Private Networks(私有网络)

1、什么是私有网络

就是不能路由到公网,通过私有网络获取的IP地址,不能上网,只能在这个私有网络中的机器可以互相通信

2、应用场景

1)当我们搭建一个集群架构(反向代理)的时候,我们需要隐藏后面的web服务器,那么此时就可以让这个web服务器获取一个私有网络的IP

2)让一些服务,不让其监听到公网,只监听到内网IP,避免一些攻击

3、私有网段包含哪些 (这里的表示可以设置1-255中的任意值)

  1. A类地址: 10.../8 (10.../255.0.0.0)
  2. B类地址: 172.16../16-----172.32../16 (172.16../255.255.0.0---172.31../255.255.0.0)
  3. C类地址:192.168..*/255.255.255.0

(注意:配置vagrant里面的虚拟机的私有网段的时候,切记不能和企业(公司)内部的DHCP分配的IP地址在同一网段,否则会发生冲突

4、配置

1)通过dhcp获取

案例:

  1. [root@vagrant ubuntu]# vagrant suspend
  2. ==> default: Saving VM state and suspending execution...
  3. [root@vagrant ubuntu]# vim Vagrantfile

添加如下

  1. config.vm.network "private_network", type: "dhcp"

重新reload

  1. [root@vagrant ubuntu]# vagrant reload

查看:

  1. [root@vagrant ubuntu]# vagrant ssh
  2. Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-112-generic x86_64)
  4. Documentation: https://help.ubuntu.com
  5. Management: https://landscape.canonical.com
  6. Support: https://ubuntu.com/advantage
  7. Get cloud support with Ubuntu Advantage Cloud Guest:
  8. http://www.ubuntu.com/business/services/cloud
  10. 0 packages can be updated.
  11. 0 updates are security updates.
  13. Last login: Tue Jan 30 08:08:03 2018 from 10.0.2.2
  14. vagrant@ubuntu-xenial:~$ ifconfig
  15. enp0s3 Link encap:Ethernet HWaddr 02:1f:2a:60:99:e3
  16. inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
  17. inet6 addr: fe80::1f:2aff:fe60:99e3/64 Scope:Link
  18. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  19. RX packets:688 errors:0 dropped:0 overruns:0 frame:0
  20. TX packets:414 errors:0 dropped:0 overruns:0 carrier:0
  21. collisions:0 txqueuelen:1000
  22. RX bytes:262440 (262.4 KB) TX bytes:54424 (54.4 KB)
  24. enp0s8 Link encap:Ethernet HWaddr 08:00:27:db:ae:a8
  25. inet addr:172.28.128.3 Bcast:172.28.128.255 Mask:255.255.255.0
  26. inet6 addr: fe80::a00:27ff:fedb:aea8/64 Scope:Link
  27. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  28. RX packets:2 errors:0 dropped:0 overruns:0 frame:0
  29. TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
  30. collisions:0 txqueuelen:1000
  31. RX bytes:1180 (1.1 KB) TX bytes:1332 (1.3 KB)
  32. (这里的172.28.128.3就是私有网络的地址)
  33. lo Link encap:Local Loopback
  34. inet addr:127.0.0.1 Mask:255.0.0.0
  35. inet6 addr: ::1/128 Scope:Host
  36. UP LOOPBACK RUNNING MTU:65536 Metric:1
  37. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  38. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  39. collisions:0 txqueuelen:1
  40. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

(由于通过动态DHCP分配,IP地址我们没法预计,因此一般通过配置static IP地址 )

2)Static IP

(虚拟机A)

  1. [root@vagrant ubuntu]# vim Vagrantfile
  2. config.vm.network "private_network", ip: "192.168.50.10"

(虚拟机B)

  1. [root@vagrant ubuntu16.04_xionghaihua]# vim Vagrantfile
  2. config.vm.network "private_network", ip: "192.168.55.20"

然后分别启动虚拟机A,虚拟机B

虚拟机A的如下:

  1. [root@vagrant ubuntu]# vagrant ssh
  2. Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-112-generic x86_64)
  4. Documentation: https://help.ubuntu.com
  5. Management: https://landscape.canonical.com
  6. Support: https://ubuntu.com/advantage
  7. Get cloud support with Ubuntu Advantage Cloud Guest:
  8. http://www.ubuntu.com/business/services/cloud
  10. 0 packages can be updated.
  11. 0 updates are security updates.
  13. vagrant@ubuntu-xenial:~$ ifconfig
  14. enp0s3 Link encap:Ethernet HWaddr 02:1f:2a:60:99:e3
  15. inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
  16. inet6 addr: fe80::1f:2aff:fe60:99e3/64 Scope:Link
  17. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  18. RX packets:839 errors:0 dropped:0 overruns:0 frame:0
  19. TX packets:508 errors:0 dropped:0 overruns:0 carrier:0
  20. collisions:0 txqueuelen:1000
  21. RX bytes:283219 (283.2 KB) TX bytes:68401 (68.4 KB)
  23. enp0s8 Link encap:Ethernet HWaddr 08:00:27:63:d4:ca
  24. inet addr:192.168.50.10 Bcast:192.168.50.255 Mask:255.255.255.0
  25. inet6 addr: fe80::a00:27ff:fe63:d4ca/64 Scope:Link
  26. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  27. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  28. TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
  29. collisions:0 txqueuelen:1000
  30. RX bytes:0 (0.0 B) TX bytes:648 (648.0 B)

虚拟机B的如下

  1. [root@vagrant ubuntu16.04_xionghaihua]# vagrant ssh
  2. Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-112-generic x86_64)
  4. Documentation: https://help.ubuntu.com
  5. Management: https://landscape.canonical.com
  6. Support: https://ubuntu.com/advantage
  7. Get cloud support with Ubuntu Advantage Cloud Guest:
  8. http://www.ubuntu.com/business/services/cloud
  10. 0 packages can be updated.
  11. 0 updates are security updates.
  13. vagrant@ubuntu-xenial:~$ ifconfig
  15. enp0s8 Link encap:Ethernet HWaddr 08:00:27:5b:dd:df
  16. inet addr:192.168.50.20 Bcast:192.168.55.255 Mask:255.255.255.0
  17. inet6 addr: fe80::a00:27ff:fe5b:dddf/64 Scope:Link
  18. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  19. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  20. TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
  21. collisions:0 txqueuelen:1000
  22. RX bytes:0 (0.0 B) TX bytes:648 (648.0 B)

最后测试,虚拟机之间是否可以互通

第二节:Private Networks(私有网络) - 图1

注意:

如果你想通过手工静态指定IP地址,切记

1)不能和公司内部的DHCP分配的地址冲突

2) 可以添加auto_config: false (关闭自动配置的功能)

案例如下

  1. Vagrant.configure("2") do |config|
  2. config.vm.network "private_network", ip: "192.168.50.10",
  3. auto_config: false
  4. end