본글은 아래 사이트를 참고하여 작성되었다.
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/Virtualization_Guide/sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt.html
준비.
bridge name은 br0를 사용한다.
br0에 포함될 interface로 eth2, eth3를 사용한다.
# yum install bridge-utils << brctl 설치
1. bridge 설정
bridge 설정방법은 brctl를 이용하는방법과 ifcfg를 이용하는 방법 두가지가 있다.
1-1) brctl를 이용하는방법
# brctl addbr br0 << bridge 생성
# brctl addif br0 eth2 << br0에 eth2 추가
# brctl addif br0 eth3 << br0에 eth3 추가
# ifconfig eth2 down
# ifconfig eth3 down
# ifconfig eth2 0.0.0.0 promisc up
# ifconfig eth3 0.0.0.0 promisc up
# ifconfig br0 0.0.0.0 promisc up
1-2) ifcfg를 이용하는방법 - 실행시 자동 설정
# cd /etc/sysconfig/network-scripts << ifcfg가 있는 경로로 이동
# vi ifcfg-br0 << 파일 수정
+--ifcfg-br0----+
| DEVICE=br0 |
| ONBOOT=yes |
| TYPE=Bridge |
| PROMISC=yes |
+---------------+
# vi ifcfg-eth2 << 파일 수정
+--ifcfg-eth2---+
| DEVICE=eth1 |
| ONBOOT=yes |
| BRIDGE=br0 |
| PROMISC=yes |
+---------------+
# vi ifcfg-eth3 << 파일 수정
+--ifcfg-eth3---+
| DEVICE=eth2 |
| ONBOOT=yes |
| BRIDGE=br0 |
| PROMISC=yes |
+---------------+
# /etc/init.d/network restart << network restart
promisc mode가 제대로 안됨.. 아래 명령을 실행
# ifconfig eth2 0.0.0.0 promisc up
# ifconfig eth3 0.0.0.0 promisc up
# ifconfig br0 0.0.0.0 promisc up
1-1) 혹은 1-2) 설정을 한후 ifconfig를 한결과
# ifconfig
br0 Link encap:Ethernet HWaddr 00:26:B9:47:43:47
inet6 addr: fe80::226:b9ff:fe47:4347/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9000 Metric:1
RX packets:121354 errors:0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:160850600 (153.3 MiB) TX bytes:4912 (4.7 KiB)
eth0 Link encap:Ethernet HWaddr 00:26:B9:47:43:45
inet addr:192.168.10.199 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::226:b9ff:fe47:4345/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5404 errors:0 dropped:0 overruns:0 frame:0
TX packets:759 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:421517 (411.6 KiB) TX bytes:150503 (146.9 KiB)
Interrupt:106 Memory:d6000000-d6012800
eth2 Link encap:Ethernet HWaddr 00:26:B9:47:43:47
inet6 addr: fe80::226:b9ff:fe47:4347/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9000 Metric:1
RX packets:26256 errors:0 dropped:0 overruns:0 frame:0
TX packets:210 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35736896 (34.0 MiB) TX bytes:27169 (26.5 KiB)
Interrupt:114 Memory:d8000000-d8012800
eth3 Link encap:Ethernet HWaddr 00:26:B9:47:43:49
inet6 addr: fe80::226:b9ff:fe47:4349/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9000 Metric:1
RX packets:210 errors:0 dropped:0 overruns:0 frame:0
TX packets:22708 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:27169 (26.5 KiB) TX bytes:30894808 (29.4 MiB)
Interrupt:122 Memory:da000000-da012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:7272 errors:0 dropped:0 overruns:0 frame:0
TX packets:7272 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:572211 (558.7 KiB) TX bytes:572211 (558.7 KiB)
2. iptables설정 - bridge forwarding 시키기 (iptable를 사용안하면 필요없다.)
# iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# service iptables save
# service iptables restart
# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1 << 이부분 수정
# sysctl -p /etc/sysctl.conf
3. 확인
# tcpdump -i eth2
# tcpdump -i eth3
를 하여 패킷이 정상적으로 forwarding 되는지 확인해본다.
4. 기타
그래도 안된다면 다음 명령을 실행해본다.
# service NetworkManager stop
댓글 없음:
댓글 쓰기