ADSL+RH8.0透明閘道器指南(轉)

post0發表於2007-08-10
ADSL+RH8.0透明閘道器指南(轉)[@more@]

一) 概述:

利用RH8.0實現透明閘道器

內部網路機器的IP地址將由閘道器所在機器自動分配.

(二) 硬體裝置:

ISP VDSL MODEM(乙太網口MEDEM)一個(其他ADSL也應該可以).

10M/100M自適應以太太網路卡兩個,最好找RH8.0能自動識別的網路卡.

(三) 作業系統:

RedHat8.0全部安裝。

(四) 配置者身份:

root

(五) 配置過程:

1.啟動“系統設定”中RedHat的“網際網路配置嚮導

2.選擇xDSL裝置

3.前進到DSL配置

網路卡裝置選擇與VDSL MODEM相連的網路卡;提供者名稱隨便寫;賬號和密碼用ISP給的資訊。

4.前進到完成介面

直接選擇應用,完成VDSL的設定

5.此時出現網路裝置配置工具

也可以在“開始”選單中選擇該工具

6.配置eth0

7.配置eth1

靜態IP192.168.0.1是該區域網內的閘道器,預設閘道器由ISP提供,或者從windows撥號屬性中獲得(DOS命令為: ipconfig /all ).

Linux下用ifconfig獲得, 如下P-t-P:後面的就是你ISP的閘道器.

ppp0 Link encap:Point-to-Point Protocol

inet addr:156.34.89.120 P-t-P:142.166.182.77 Mask:255.255.255.255

9.配置DHCPD使內部網路機器自動獲得IP地址.

修改/etc/dhcpd.conf, 修改後如下:

#Start of /etc/dhcpd.conf

ddns-update-style interim;

ignore client-updates;

subnet 192.168.0.0 netmask 255.255.255.0 {

# --- default gateway

option routers 192.168.0.1;

option subnet-mask 255.255.255.0;

option nis-domain "domain.org";

option domain-name "domain.org";

# --- option domain-name-servers ISPs DNS1,ISPs DNS2;

option domain-name-servers 192.168.0.1,142.177.1.2,142.177.129.11;

option time-offset -18000; # Eastern Standard Time

# --- Selects point-to-point node (default is hybrid). Dont change this unless

# -- you understand Netbios very well

# option netbios-node-type 2;

range dynamic-bootp 192.168.0.2 192.168.0.254;

default-lease-time 21600;

max-lease-time 43200;

}

#End of /etc/dhcpd.conf

不要把192.168.0.1和192.168.0.255放在動態獲取ip範圍內就可以了

正確的應該如上: range dynamic-bootp 192.168.0.2 192.168.0.254;

10.修改/etc/sysconfig/iptables(把原有的內容都刪除),修改完如下,以使VDSL和代理在開機時自動生效。

# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002

*mangle

:PREROUTING ACCEPT [3184:1818661]

:INPUT ACCEPT [3182:1818397]

:FORWARD ACCEPT [2:264]

:OUTPUT ACCEPT [2797:234072]

:POSTROUTING ACCEPT [2799:234336]

COMMIT

# Completed on Tue Oct 29 22:28:14 2002

# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002

*nat

:PREROUTING ACCEPT [73:5959]

:POSTROUTING ACCEPT [22:1320]

:OUTPUT ACCEPT [213:12855]

[212:12654] -A POSTROUTING -o ppp0 -j MASQUERADE

COMMIT

# Completed on Tue Oct 29 22:28:14 2002

# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002

*filter

:INPUT ACCEPT [20227:22971175]

:FORWARD ACCEPT [370:103827]

:OUTPUT ACCEPT [15374:1263630]

COMMIT

# Completed on Tue Oct 29 22:28:14 2002

12. 修改/etc/sysctl.conf,把net.ipv4.ip_forward設定成1,如下:

net.ipv4.ip_forward = 1

如此一來,每次你重新啟動機器或重新啟動網路服務(/etc/init.d/network restart)時就會自動啟動ip轉發功能!

13.關閉ipchain自動啟動服務,開啟iptables自動啟動服務(如果已經設定,可以忽略這步)

輸入以下命令列:

[jackey@localhost jackey]$ su

Password:

[root@localhost jackey]# cd /etc/init.d/

[root@localhost init.d]# chkconfig --del ipchains --level 2345

[root@localhost init.d]# chkconfig --add iptables --level 2345

14.重啟機器,進入系統後檢查是否正確啟動VDSL:

(1)ifconfig 看ip地址是否正確,結果如下:

[jackey@localhost jackey]$ ifconfig

eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:106296 errors:0 dropped:0 overruns:0 frame:0

TX packets:105021 errors:0 dropped:0 overruns:0 carrier:0

collisions:162 txqueuelen:100

RX bytes:109833929 (104.7 Mb) TX bytes:17211245 (16.4 Mb)

Interrupt:5 Base address:0x8000

eth1 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX

inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:9297 errors:0 dropped:0 overruns:0 frame:0

TX packets:10244 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:1254722 (1.1 Mb) TX bytes:9722244 (9.2 Mb)

Interrupt:10 Base address:0x9000

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:3466 errors:0 dropped:0 overruns:0 frame:0

TX packets:3466 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:463036 (452.1 Kb) TX bytes:463036 (452.1 Kb)

ppp0 Link encap:Point-to-Point Protocol

inet addr:156.34.89.120 P-t-P:142.166.182.77 Mask:255.255.255.255

UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1

RX packets:38629 errors:0 dropped:0 overruns:0 frame:0

TX packets:28802 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:3

RX bytes:47576177 (45.3 Mb) TX bytes:2319149 (2.2 Mb)

其中XX:XX:XX:XX:XX:XX是你網路卡的實體地址

(2)route -n 看路由是否正確,結果如下:

[jackey@localhost jackey]$ route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

142.166.182.77 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0

192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo

0.0.0.0 142.166.182.77 0.0.0.0 UG 0 0 0 ppp0

(3)iptables -t nat -L -n 看代理規則是否正確,結果如下:

[root@localhost jackey]# iptables -t nat -L -n

Chain PREROUTING (policy ACCEPT)

target prot opt source destination

Chain POSTROUTING (policy ACCEPT)

target prot opt source destination

MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

(4)cat /proc/sys/net/ipv4/ip_forward 看值是否為1,結果如下:

[jackey@localhost jackey]$ cat proc/sys/net/ipv4/ip_forward 1

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/8225414/viewspace-940746/,如需轉載,請註明出處,否則將追究法律責任。

相關文章