一、基础环境搭建及实验目标概述
1.基础环境搭建
1.1 主机设置:
1.2 Vmnet8(nat;模拟公网网卡):192.168.200.0/24
1.3. Vmnet1(仅主机;模拟内网;vlan190):192.168.190.024
2.实验目标概述
使用nmcli命令修改主机互联网网卡ip地址为192.168.200.90/24;修改主机内网网卡为vlan190并修改ip地址为192.168.190.90/24,实现与内网网关192.168.190.1互通。
二、开干
1.查看主机网卡信息
[root@rocky9 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:0a:2e:60 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.200.137/24 brd 192.168.200.255 scope global dynamic noprefixroute ens160
valid_lft 1712sec preferred_lft 1712sec
inet6 fe80::20c:29ff:fe0a:2e60/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:0a:2e:6a brd ff:ff:ff:ff:ff:ff
altname enp11s0
inet 192.168.190.131/24 brd 192.168.190.255 scope global dynamic noprefixroute ens192
valid_lft 1712sec preferred_lft 1712sec
inet6 fe80::20c:29ff:fe0a:2e6a/64 scope link noprefixroute
valid_lft forever preferred_lft forever2.修改互联网网卡ens160为静态地址,配置静态地址为192.168.200.90/24,网关192.168.200.2,DNS192.168.200.2
[root@rocky9 ~]# nmcli connection modify ens160 ipv4.method manual ipv4.addresses 192.168.200.90/24 ipv4.gateway 192.168.200.2 ipv4.dns 192.168.200.2
[root@rocky9 ~]# nmcli connection down ens160 && nmcli connection up ens160
成功停用连接 "ens160"(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/2)
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@rocky9 ~]# ip a show ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:0a:2e:60 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.200.90/24 brd 192.168.200.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe0a:2e60/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@rocky9 ~]# ping -c 4 jd.com
PING jd.com (211.144.24.218) 56(84) 比特的数据。
64 比特,来自 211.144.24.218 (211.144.24.218): icmp_seq=1 ttl=128 时间=32.7 毫秒
64 比特,来自 211.144.24.218 (211.144.24.218): icmp_seq=2 ttl=128 时间=48.5 毫秒
64 比特,来自 211.144.24.218 (211.144.24.218): icmp_seq=3 ttl=128 时间=31.4 毫秒
64 比特,来自 211.144.24.218 (211.144.24.218): icmp_seq=4 ttl=128 时间=21.6 毫秒
--- jd.com ping 统计 ---
已发送 4 个包, 已接收 4 个包, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 21.649/33.549/48.491/9.621 ms
[root@rocky9 ~]# cat /etc/NetworkManager/system-connections/ens160.nmconnection #查看ens160配置文件信息
[connection]
id=ens160
uuid=1911e1f8-d2c7-3115-88c1-0144ffe51b6f
type=ethernet
autoconnect-priority=-999
interface-name=ens160
timestamp=1725928517
[ethernet]
[ipv4]
address1=192.168.200.90/24,192.168.200.2
dns=192.168.200.2;
method=manual
[ipv6]
addr-gen-mode=eui64
method=auto
[proxy]
[root@rocky9 ~]#3.添加vlan190接口,设置vlan190父接口为内网网卡ens192,设置vlan190静态地址为192.168.190.90/24
[root@rocky9 ~]# nmcli connection modify ens192 ipv4.method disabled ipv6.method disabled # 禁用IPv4和IPv6的自动配置
[root@rocky9 ~]# nmcli connection down ens192 && nmcli connection up ens192
成功停用连接 "ens192"(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/6)
[root@rocky9 ~]# ip a show ens192
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:0a:2e:6a brd ff:ff:ff:ff:ff:ff
altname enp11s0
[root@rocky9 ~]# nmcli connection add type vlan con-name vlan190 ifname vlan190 vlan.parent ens192 vlan.id 190
连接 "vlan190" (5be33ee0-b8c1-4ddf-bd4d-42e0e9038d2d) 已成功添加。
[root@rocky9 ~]# nmcli connection modify vlan190 ipv4.addresses "192.168.190.90/24"
[root@rocky9 ~]# nmcli connection reload vlan190
[root@rocky9 ~]# ip a show vlan190
11: vlan190@ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:0a:2e:6a brd ff:ff:ff:ff:ff:ff
inet 192.168.190.90/24 brd 192.168.190.255 scope global noprefixroute vlan190
valid_lft forever preferred_lft forever
inet6 fe80::8284:85a1:86af:bce4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@rocky9 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.200.2 0.0.0.0 UG 102 0 0 ens160
192.168.190.0 0.0.0.0 255.255.255.0 U 400 0 0 vlan190
192.168.200.0 0.0.0.0 255.255.255.0 U 102 0 0 ens160
[root@rocky9 ~]# ping -c 4 192.168.190.1
PING 192.168.190.1 (192.168.190.1) 56(84) 比特的数据。
64 比特,来自 192.168.190.1: icmp_seq=1 ttl=128 时间=0.446 毫秒
64 比特,来自 192.168.190.1: icmp_seq=2 ttl=128 时间=0.244 毫秒
64 比特,来自 192.168.190.1: icmp_seq=3 ttl=128 时间=0.254 毫秒
64 比特,来自 192.168.190.1: icmp_seq=4 ttl=128 时间=0.323 毫秒
--- 192.168.190.1 ping 统计 ---
已发送 4 个包, 已接收 4 个包, 0% packet loss, time 3090ms
rtt min/avg/max/mdev = 0.244/0.316/0.446/0.080 ms
[root@rocky9 ~]# cat /etc/NetworkManager/system-connections/ens192.nmconnection
[connection]
id=ens192
uuid=5519a483-f510-3824-9a75-3d3abd81792c
type=ethernet
autoconnect-priority=-999
interface-name=ens192
timestamp=1725928517
[ethernet]
[ipv4]
method=disabled
[ipv6]
addr-gen-mode=eui64
method=disabled
[proxy]
[root@rocky9 ~]# cat /etc/NetworkManager/system-connections/vlan190.nmconnection
[connection]
id=vlan190
uuid=5be33ee0-b8c1-4ddf-bd4d-42e0e9038d2d
type=vlan
interface-name=vlan190
[ethernet]
[vlan]
flags=1
id=190
parent=ens192
[ipv4]
address1=192.168.190.90/24
method=auto
[ipv6]
addr-gen-mode=default
method=auto
[proxy]
[root@rocky9 ~]#三、其他参考资料
网络配置 - Documentation (rockylinux.org)
43.2. 使用 nmcli 永久配置网络设备,以接受所有流量 | Red Hat Product Documentation
