dhcpd服务器下不能内网访问外网

q_yangguangyouzi · #1

路由器adsl拨号上网正常（网关192.168.1.2）
一台机器A，centos系统，安装dhcpd服务，双网卡eth0,eth1,网卡eth1和路由器相连，自动获取ip（192.168.1.101)，可以连接外网，网卡eth0配置并启用dhcpd服务正常(ip 172.16.0.2)。
一台机器B,有线连接机器A的eth0接口，自动获取ip(172.16.0.1)，ping 172.16.0.2,192.168.1.101正常，ping 192.168.1.2无法ping通，无法上外网。
请教应该怎样设置？

poloshiao · #2

(ip 172.16.0.2) ---> ip（192.168.1.101)
要設定 IP forward enabled
http://askubuntu.com/questions/311053/h ... -permanent

q_yangguangyouzi · #3

net.ipv4.ip_forwar = 1 已设置
iptables -t nat -A POSTROUTING -s 172.16.0.2/16 -j SNAT --to-source 192.168.1.101
设置后还是不行，对route 和FORWARD概念很模糊，可以具体说一下吗？

poloshiao · #4

172.16.0.0/16

試試
172.16.0.0/24

--to-source

試試
-d

參見
http://manpages.ubuntu.com/manpages/tru ... les.8.html
https://help.ubuntu.com/community/IptablesHowTo

q_yangguangyouzi · #5

ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 172.16.0.1: icmp_seq=1 Destination Host Unreachable
From 172.16.0.1: icmp_seq=2 Destination Host Unreachable
From 172.16.0.1: icmp_seq=3 Destination Host Unreachable
From 172.16.0.1: icmp_seq=4 Destination Host Unreachable

poloshiao · #6

ping 192.168.1.2

sudo tracepath 192.168.1.2
看看通到哪裡

q_yangguangyouzi · #7

1: 172.16.0.1 0.117ms pmtu 1500
1: 172.16.0.1 2991.783ms !H
Resume: pmtu 1500

poloshiao · #8

1: 172.16.0.1 0.117ms pmtu 1500
1: 172.16.0.1 2991.783ms !H
Resume: pmtu 1500

表示 172.16.0.1 --> 172.16.0.2 就是不通的

一台机器B,有线连接机器A的eth0接口 ...，ping 172.16.0.2,192.168.1.101正常，

但是你說 ping 172.16.0.2 正常 ?
再確認看看

一台机器A，centos系统，安装dhcpd服务

自动获取ip(172.16.0.1)

參閱
https://help.ubuntu.com/community/isc-dhcp-server
問題
172.16.0.1
172.16.0.2
必須設定為同一個 subnet 才行

q_yangguangyouzi · #9

机器B:ping 172.16.0.2(A-eth0)是正常的
trachpath 192.168.1.2
1: 172.16.0.1 0.117ms pmtu 1500
1: 172.16.0.1 2991.783ms !H
Resume: pmtu 1500

poloshiao · #10

trachpath 192.168.1.2

sudo tracepath 192.168.1.2

q_yangguangyouzi · #11

还是上面的情况，是路由设置不当还是防火墙设置的问题呢

poloshiao · #12

一台机器A，centos系统，安装dhcpd服务，双网卡eth0,eth1, ...，网卡eth0配置并启用dhcpd服务正常(ip 172.16.0.2)。

是路由设置不当还是防火墙设置的问题呢

優先詳細檢查
https://help.ubuntu.com/community/isc-dhcp-server
dhcpd server 的設定細節是否正確

其次把机器 B
sudo ifconfig -a
sudo route -nv
複製貼上來

防火牆必要時可以關閉測試看看跟防火牆有沒有關係

q_yangguangyouzi · #13

机器A dhcpd.conf
ddns-update-style interim;
ignore client-updates;

subnet 172.16.0.0 netmask 255.255.0.0{

option routers 192.168.1.101;
option subnet-mask 255.255.0.0;
# option domain-name "good8.com";
#option domain-name-servers 192.168.1.101;
range 172.16.0.1 172.16.0.50;
default-lease-time 21600;
max-lease-time 43200;
}

机器A ifconfig
eth0 Link encap:Ethernet HWaddr 00:17:31:B8:94:18
inet addr:172.16.0.2 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fe80::217:31ff:feb8:9418/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6118 errors:0 dropped:0 overruns:0 frame:0
TX packets:7205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:758289 (740.5 KiB) TX bytes:682518 (666.5 KiB)
Interrupt:22

eth1 Link encap:Ethernet HWaddr 00:00:E8:8A:31:39
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::200:e8ff:fe8a:3139/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29765 errors:3 dropped:0 overruns:0 frame:0
TX packets:19227 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3029126 (2.8 MiB) TX bytes:2616969 (2.4 MiB)
Interrupt:23 Base address:0x8c00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1192 errors:0 dropped:0 overruns:0 frame:0
TX packets:1192 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:183450 (179.1 KiB) TX bytes:183450 (179.1 KiB)

机器B ifconfig
enp0s2f0u3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.0.1 netmask 255.255.0.0 broadcast 172.16.255.255
inet6 fe80::250:22ff:fe00:55e prefixlen 64 scopeid 0x20<link>
ether 00:50:22:00:05:5e txqueuelen 1000 (Ethernet)
RX packets 13571 bytes 1234625 (1.1 MiB)
RX errors 0 dropped 25 overruns 0 frame 0
TX packets 11375 bytes 1286097 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 2703 bytes 174550 (170.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2703 bytes 174550 (170.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
机器B route -nv
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.101 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
172.16.0.0 0.0.0.0 255.255.0.0 U 1 0 0 eth0
0.0.0.0 192.168.1.101 0.0.0.0 UG 0 0 0 eth0

poloshiao · #14

机器 B
sudo route -nv

机器 A
確認一下套件是不是 isc-dhcp-server ?

poloshiao · #15

机器B route -nv
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.101 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
172.16.0.0 0.0.0.0 255.255.0.0 U 1 0 0 eth0
0.0.0.0 192.168.1.101 0.0.0.0 UG 0 0 0 eth0

1. 你的 route 是有問題的
是机器B
是机器A
2. 你的机器B 作業系統及版本
3. 是不是 nm-applet 設定連線 ?

dhcpd服务器下不能内网访问外网

dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网

Re: dhcpd服务器下不能内网访问外网