Router: 两个单网口OpenWrt路由器 不同网段互通
1. 结构
2. 设置
R2 OpenWrt
# vim /etc/config/network
config interface 'loopback' option device 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fdca:ce40:0b64::/48' option packet_steering '1' config device option name 'br-lan' option type 'bridge' list ports 'eth0' config interface 'lan' option device 'eth0' option proto 'static' option ipaddr '192.168.1.3' option netmask '255.255.255.0' option ip6assign '60' config interface 'wan' option proto 'static' option device 'eth0' option ipaddr '192.168.1.2' option netmask '255.255.255.0' option gateway '192.168.1.1' config route option interface 'lan' option target '192.168.2.0/24' option netmask '255.255.255.0' option gateway '192.168.1.4'
# service network restart
C1 Centos 7
# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 UUID=c8ed74a2-3629-4c5b-8d07-33bf1c45b9a4 DEVICE=ens33 ONBOOT=yes IPADDR=192.168.1.10 PREFIX=24 GATEWAY=192.168.1.3 DNS1=192.168.1.3
# systemctl restart network
测试:
$ ping 192.168.2.10 -c 4
PING 192.168.2.10 (192.168.2.10) 56(84) bytes of data. 64 bytes from 192.168.2.10: icmp_seq=1 ttl=62 time=1.46 ms 64 bytes from 192.168.2.10: icmp_seq=2 ttl=62 time=1.63 ms 64 bytes from 192.168.2.10: icmp_seq=3 ttl=62 time=3.05 ms 64 bytes from 192.168.2.10: icmp_seq=4 ttl=62 time=7.96 ms --- 192.168.2.10 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3025ms rtt min/avg/max/mdev = 1.460/3.527/7.964/2.635 ms
R3 OpenWrt
# vim /etc/config/network
config interface 'loopback' option device 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fdca:ce40:0b64::/48' option packet_steering '1' config device option name 'br-lan' option type 'bridge' list ports 'eth0' config interface 'lan' option device 'eth0' option proto 'static' option ipaddr '192.168.2.1' option netmask '255.255.255.0' option ip6assign '60' config interface 'wan' option proto 'static' option device 'eth0' option ipaddr '192.168.1.4' option netmask '255.255.255.0' option gateway '192.168.1.3' # 添加本条路由,但不添加下一条路由,C2可以Ping通Internet IP,但无法Ping通192.168.1.0/24网段 config route option interface 'wan' option target '0.0.0.0/0' option gateway '192.168.1.3' # 添加本条路由,如果不设置option table 'local',C2可以Ping通192.168.1.0/24网段,但无法Ping通Internet IP config route option interface 'wan' option target '192.168.1.0/24' option gateway '192.168.1.3' option table 'local'
# service network restart
C2 Centos 7
# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 UUID=c8ed74a2-3629-4c5b-8d07-33bf1c45b9a4 DEVICE=ens33 ONBOOT=yes IPADDR=192.168.2.10 PREFIX=24 GATEWAY=192.168.2.1 DNS1=192.168.2.1
# systemctl restart network
测试:
$ ping 23.62.46.138 -c 4
PING 23.62.46.138 (23.62.46.138) 56(84) bytes of data. 64 bytes from 23.62.46.138: icmp_seq=1 ttl=49 time=158 ms 64 bytes from 23.62.46.138: icmp_seq=2 ttl=49 time=155 ms 64 bytes from 23.62.46.138: icmp_seq=3 ttl=49 time=158 ms 64 bytes from 23.62.46.138: icmp_seq=4 ttl=49 time=160 ms --- 23.62.46.138 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3016ms rtt min/avg/max/mdev = 155.994/158.235/160.400/1.634 ms
$ traceroute 23.62.46.138
traceroute to 23.62.46.138 (23.62.46.138), 30 hops max, 60 byte packets 1 gateway (192.168.2.1) 1.637 ms 1.582 ms 1.120 ms 2 192.168.1.3 (192.168.1.3) 0.611 ms 0.537 ms 0.561 ms 3 192.168.1.1 (192.168.1.1) 2.962 ms 2.935 ms 2.848 ms 4 10.160.22.1 (10.160.22.1) 4.927 ms 4.746 ms 4.716 ms 5 125.34.174.13 (125.34.174.13) 7.339 ms 7.285 ms 7.201 ms 6 124.65.194.29 (124.65.194.29) 6.136 ms * 125.33.186.113 (125.33.186.113) 21.049 ms 7 219.158.9.202 (219.158.9.202) 11.832 ms 219.158.4.174 (219.158.4.174) 11.436 ms 11.484 ms 8 219.158.16.66 (219.158.16.66) 10.427 ms 219.158.9.217 (219.158.9.217) 10.165 ms 219.158.16.66 (219.158.16.66) 9.134 ms 9 219.158.96.42 (219.158.96.42) 197.968 ms 197.836 ms 197.604 ms 10 12.246.229.121 (12.246.229.121) 167.002 ms 166.968 ms 167.158 ms 11 * * * 12 32.130.104.175 (32.130.104.175) 168.740 ms 32.130.104.177 (32.130.104.177) 174.091 ms 32.130.104.175 (32.130.104.175) 169.296 ms 13 12.124.183.198 (12.124.183.198) 154.369 ms 178.643 ms 178.635 ms 14 ae6.r01.border.sjc01.sdn.netarch.akamai.com (23.203.158.17) 242.563 ms 242.752 ms 227.601 ms 15 * * * 16 * * * 17 a23-62-46-138.deploy.static.akamaitechnologies.com (23.62.46.138) 160.262 ms 161.174 ms 160.958 ms
$ ping 192.168.1.1 -c 4
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=62 time=2.94 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=62 time=3.64 ms 64 bytes from 192.168.1.1: icmp_seq=3 ttl=62 time=3.81 ms 64 bytes from 192.168.1.1: icmp_seq=4 ttl=62 time=2.75 ms --- 192.168.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3039ms
$ ping 192.168.1.10 -c 4
PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data. 64 bytes from 192.168.1.10: icmp_seq=2 ttl=63 time=1.79 ms 64 bytes from 192.168.1.10: icmp_seq=3 ttl=63 time=1.84 ms 64 bytes from 192.168.1.10: icmp_seq=4 ttl=63 time=1.61 ms --- 192.168.1.10 ping statistics --- 4 packets transmitted, 3 received, 25% packet loss, time 3018ms rtt min/avg/max/mdev = 1.616/1.753/1.846/0.110 ms