0x01 前言

为了能集中管控家里的网络,我抛弃使用路由器拨号的方法连接网络。其实是因为家里的极路由3存在传输性能瓶颈,全百兆的LAN口不能满足我服务器之间通讯的性能需求,以后要是能添置一台机架式的路由器再使用路由器拨号。

还要配置DHCP服务,将DHCP的网关使用iptables NAT进行转发到PPPoE,由此来让我家里的设备连接上网络。但这篇文章并不设计DHCP服务器的部分,DHCP的配置我过几天在写。

0x02 安装

安装依旧使用yum:

[root@test ~]# yum install rp-pppoe -y

完成后你会发现有以下几个pppoe软件:

pppoe
pppoe-connect
pppoe-discovery
pppoe-relay
pppoe-server
pppoe-setup
pppoe-sniff
pppoe-start
pppoe-status
pppoe-stop

0x03 配置

使用pppoe-setup进行交互式配置:

[root@test ~]# pppoe-setup

Welcome to the PPPoE client setup.  First, I will run some checks on
your system to make sure the PPPoE client is installed properly...

#这里请输入宽带账号
LOGIN NAME

Enter your Login Name (default root): [email protected]

#这里请指定与modem相连接的网卡名称,我的是eth0
INTERFACE

Enter the Ethernet interface connected to the PPPoE modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where 'X' is a number.
(default eth0): 

#是否使用空闲断开?我选择NO,默认也是NO
Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped.  If you want the link to
stay up permanently, enter 'no' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses.  You may have some problems with demand-activated links.
Enter the demand value (default no): 

#设置DNS服务器地址
DNS

Please enter the IP address of your ISP's primary DNS server.
If your ISP claims that 'the server will provide dynamic DNS addresses',
enter 'server' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.

#DNS1服务器地址,我自建有DNS缓存服务器,所以我填写的是10.1.1.1
#个人建议使用DNS服务器:114.114.114.114
Enter the DNS information here: 10.1.1.1

#DNS2服务器地址,我没有冗余的DNS服务器,也不想用公共DNS,所以我留空
#个人建议使用DNS服务器:114.114.115.115
Please enter the IP address of your ISP's secondary DNS server.
If you just press enter, I will assume there is only one DNS server.
Enter the secondary DNS server address here: 

#这里请输入宽带密码,要注意的是输入的时候并不会显示字符。按顺序输入然后回车即可
PASSWORD

Please enter your Password: 
Please re-enter your Password: 

#是否允许普通用户打开和关闭DSL连接?
#如果你担心安全问题,请设为no。仅能用root用户连接或断开
USERCTRL

Please enter 'yes' (three letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes): 

#防火墙,我的网络使用iptables控制,这里的防火墙我选择0关闭
FIREWALLING

Please choose the firewall rules to use.  Note that these rules are
very basic.  You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security.  If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself.  Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc.  If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules.  You are responsible
          for ensuring the security of your machine.  You are STRONGLY
          recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
                for a LAN
Choose a type of firewall (0-2): 0


#启动系统的时候尝试连接网络?
#我选择yes
Start this connection at boot time

Do you want to start this connection at boot time?
Please enter no or yes (default no):yes

#确认上面设置的内容
** Summary of what you entered **

Ethernet Interface: eth0
User name:          [email protected]
Activate-on-demand: No
Primary DNS:        10.1.1.1
Firewalling:        NONE
User Control:       yes

Accept these settings and adjust configuration files (y/n)? y


Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
Adjusting /etc/resolv.conf
  (But first backing it up to /etc/resolv.conf.bak)
Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
  (But first backing it up to /etc/ppp/chap-secrets.bak)
  (But first backing it up to /etc/ppp/pap-secrets.bak)



Congratulations, it should be all set up!

Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'
to bring it down.
Type '/sbin/pppoe-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
to see the link status.

0x04 启动 | 状态 | 使用

通过以下命令即可启动:

[root@test ~]# pppoe-start

通过以下命令查看状态:

[root@base ~]# pppoe-status 
pppoe-status: Link is up and running on interface ppp0
5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp 
    inet 183.12.130.9 peer 183.12.128.1/32 scope global ppp0
       valid_lft forever preferred_lft forever

成功拨号后即可上网,默认路由就是ppp0接口:

[root@base ~]# ip route 
default dev ppp0  scope link 
10.1.1.0/24 dev ens8  proto kernel  scope link  src 10.1.1.1  metric 100 
183.12.128.1 dev ppp0  proto kernel  scope link  src 183.12.130.9

如果需要让DHCP网关也能连接上网络,可以通过以下的iptables NAT实现功能需求。当然,前提是需要配置好DHCP服务:

iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o ppp0 -j MASQUERADE

我局域网使用的是10.1.1.0网段,请将上面命令中的网段替换为你网络实际的网段。

0x05 结语

其实我现在的居住地还没有百兆光纤,只有12M铜缆的网络。ADSL的性能提升还不能很好地体现,但局域网内的通讯效率却有所提高。我服务器上有4个千兆网口,关于我服务器的详情请点击下面的连接:

HP DL380 G6 内存配置

相关文章多从作者