10-Learning” –nic1 intnet
# VBoxManage modifyvm “RHEL10-Learning” –intnet1 “internal_network”
# 为第二个虚拟机配置相同的内部网络
# VBoxManage modifyvm “RHEL10-Test” –nic1 intnet
# VBoxManage modifyvm “RHEL10-Test” –intnet1 “internal_network”
# 在第一个虚拟机中配置网络
# sudo nmcli connection modify “System eth0” ipv4.addresses 10.0.0.1/24
# sudo nmcli connection modify “System eth0” ipv4.method manual
# sudo nmcli connection up “System eth0”
# 在第二个虚拟机中配置网络
# sudo nmcli connection modify “System eth0” ipv4.addresses 10.0.0.2/24
# sudo nmcli connection modify “System eth0” ipv4.method manual
# sudo nmcli connection up “System eth0”
# 测试虚拟机之间的连通性
# 在第一个虚拟机中:
# ping -c 4 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.123 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.098 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.105 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.110 ms
— 10.0.0.2 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.098/0.109/0.123/0.009 ms
6. 端口转发配置
端口转发允许从外部访问虚拟机中的服务,即使虚拟机使用NAT模式。端口转发是NAT模式的重要功能。
# 转发SSH端口
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “ssh,tcp,,2222,,22”
# 转发HTTP端口
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “http,tcp,,8080,,80”
# 转发HTTPS端口
# VBoxManage modifyvm “RHEL10-Learning” –natpf1 “https,tcp,,8443,,443”
# 查看端口转发规则
# VBoxManage showvminfo “RHEL10-Learning” | grep -i natpf
NIC 1 Rule(0): name = ssh, protocol = tcp, host ip = , host port = 2222, guest ip = , guest port = 22
NIC 1 Rule(1): name = http, protocol = tcp, host ip = , host port = 8080, guest ip = , guest port = 80
NIC 1 Rule(2): name = https, protocol = tcp, host ip = , host port = 8443, guest ip = , guest port = 443
# 测试端口转发
# 测试SSH连接
# ssh -p 2222 user@localhost
The authenticity of host ‘[localhost]:2222 ([127.0.0.1]:2222)’ can’t be established.
ECDSA key fingerprint is SHA256:1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[localhost]:2222’ (ECDSA) to the list of known hosts.
user@localhost’s password:
Last login: Wed Apr 2 10:00:00 2026 from 10.0.2.2
[user@rhel10-learning ~]$
# 测试HTTP连接
# curl http://localhost:8080
Welcome to RHEL 10
This is a test page.
7. 网络故障排查
虚拟机网络配置可能出现各种问题,需要掌握基本的故障排查方法。
# 排查步骤:
# 1. 检查虚拟机网络模式配置
# VBoxManage showvminfo “RHEL10-Learning” | grep -i nic
NIC 1: MAC: 080027123456, Attachment: NAT, Cable connected: on
# 2. 检查网络连接状态
# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s3 ethernet disconnected —
lo loopback unmanaged —
# 3. 重启网络接口
# sudo nmcli connection up “System eth0”
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
# 问题2:虚拟机无法访问外网
# 排查步骤:
# 1. 检查网关配置
# ip route show
default via 10.0.2.2 dev enp0s3 proto dhcp metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
# 2. 检查DNS配置
# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 10.0.2.3
# 3. 测试DNS解析
# nslookup www.google.com
Server: 10.0.2.3
Address: 10.0.2.3#53
Non-authoritative answer:
Name: www.google.com
Address: 142.250.185.36
8. 网络性能优化
通过合理的网络配置和优化,可以提高虚拟机的网络性能,满足不同应用场景的需求。
# 使用VirtIO网络适配器(性能最佳)
# VBoxManage modifyvm “RHEL10-Learning” –nictype1 virtio
# 使用Intel PRO/1000 MT Server适配器(兼容性好)
# VBoxManage modifyvm “RHEL10-Learning” –nictype1 82543GC
# 2. 网络带宽限制
# 设置网络带宽限制(单位:Kbps)
# VBoxManage modifyvm “RHEL10-Learning” –nicspeed1 100000
# 3. 网络MTU优化
# 设置MTU大小(默认1500)
# 在虚拟机中执行:
# sudo ip link set dev enp0s3 mtu 9000
# 验证MTU设置
# ip link show enp0s3
2: enp0s3:
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
# 4. 网络性能测试
# 使用iperf3测试网络性能
# 在虚拟机中启动iperf3服务器:
# iperf3 -s
———————————————————–
Server listening on 5201 (default)
———————————————————–
# 在主机上测试网络性能:
# iperf3 -c 10.0.2.15
Connecting to host 10.0.2.15, port 5201
[ 5] local 10.0.2.2 port 12345 connected to 10.0.2.15 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 1.23 GBytes 10.6 Gbits/sec 0 1.08 MBytes
[ 5] 1.00-2.00 sec 1.23 GBytes 10.6 Gbits/sec 0 1.08 MBytes
[ 5] 2.00-3.00 sec 1.23 GBytes 10.6 Gbits/sec 0 1.08 MBytes
[ 5] 3.00-4.00 sec 1.23 GBytes 10.6 Gbits/sec 0 1.08 MBytes
[ 5] 4.00-5.00 sec 1.23 GBytes 10.6 Gbits/sec 0 1.08 MBytes
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 12.3 GBytes 10.6 Gbits/sec 0 sender
[ 5] 0.00-10.00 sec 12.3 GBytes 10.6 Gbits/sec receiver
iperf Done.
9. 多网卡配置
虚拟机可以配置多个网络适配器,实现更复杂的网络拓扑和隔离策略。
# 第一个网络适配器:NAT模式(访问外网)
# VBoxManage modifyvm “RHEL10-Learning” –nic1 nat
# 第二个网络适配器:桥接模式(访问内网)
# VBoxManage modifyvm “RHEL10-Learning” –nic2 bridged
# VBoxManage modifyvm “RHEL10-Learning” –bridgeadapter2 enp0s3
# 第三个网络适配器:仅主机模式(管理网络)
# VBoxManage modifyvm “RHEL10-Learning” –nic3 hostonly
# VBoxManage modifyvm “RHEL10-Learning” –hostonlyadapter3 vboxnet0
# 第四个网络适配器:内部网络(测试网络)
# VBoxManage modifyvm “RHEL10-Learning” –nic4 intnet
# VBoxManage modifyvm “RHEL10-Learning” –intnet4 “test_network”
# 查看多网卡配置
# VBoxManage showvminfo “RHEL10-Learning” | grep -i nic
NIC 1: MAC: 080027123456, Attachment: NAT, Cable connected: on
NIC 2: MAC: 080027123457, Attachment: Bridged Interface ‘enp0s3’, Cable connected: on
NIC 3: MAC: 080027123458, Attachment: Host-only Interface ‘vboxnet0’, Cable connected: on
NIC 4: MAC: 080027123459, Attachment: Internal Network ‘test_network’, Cable connected: on
NIC 5: disabled
NIC 6: disabled
NIC 7: disabled
NIC 8: disabled
# 在虚拟机中配置多个网络接口
# 查看网络接口
# ip addr show
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp0s3:
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 86399sec preferred_lft 86399sec
3: enp0s8:
link/ether 08:00:27:12:34:57 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.101/24 brd 192.168.1.255 scope global dynamic enp0s8
valid_lft 86399sec preferred_lft 86399sec
4: enp0s9:
link/ether 08:00:27:12:34:58 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.101/24 brd 192.168.56.255 scope global dynamic enp0s9
valid_lft 86399sec preferred_lft 86399sec
5: enp0s10:
link/ether 08:00:27:12:34:59 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global enp0s10
valid_lft forever preferred_lft forever
10. 生产环境最佳实践
在生产环境中使用虚拟机网络时,需要遵循最佳实践,确保网络的安全性、稳定性和可管理性。
# 启用防火墙
# sudo systemctl start firewalld
# sudo systemctl enable firewalld
# 配置防火墙规则
# sudo firewall-cmd –permanent –add-service=ssh
# sudo firewall-cmd –permanent –add-service=http
# sudo firewall-cmd –permanent –add-service=https
# sudo firewall-cmd –permanent –add-port=3306/tcp
# sudo firewall-cmd –reload
# 2. 网络监控配置
# 安装网络监控工具
# sudo dnf install -y net-snmp net-snmp-utils
# 配置SNMP
# sudo vi /etc/snmp/snmpd.conf
# 添加以下内容:
# rocommunity public
# syslocation “Data Center”
# syscontact admin@fgedu.net.cn
# 启动SNMP服务
# sudo systemctl start snmpd
# sudo systemctl enable snmpd
# 3. 网络备份配置
# 备份网络配置
# sudo nmcli connection show > /backup/network_config.txt
# sudo ip addr show > /backup/ip_addr.txt
# sudo ip route show > /backup/ip_route.txt
# 4. 网络文档记录
# 创建网络配置文档
# cat > /backup/network_config.md << 'EOF'
# 虚拟机网络配置文档
## 虚拟机信息
- 虚拟机名称:RHEL10-Learning
- 虚拟机UUID:12345678-1234-1234-1234-123456789012
## 网络适配器配置
### NIC 1 (NAT)
- MAC地址:08:00:27:12:34:56
- 网络模式:NAT
- IP地址:10.0.2.15/24
- 网关:10.0.2.2
- DNS:10.0.2.3
### NIC 2 (Bridged)
- MAC地址:08:00:27:12:34:57
- 网络模式:Bridged
- 桥接接口:enp0s3
- IP地址:192.168.1.101/24
- 网关:192.168.1.1
- DNS:8.8.8.8, 8.8.4.4
### NIC 3 (Host-only)
- MAC地址:08:00:27:12:34:58
- 网络模式:Host-only
- 仅主机网络:vboxnet0
- IP地址:192.168.56.101/24
### NIC 4 (Internal)
- MAC地址:08:00:27:12:34:59
- 网络模式:Internal
- 内部网络:test_network
- IP地址:10.0.0.1/24
## 端口转发规则
- SSH:主机2222端口 -> 虚拟机22端口
– HTTP:主机8080端口 -> 虚拟机80端口
– HTTPS:主机8443端口 -> 虚拟机443端口
## 防火墙规则
– 允许SSH服务
– 允许HTTP服务
– 允许HTTPS服务
– 允许MySQL端口(3306)
## 监控配置
– SNMP服务:启用
– SNMP社区字符串:public
– SNMP位置:Data Center
– SNMP联系人:admin@fgedu.net.cn
EOF
# 5. 网络维护脚本
# 创建网络维护脚本
# cat > /fgedu/shell/network_maintenance.sh << 'EOF'
#!/bin/bash
# 网络维护脚本
# from:www.itpux.com.qq113257174.wx:itpux-com
echo "=== Network Maintenance ==="
echo "Date: $(date)"
echo ""
# 检查网络接口状态
echo "1. Network Interface Status:"
nmcli device status
echo ""
# 检查网络连接状态
echo "2. Network Connection Status:"
nmcli connection show
echo ""
# 检查IP地址配置
echo "3. IP Address Configuration:"
ip addr show
echo ""
# 检查路由配置
echo "4. Routing Configuration:"
ip route show
echo ""
# 检查DNS配置
echo "5. DNS Configuration:"
cat /etc/resolv.conf
echo ""
# 检查网络连通性
echo "6. Network Connectivity Test:"
ping -c 4 8.8.8.8
echo ""
# 检查防火墙状态
echo "7. Firewall Status:"
sudo systemctl status firewalld
echo ""
# 检查SNMP状态
echo "8. SNMP Status:"
sudo systemctl status snmpd
echo ""
echo "=== Maintenance Complete ==="
EOF
# 添加执行权限
# chmod +x /fgedu/shell/network_maintenance.sh
# 定期执行维护
# echo "0 6 * * * /fgedu/shell/network_maintenance.sh >> /var/log/network_maintenance.log 2>&1″ >> /etc/crontab
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
联系我们
在线咨询:
微信号:itpux-com
工作日:9:30-18:30,节假日休息
