2. 首页 > Linux教程 > 正文

Linux教程FG216-网络配置实战案例

教程整理:风哥教程  |  更新时间:2026-01-25  |  教程分类:Linux教程  |  文档学习:9

内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。

本文档通过

风哥提示:

实际案例介绍Linux网络配置的综合应用。

Part01-案例1:多网卡绑定配置

1.1 配置网卡绑定

# 场景:服务器有两块网卡,需要配置网卡绑定实现高可用

# 查看网卡信息
$ ip link show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:ab:cd:ef brd ff:ff:ff:ff:ff:ff

# 创建绑定接口配置文件
$ sudo nmcli connection add type bond ifname bond0 mode active-backup
Connection ‘bond-bond0’ (abc123-456-def-789) successfully added.

# 添加从属接口
$ sudo nmcli connection add type bond-slave ifname eth0 master bond0
Connection ‘bond-slave-eth0’ (xyz789-abc-123-def) successfully added.

$ sudo nmcli connection add type bond-slave ifname eth1 master bond0
Connection ‘bond-slave-eth1’ (lmn456-opq-789-rst) successfully added.

# 配置IP地址
$ sudo nmcli connection modify bond-bond0 ipv4.addresses 192.168.1.100/24
$ sudo nmcli connection modify bond-bond0 ipv4.gateway 192.168.1.1
$ sudo nmcli from PG视频:www.itpux.comconnection modify bond-bond0 ipv4.dns “8.8.8.8”
$ sudo nmcli connection modify bond-bond0 ipv4.method manual

# 激活连接
$ sudo nmcli connection up bond-slave-eth0
$ sudo nmcli connection up bond-slave-eth1
$ sudo nmcli connection up bond-bond0

# 验证绑定状态
$ cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v5.14.0-284.11.1.el9_2.x86_64

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:12:34:56
Slave queue ID: 0

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:ab:cd:ef
Slave queue ID: 0

Part02-案例2:VLAN配置

2.1 配置VLAN接口

# 场景:服务器需要连接多个VLAN网络

# 创建VLAN接口
$ sudo nmcli connection add type vlan ifname eth0.100 dev eth0 id 100
Connection ‘vlan-eth0.100’ (abc123-456-def) successfully added.

$ sudo nmcli connection add type vlan ifname eth0.200 dev eth0 id 200
Connection ‘vlan-eth0.200’ (xyz789-abc-123) successfully added.

# 配置VLAN接口IP地址
$ sudo nmcli connection modify vlan-eth0.100 ipv4.addresses 192.168.100.10/24
$ sudo nmcli connection modify vlan-eth0.100 ipv4.method manual

$ sudo nmcli connection modify vlan-eth0.200 ipv4.addresses 192.168.200.更多视频教程www.fgedu.net.cn10/24
$ sudo nmcli connection modify vlan-eth0.200 ipv4.method manual

# 激活VLAN接口
$ sudo nmcli connection up vlan-eth0.100
$ sudo nmcli connection up vlan-eth0.200

# 验证VLAN配置
$ ip addr show eth0.100
4: eth0.100@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.10/24 brd 192.168.100.255 scope global noprefixroute eth0.100
valid_lft forever preferred_lft forever

$ ip addr show eth0.200
5: eth0.200@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.10/24 brd 192.168.200.255 scope global noprefixroute eth0.200
valid_lft forever preferred_lft forever

# 测试VLAN连通性
$ ping -c 3 192.168.100.1
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data.
64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.521 ms

$ ping -c 3 192.168.200.1
PING 192.168.200.1 (192.168.200.1) 56(84学习交流加群风哥QQ113257174) bytes of data.
64 bytes from 192.168.200.1: icmp_seq=1 ttl=64 time=0.489 ms

Part03-案例3:网桥配置

3.1 配置网桥接口

# 场景:配置网桥用于虚拟机网络

# 创建网桥
$ sudo nmcli connection add type bridge ifname br0
Connection ‘bridge-br0’ (abc123-456-def) successfully added.

# 添加物理接口到网桥
$ sudo nmcli connection add type bridge-slave ifname eth0 master br0
Connection ‘bridge-slave-eth0’ (xyz789-abc-123) successfully added.

# 配置网桥IP地址
$ sudo nmcli connection modify bridge-br0 ipv4.addresses 192.168.1.100/24
$ sudo nmcli connection modify bridge-br0 ipv4.gateway 192.168.1.1
$ sudo nmcli connection modify bridge-br0 ipv4.dns “8.8.8.8”
$ sudo nmcli connection modify bridge-br0 ipv4.method manual

# 激活网桥
$ sudo nmcli connection up bridge-slave-eth0
$ sudo nmcli connection up bridge-br0

# 验证网桥配置
$ ip addr show br0
6: br0: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 08:00:27:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global noprefixroute br0
valid_lft forever preferred_lft forever

$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.080027123456 no eth0

# 查看网桥MAC地址表
$ bridge fdb show br br0
08:00:27:12:34:56 dev eth0 master br0
33:33:00:00:00:01 dev eth0 master br0
01:00:5e:00:00:01 dev eth0 master br0

Part04-案例4:路由配置

4.1 配置策略路由

# 场景:服务器有多个网络接口,需要配置策略路由

# 查看当前路由表
$ ip route show
default via 192.168.1.1 dev eth0 proto static metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100

# 添加路由表
$ echo “200 custom” | sudo tee -a /etc/iproute2/rt_tables
200 custom

# 配置策略路由
$ sudo ip route add default via 192.168.2.1 table custom
$ sudo ip rule add from 192.168.2.100 table custom

# 查看策略路由
$ ip rule show
0: from all lookup local
32765: from 192.168.2.100 lookup custom
32766: from all lookup main
32767: from all lookup default

# 查看自定义路由表
$ ip route show table custom
default via 192.168.2.1 dev eth1

# 添加静态路由
$ sudo ip route add 10.0.0.0/24 via 192.168.1.254

# 验证路由
$ ip route get 10.0.0.1
10.0.0.1 via 192.168.1.254 dev eth0 src 192.168.1.100 uid 0
cache

# 持久化路由配置
$ sudo nmcli connection modify eth0 +ipv4.routes “10.0.0.0/24 192.168.1.254”
$ sudo nmcli connection up eth0

Part05-案例5:NAT配置

5.1 配置NAT网关

# 场景:配置服务器作为NAT网关

# 启用IP转发
$ sudo sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

# 持久化配置
$ echo “net.ipv4.ip_forward = 1″ | sudo tee -a /etc/sysctl.conf

# 配置防火墙NAT规则
$ sudo firewall-cmd –permanent –add-masquerade
success

$ sudo firewall-cmd –permanent –add-forward-port=port=80:proto=tcp:toport=8080:toaddr=192.168.2.100
success

$ sudo firewall-cmd –reload
success

# 查看NAT规则
$ sudo firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
forward: no
masquerade: yes
forward-ports:
port=80:proto=tcp:toport=8080:toaddr=192.168.2.100
source-ports:
icmp-blocks:
rich rules:

# 配置端口转发
$ sudo firewall-cmd –permanent –add-rich-rule=’rule family=”ipv4″ source address=”192.168.1.0/24″ forward-port port=”22″ protocol=”tcp” to-port=”2222″‘
success

$ sudo firewall-cmd –reload
success

# 测试NAT
$ curl http://192.168.1.100

Welcome to Web Server

风哥针对配置建议:
1. 根据实际需求选择合适的网络配置
2. 使用nmcli进行持久化配置
3. 配置完成后验证连通性
4. 记录配置变更便于维护
5. 定期检查网络配置状态

本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html

相关推荐

联系我们

在线咨询:点击这里给我发消息

微信号:itpux-com

工作日:9:30-18:30,节假日休息