kvm虚拟网络
- 一、虚拟网卡
- 1、虚拟网卡驱动
- 2、添加网卡
- 3、删除网卡
- 二、虚拟网络
- 1、NAT模式
- 1.1 SNAT
- 1.2 DNAT 端口映射
- 2、桥接bridge模式
一、虚拟网卡
1、虚拟网卡驱动
2、添加网卡
[root@martin-host ~]# virsh attach-interface vm01_centos79 --type network --model virtio --source default --persistent
Interface attached successfully[root@martin-host ~]#
[root@martin-host ~]# virsh domiflist vm01_centos79
Interface Type Source Model MAC
-------------------------------------------------------
vnet0 network default virtio 52:54:00:3f:99:0c
vnet2 network default virtio 52:54:00:92:c5:6b
vnet3 network default virtio 52:54:00:01:8d:f7
3、删除网卡
[root@martin-host ~]# virsh detach-interface vm01_centos79 --type network --mac 52:54:00:92:c5:6b --persistent
Interface detached successfully[root@martin-host ~]# virsh domiflist vm01_centos79
Interface Type Source Model MAC
-------------------------------------------------------
vnet0 network default virtio 52:54:00:3f:99:0c
二、虚拟网络
虚拟网络,相当于现实生活的交换机
NAT模式
桥接模式
隔离模式
1、NAT模式
虚拟网络相当于私网、外界真实网络相当于公网
1.1 SNAT
关注:网关、路由、snat规则
1.2 DNAT 端口映射
[root@martin-host ~]# iptables -t nat -I PREROUTING -d 192.168.140.200 -p tcp --dport 80 -j DNAT --to-destination 192.168.122.101:80[root@martin-host ~]# iptables -t nat -I PREROUTING -d 192.168.140.200 -p tcp --dport 55555 -j DNAT --to-destination 192.168.122.101:22
2、桥接bridge模式
前提条件:
1、物理机的地址必须静态地址
2、物理机关闭NetworkManager服务
[root@martin-host ~]# virsh iface-bridge ens33 br1
Created bridge br1 with attached device ens33
Bridge interface br1 started
[root@martin-host ~]# ip addr show br1
20: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000link/ether 00:0c:29:9d:98:f6 brd ff:ff:ff:ff:ff:ffinet 192.168.140.200/24 brd 192.168.140.255 scope global br1valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe9d:98f6/64 scope link valid_lft forever preferred_lft forever[root@martin-host ~]# ip addr show ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UP group default qlen 1000link/ether 00:0c:29:9d:98:f6 brd ff:ff:ff:ff:ff:ff
[root@martin-host network-scripts]# cat ifcfg-br1
DEVICE="br1"
ONBOOT="yes"
TYPE="Bridge"
BOOTPROTO="none"
IPADDR="192.168.140.200"
NETMASK="255.255.255.0"
GATEWAY="192.168.140.2"
STP="on"
DELAY="0"
[root@martin-host network-scripts]# cat ifcfg-ens33
DEVICE="ens33"
ONBOOT="yes"
BRIDGE="br1"
