|
一) 概述: 利用RH实现透明网关 内部网络机器的IP地址将由网关所在机器自动分配 (二) 硬件设备: ISP VDSL MODEM(以太网口MEDEM)一个(其他ADSL也应该可以) M/M自适应以太网卡两个最好找RH能自动识别的网卡 (三) 操作系统: RedHat全部安装 (四) 配置者身份: root (五) 配置过程: 启动系统设置中RedHat的互联网配置向导 选择xDSL设备 前进到DSL配置 网卡设备选择与VDSL MODEM相连的网卡提供者名称随便写账号和密码用ISP给的信息 前进到完成界面 直接选择应用完成VDSL的设置 此时出现网络设备配置工具 也可以在开始菜单中选择该工具 配置eth 配置eth 静态IP是该局域网内的网关默认网关由ISP提供或者从windows拨号属性中获得(DOS命令为: ipconfig /all ) Linux下用ifconfig获得 如下PtP:后面的就是你ISP的网关 ppp Link encap:PointtoPoint Protocol inet addr: PtP: Mask: 配置DHCPD使内部网络机器自动获得IP地址 修改/etc/nf 修改后如下: #Start of /etc/nf ddnsupdatestyle interim; ignore clientupdates; subnet netmask { # default gateway option routers ; option subnetmask ; option nisdomain ; option domainname ; # option domainnameservers ISPs DNSISPs DNS; option domainnameservers ; option timeoffset ; # Eastern Standard Time # Selects pointtopoint node (default is hybrid) Dont change this unless # you understand Netbios very well # option netbiosnodetype ; range dynamicbootp ; defaultleasetime ; maxleasetime ; } #End of /etc/nf 不要把和放在动态获取ip范围内就可以了 正确的应该如上: range dynamicbootp ; 修改/etc/sysconfig/iptables(把原有的内容都删除)修改完如下以使VDSL和代理在开机时自动生效 # Generated by iptablessave va on Tue Oct :: *mangle :PREROUTING ACCEPT [:] :INPUT ACCEPT [:] :FORWARD ACCEPT [:] :OUTPUT ACCEPT [:] :POSTROUTING ACCEPT [:] COMMIT # Completed on Tue Oct :: # Generated by iptablessave va on Tue Oct :: *nat :PREROUTING ACCEPT [:] :POSTROUTING ACCEPT [:] :OUTPUT ACCEPT [:] [:] A POSTROUTING o ppp j MASQUERADE COMMIT # Completed on Tue Oct :: # Generated by iptablessave va on Tue Oct :: *filter :INPUT ACCEPT [:] :FORWARD ACCEPT [:] :OUTPUT ACCEPT [:] COMMIT # Completed on Tue Oct :: 修改/etc/nf把netipvip_forward设置成如下 netipvip_forward = 如此一来每次你重新启动机器或重新启动网络服务(/etc/initd/network restart)时就会自动启动ip转发功能! 关闭ipchain自动启动服务开启iptables自动启动服务(如果已经设定可以忽略这步) 输入以下命令行: [jackey@localhost jackey]$ su Password: [root@localhost jackey]# cd /etc/initd/ [root@localhost initd]# chkconfig del ipchains level [root@localhost initd]# chkconfig add iptables level 重启机器进入系统后检查是否正确启动VDSL ()ifconfig 看ip地址是否正确结果如下: [jackey@localhost jackey]$ ifconfig eth Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX UP BROADCAST RUNNING MULTICAST MTU: Metric: RX packets: errors: dropped: overruns: frame: TX packets: errors: dropped: overruns: carrier: collisions: txqueuelen: RX bytes: ( Mb) TX bytes: ( Mb) Interrupt: Base address:x eth Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX inet addr: Bcast: Mask: UP BROADCAST RUNNING MULTICAST MTU: Metric: RX packets: errors: dropped: overruns: frame: TX packets: errors: dropped: overruns: carrier: collisions: txqueuelen: RX bytes: ( Mb) TX bytes: ( Mb) Interrupt: Base address:x lo Link encap:Local Loopback inet addr: Mask: UP LOOPBACK RUNNING MTU: Metric: RX packets: errors: dropped: overruns: frame: TX packets: errors: dropped: overruns: carrier: collisions: txqueuelen: RX bytes: ( Kb) TX bytes: ( Kb) ppp Link encap:PointtoPoint Protocol inet addr: PtP: Mask: UP POINTOPOINT RUNNING NOARP MULTICAST MTU: Metric: RX packets: errors: dropped: overruns: frame: TX packets: errors: dropped: overruns: carrier: collisions: txqueuelen: RX bytes: ( Mb) TX bytes: ( Mb) 其中XX:XX:XX:XX:XX:XX是你网卡的物理地址 ()route n 看路由是否正确结果如下: [jackey@localhost jackey]$ route n [b]Kernel IP routing table [b]Destination Gateway Genmask Flags Metric Ref Use Iface UH ppp U eth U lo UG ppp ()iptables t nat L n 看代理规则是否正确结果如下: [root@localhost jackey]# iptables t nat L n Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all / / Chain OUTPUT (policy ACCEPT) target prot opt source destination ()cat /proc/sys/net/ipv/ip_forward 看值是否为结果如下:[/b] [jackey@localhost jackey]$ cat /proc/sys/net/ipv/ip_forward |
