linux gre隧道创建实验
linux gre隧道创建文章目录linux gre隧道创建实验环境实验目的实验步骤1、在host A(10.10.10.47)上面操作2、在host B(192.168.0.118)上面操作实验结果还原实验环境实验环境两台可以相互通信的虚拟机,两个虚拟机在不通的网段。如下所示delete tunnel "gre0" failed: Operation not permitted
·
linux gre隧道创建
实验环境
两台可以相互通信的虚拟机,两个虚拟机在不通的网段。如下所示
host A:
[root@10-10-10-47 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:f6:21:28 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.47/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
host B:
[root@192-168-0-118 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:14:91:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.118/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
两台虚拟机之间可以相互通信
[root@192-168-0-118 ~]# ping 10.10.10.47
PING 10.10.10.47 (10.10.10.47) 56(84) bytes of data.
64 bytes from 10.10.10.47: icmp_seq=1 ttl=63 time=1.04 ms
64 bytes from 10.10.10.47: icmp_seq=2 ttl=63 time=0.440 ms
64 bytes from 10.10.10.47: icmp_seq=3 ttl=63 time=0.368 ms
64 bytes from 10.10.10.47: icmp_seq=4 ttl=63 time=0.561 ms
^C
--- 10.10.10.47 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 0.368/0.602/1.040/0.262 ms
实验目的
在host A和host B之间建里gre隧道,另外在机器A 上面配置 2.2.2.2, 在机器B上面配置1.1.1.1 ,然后在A上面能够ping -I 2.2.2.2 1.1.1.1 能够通。
实验步骤
1、在host A(10.10.10.47)上面操作
ip tunnel add gre-test mode gre remote 192.168.0.118 local 10.10.10.47 ttl 255
ip link set gre-test up
ip route add 1.1.1.1/32 dev gre-test
ip addr add 2.2.2.2 dev gre-test
ip link set gre-test down
操作过程入下图
[root@10-10-10-47 ~]# ip tunnel add gre-test mode gre remote 192.168.0.118 local 10.10.10.47 ttl 255
[root@10-10-10-47 ~]# ip link set gre-test up
[root@10-10-10-47 ~]# ip route add 1.1.1.1/32 dev gre-test
[root@10-10-10-47 ~]# ip addr add 2.2.2.2 dev gre-test
[root@10-10-10-47 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:f6:21:28 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.47/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
4: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
5: gre-test@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN group default qlen 1000
link/gre 10.10.10.47 peer 192.168.0.118
inet 2.2.2.2/32 scope global gre-test
valid_lft forever preferred_lft forever
[root@10-10-10-47 ~]# ip r
default via 10.10.10.1 dev eth0
1.1.1.1 dev gre-test scope link
10.10.10.0/24 dev eth0 proto kernel scope link src 10.10.10.47
2、在host B(192.168.0.118)上面操作
ip tunnel add gre-test mode gre remote 10.10.10.47 local 192.168.0.118 ttl 255
ip link set gre-test up
ip route add 2.2.2.2/32 dev gre-test
ip addr add 1.1.1.1 dev gre-test
ip link set gre-test down
[root@192-168-0-118 ~]# ip tunnel add gre-test mode gre remote 10.10.10.47 local 192.168.0.118 ttl 255
[root@192-168-0-118 ~]# ip link set gre-test up
[root@192-168-0-118 ~]# ip route add 2.2.2.2/32 dev gre-test
[root@192-168-0-118 ~]# ip addr add 1.1.1.1 dev gre-test
[root@192-168-0-118 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:14:91:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.118/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
3: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
4: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
6: gre-test@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN group default qlen 1000
link/gre 192.168.0.118 peer 10.10.10.47
inet 1.1.1.1/32 scope global gre-test
valid_lft forever preferred_lft forever
[root@192-168-0-118 ~]# ip r
default via 192.168.0.1 dev eth0
2.2.2.2 dev gre-test scope link
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.118
实验结果
[root@10-10-10-47 ~]# ping -I 2.2.2.2 1.1.1.1 -c 4
PING 1.1.1.1 (1.1.1.1) from 2.2.2.2 : 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=64 time=0.635 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=64 time=0.702 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=64 time=0.588 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=64 time=0.565 ms
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.565/0.622/0.702/0.058 ms
还原实验环境
在host A(10.10.10.47)执行
ip link set gre-test down
ip tunnel del gre-test
[root@10-10-10-47 ~]# ip link set gre-test down
[root@10-10-10-47 ~]# ip tunnel del gre-test
[root@10-10-10-47 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:f6:21:28 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.47/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
4: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
在host B(192.168.0.118)执行
ip link set gre-test down
ip tunnel del gre-test
[root@192-168-0-118 ~]# ip link set gre-test down
[root@192-168-0-118 ~]# ip tunnel del gre-test
[root@192-168-0-118 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:14:91:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.118/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
3: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
link/gre 0.0.0.0 brd 0.0.0.0
4: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
最后还有一个gre0,不能用
ip link set gre0 down
ip tunnel del gre0
上面两个命令删除,否则会报错
[root@10-10-10-47 ~]# ip link set gre0 down
[root@10-10-10-47 ~]# ip tunnel del gre0
delete tunnel “gre0” failed: Operation not permitted
需要按照下面的命令删除:
[root@192-168-0-118 ~]# lsmod|grep gre
ip_gre 22931 0
gre 13144 1 ip_gre
ip_tunnel 25163 1 ip_gre
[root@192-168-0-118 ~]# rmmod ip_gre
[root@192-168-0-118 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1454 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:14:91:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.118/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
[root@192-168-0-118 ~]#
整个实验过程比较简单,自己操作一遍才能把这些基本的命令熟悉起来。
华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。
更多推荐
0
0- 0
已为社区贡献8条内容
所有评论(0)