近日服务器安装CentOS8操作系统,想在这台机器安装KVM虚拟机。需要配置网桥,以方便虚拟机能够局域网中的其他机器处于同一网段相通。
Bridge(网桥)是 Linux 上用来做 TCP/IP 二层协议交换的设备,与现实的交换机功能相似。网桥设备实例可以和 Linux 上其他网络设备实例连接。当有数据到达时,网桥会根据报文中的 MAC 信息进行广播、转发、丢弃处理。
此前有写一篇文章讲述CentOS7配置桥接的,直接使用增加、修改 /etc/sysconfig/network-scripts/ifcfg-*配置文件的方式(有兴趣可通过文末链接阅读)。CentOS8中,已经默认不使用network.service管理网络了,默认采用NetworkManager.service管理,本文采用nmcli工具来配置网桥,可以让你更加方便快捷。
nmcli工具博大精深,是很好的网络管理工具~~~
在讲述配置的过程中,实时查看现象,以便更直观了解整个过程。
查看网络脚本目录,只看到以太网卡eno1的配置:
[root@server ~]# ls -al /etc/sysconfig/network-scripts/
total 8
drwxr-xr-x. 2 root root 24 Oct 6 22:27 .
drwxr-xr-x. 7 root root 4096 Oct 6 23:15 ..
-rw-r--r--. 1 root root 308 Oct 6 22:27 ifcfg-eno1
查看以太网卡配置文件ifcfg-eno1的内容:
[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
.
.
.
查看当前连接:
[root@server ~]# nmcli connection
NAME UUID TYPE DEVICE
eno1 ce6dd316-b6a9-4e58-9032-e0c1b3fcf1b0 ethernet eno1
virbr0 979aeccf-7002-4b27-853b-ca0faddf7f0d bridge virbr0
新建网桥,名字为br0:(关键步骤1)
[root@server ~]# nmcli connection add type bridge con-name br0 ifname br0 autoconnect yes
Connection 'br0' (6d7894dc-ccb0-45a6-9347-940128de7efa) successfully added.
这时这时/etc/sysconfig/network-scripts目录已经新增一个文件ifcfg-br0
查看连接:[root@server ~]# nmcli connection
NAME
UUID TYPE DEVICE
eno1 ce6dd316-b6a9-4e58-9032-e0c1b3fcf1b0 ethernet eno1
virbr0 979aeccf-7002-4b27-853b-ca0faddf7f0d bridge virbr0
br0 6d7894dc-ccb0-45a6-9347-940128de7efa bridge br0
网桥br0桥接至eno1:(关键步骤2)
[root@server ~]# nmcli connection add type bridge-slave ifname eno1 master br0
Connection 'bridge-slave-eno1' (b1788643-bdbb-4f24-adde-265462f172fc) successfully added.
这时/etc/sysconfig/network-scripts目录已经自动新增一个文件ifcfg-bridge-slave-eno1
查看连接:
[root@server ~]# nmcli connection
NAME UUID TYPE DEVICE
eno1 ce6dd316-b6a9-4e58-9032-e0c1b3fcf1b0 ethernet eno1
virbr0 7bbff2fd-12e1-4e9c-8cd6-9f0bd14ad35e bridge virbr0
br0 6d7894dc-ccb0-45a6-9347-940128de7efa bridge br0
bridge-slave-eno1 b1788643-bdbb-4f24-adde-265462f172fc ethernet --
查看网络:
[root@server ~]# ifconfig
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::548:8ed0:e2e:51cd prefixlen 64 scopeid 0x20<link>
ether 00:d8:61:12:34:61 txqueuelen 1000 (Ethernet)
RX packets 4247 bytes 1606152 (1.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1895 bytes 350509 (342.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xdf000000-df020000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 220 bytes 20176 (19.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 220 bytes 20176 (19.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:cc:69:3d txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
关闭eno1:(关键步骤3)
[root@server ~]# nmcli connection down eno1
Connection 'eno1' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
打开网桥br0:(关键步骤4)
[root@server ~]# nmcli connection up br0
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
注意:如果这个过程是远程SSH或VNC操作的,需要耐心等信息返回~
查看连接(可以看到网桥已经生效):
[root@server ~]# nmcli connection
NAME UUID TYPE DEVICE
br0 6d7894dc-ccb0-45a6-9347-940128de7efa bridge br0
bridge-slave-eno1 b1788643-bdbb-4f24-adde-265462f172fc ethernet eno1
virbr0 7e63fed2-6839-43e0-9580-636729506f8f bridge virbr0
eno1 ce6dd316-b6a9-4e58-9032-e0c1b3fcf1b0 ethernet --
查看网络:
[root@server ~]# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::d0f2:879:9ecf:f907 prefixlen 64 scopeid 0x20<link>
ether 00:d8:61:12:34:61 txqueuelen 1000 (Ethernet)
RX packets 200 bytes 74916 (73.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 72 bytes 10614 (10.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:d8:61:12:34:61 txqueuelen 1000 (Ethernet)
RX packets 4526 bytes 1697104 (1.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2026 bytes 367827 (359.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xdf000000-df020000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 256 bytes 23716 (23.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 256 bytes 23716 (23.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:cc:69:3d txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
网桥可以使用了。如不再使用网桥,可关闭,再重新打开eno1即可。