用ip指令(iproute2)配置vlan和路由

iproute2软件
CentOS75
[zz@CentOS75 ~]$ rpm -qf `which ip`
iproute-4.11.0-14.el7.x86_64
Ubuntu1804
zz@Ubuntu1804:~$ dpkg -S `which ip`
iproute2: /sbin/ip
添加VLAN
CentOS75

在eth0上添加一个vlan设备名叫vlan86,打86 tag
给它配置个86.86.86.1地址,之后up起来

sudo ip link add link eth0 name eth0.vlan86 type vlan id 86
sudo ip address add dev eth0.vlan86 86.86.86.1/24
sudo ip link set eth0.vlan86 up
Ubuntu1804

添加两个vlan设备,一个id 86的一个id 87的
都配置成86.86.86.2地址,其中vlan86可以通CentOS75,vlan87不能通

sudo ip link add link eth0 name eth0.vlan86 type vlan id 86
sudo ip link set eth0.vlan86 up
sudo ip address add dev eth0.vlan86 86.86.86.2/24

sudo ip link add link eth0 name eth0.vlan87 type vlan id 87
sudo ip link set eth0.vlan87 up
sudo ip address add dev eth0.vlan87 86.86.86.2/24
配置路由
Ubuntu节点上

先清除86网段所有路由,之后添加metric是50-47的路由,同时两个节点间互相ping
能看到metric小的路由会优先生效

sudo ip route flush 86.86.86.0/24
sudo ip route replace 86.86.86.0/24 metric 50 dev eth0.vlan86
sudo ip route replace 86.86.86.0/24 metric 49 dev eth0.vlan87
sudo ip route replace 86.86.86.0/24 metric 48 dev eth0.vlan86
sudo ip route replace 86.86.86.0/24 metric 47 dev eth0.vlan87

发ping包,用tcpdump加-e -n参数观察,能看到vlan标签
且标签为87,ARP没有reply

zz@Ubuntu1804:~$ sudo tcpdump -i eth0 -e -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
01:31:23.527340 c8:cb:b8:02:a9:cb > c8:cb:b8:02:d8:c8, ethertype 802.1Q (0x8100), length 46: vlan 86, p 0, ethertype IPv4, 86.86.86.2 > 86.86.86.1: ICMP echo request, id 2956, seq 1, length 8
01:31:23.527654 c8:cb:b8:02:d8:c8 > c8:cb:b8:02:a9:cb, ethertype 802.1Q (0x8100), length 60: vlan 86, p 0, ethertype IPv4, 86.86.86.1 > 86.86.86.2: ICMP echo reply, id 2956, seq 1, length 8
01:31:28.557810 c8:cb:b8:02:a9:cb > c8:cb:b8:02:d8:c8, ethertype 802.1Q (0x8100), length 46: vlan 86, p 0, ethertype ARP, Request who-has 86.86.86.1 tell 86.86.86.2, length 28
01:31:28.558112 c8:cb:b8:02:d8:c8 > c8:cb:b8:02:a9:cb, ethertype 802.1Q (0x8100), length 60: vlan 86, p 0, ethertype ARP, Reply 86.86.86.1 is-at c8:cb:b8:02:d8:c8, length 42
01:31:52.637432 c8:cb:b8:02:a9:cb > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 87, p 0, ethertype ARP, Request who-has 86.86.86.1 tell 86.86.86.2, length 28
01:31:53.645816 c8:cb:b8:02:a9:cb > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 87, p 0, ethertype ARP, Request who-has 86.86.86.1 tell 86.86.86.2, length 28
01:31:54.669800 c8:cb:b8:02:a9:cb > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 87, p 0, ethertype ARP, Request who-has 86.86.86.1 tell 86.86.86.2, length 28
拆除vlan和路由

ip 用flush和delete清除网络地址
用delete删除vlan链路

sudo ip address delete dev eth0.vlan86 86.86.86.1/24
sudo ip address flush dev eth0.vlan86
sudo ip link delete eth0.vlan86
sudo ip link delete eth0.vlan87

在man ip里面,介绍了ip指令怎么添加默认路由
另外删除arp的ip n f all也挺有用

sudo ip route add default via 192.168.1.1 dev eth0
sudo ip neigh flush all

参考:
https://blog.csdn.net/quqi99/article/details/51218884

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容