https://blog.csdn.net/zhangyuxun3/article/details/123866279

想要通过centos+zerotier来给内网其他IP做level 2 bridging.

安装zerotier

1
2
3
4
5
6
7
#新建并配置zerotier源文件
vi /etc/yum.repos.d/zerotier.repo
[zerotier]
name=ZeroTier, Inc. RPM Release Repository
baseurl=http://download.zerotier.com/redhat/el/$releasever
enabled=1
gpgcheck=0
1
2
3
#更新系统源缓存
yum clean all
yum make cache
1
2
3
4
#安装zerotier-one
yum install zerotier-one
systemctl start zerotier-one
systemctl enable zerotier-one
1
2
#具体命令为zerotier-cli join 网络ID,我们这边的网络ID是e4da7455b2726e98
zerotier-cli join 6ab565387aea8699
1
2
iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE

回到zerotier看了下并没有用

开始胡搞

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# ip addr
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 9a:11:16:16:fa:19 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.190/24 brd 192.168.1.255 scope global noprefixroute ens18
       valid_lft forever preferred_lft forever
    inet6 2409:8a1e:1ada:6c10:9811:16ff:fe16:fa19/64 scope global dynamic noprefixroute 
       valid_lft 190975sec preferred_lft 104575sec
    inet6 fdd9:d542:905b:0:9811:16ff:fe16:fa19/64 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 2409:8a1e:1ada:6c10::2/128 scope global dynamic noprefixroute 
       valid_lft 190974sec preferred_lft 104574sec
    inet6 fe80::9811:16ff:fe16:fa19/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

 8: ztklhy7pxd: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether 9a:7e:65:50:3f:25 brd ff:ff:ff:ff:ff:ff
    inet 10.147.17.24/24 brd 10.147.17.255 scope global ztklhy7pxd
       valid_lft forever preferred_lft forever
    inet6 fe80::987e:65ff:fe50:3f25/64 scope link 
       valid_lft forever preferred_lft forever
1
2
3
4
5
6
7
[root@192 ~]# nmcli connection add type bridge ifname br-zt ipv4.addresses 10.147.17.24/24 ipv4.method manual
Connection 'bridge-br-zt' (3574b284-9bbf-4688-ac02-36502a08a04f) successfully added.
[root@192 ~]# nmcli connection add type tun mode tap ifname ztklhy7pxd master br-zt slave-type bridge
Connection 'bridge-slave-ztklhy7pxd' (ed4aa030-c2e9-4031-97ac-092ad4d9a1bf) successfully added.
[root@192 ~]
# nmcli connection add type bridge-slave master br-zt ifname ens18
Connection 'bridge-slave-ens18' (46b13ce8-8795-43f6-9700-fc91dbac259a) successfully added.

到这里都很顺利,但是依然不能穿穿透。

彻底断网

1
nmcli connection delete ens18

妈的,这下好了,网卡都没了,网断了。

重新安装网卡

重新在CONSOLE里进机器

1
nmcli connection delete 所有乱七八糟的网络
1
nmcli device connect ens18

终于又启动这张网卡了。

1
ip addr

看到已经被dhcp分配了IP,重新设定静态IP给ens18,参考centos8安装的那篇文章。