用动态路由打通各 Virtual L2（Zerotier）网络

資深大佬 : hiplon 5

本文主要以 Zerotier 组好的各 Virtual L2 网络节点 + 动态路由 RIP 为例，最终效果就是让网关建立 Zerotier 的 Virtual L2 网络，网关下的其它网段就能相互通信。

拓扑如下：

例如如上拓扑，Zerotier 建立了 192.168.193.0/24 的互联虚拟二层，有 192.168.193.6 、192.168.193.11 、192.168.193.21 的网关下面有 172.16.0.0/23 、192.168.2.0/24 、192.168.11.0/24 三个网段，那么通过建立 rip 动态路由，让这三个网段可以互通。

网关设备默认是 OpenWRT 设备，前提是已经通过例如 VPN/Tinc/Zerotier 等方法建立了互联段。

如果还没建立的话可以参考： /t/649829

https://vnf.cc/2019/12/zerotier-sd-lan/

先建好互联的段，

下面开始做动态路由的配置

先安装 quagga-zebra 和 quagga-ripd 组件：

# opkg install quagga-zebra quagga-ripd

如果想要有操作终端界面可以安装quagga-vtysh

分别编辑 rip 路由 /etc/quagga/ripd.conf

192.168.193.6 、172.16.0.0/23

password zebra ! router rip  network 192.168.193.0/24  route 172.16.0.0/23 ! access-list vty permit 127.0.0.0/8 access-list vty deny any ! line vty  access-class vty

192.168.193.11 、192.168.2.0/24

password zebra ! router rip  network 192.168.193.0/24  route 192.168.2.0/24 ! access-list vty permit 127.0.0.0/8 access-list vty deny any ! line vty  access-class vty

192.168.193.21 、192.168.11.0/24

password zebra ! router rip  network 192.168.193.0/24  route 192.168.11.0/24 ! access-list vty permit 127.0.0.0/8 access-list vty deny any ! line vty  access-class vty

然后重启 quagga 进程 /etc/init.d/quagga restart

在有装 vtysh 的设备可以进终端看看 rip 状态

# vtysh  Hello, this is Quagga (version 1.1.1). Copyright 1996-2005 Kunihiro Ishiguro, et al.  nRouter# show ip rip status Routing Protocol is "rip"   Sending updates every 30 seconds with +/-50%, next due in 28 seconds   Timeout after 180 seconds, garbage collect after 120 seconds   Outgoing update filter list for all interface is not set   Incoming update filter list for all interface is not set   Default redistribution metric is 1   Redistributing:   Default version control: send version 2, receive any version     Interface        Send  Recv   Key-chain     ztuku6smag       2     1 2   Routing for Networks:     192.168.193.0/24   Routing Information Sources:     Gateway          BadPackets BadRoutes  Distance Last Update     192.168.193.21           0         0       120   00:00:19     192.168.193.11           0         0       120   00:00:07     192.168.193.14           0         0       120   00:00:10   Distance: (default is 120) nRouter#

在其它设备可以看看路由

# ip route | grep zebra 172.16.0.0/23 via 192.168.193.6 dev ztuku6smag proto zebra metric 20 192.168.11.0/24 via 192.168.193.21 dev ztuku6smag proto zebra metric 20 192.168.12.0/24 via 192.168.193.14 dev ztuku6smag proto zebra metric 20

这样子这三个网段就能够互通了，

比如从 172.16.1.99 可以通 192.168.11.8

[email protected]:/etc/apt# ip addr | grep inet     inet 127.0.0.1/8 scope host lo     inet6 ::1/128 scope host      inet 172.16.1.99/23 brd 172.16.1.255 scope global eth0     inet6 fe80::38a9:fcff:fe1d:b7f6/64 scope link  [email protected]:/etc/apt# ping 192.168.11.8 PING 192.168.11.8 (192.168.11.8) 56(84) bytes of data. 64 bytes from 192.168.11.8: icmp_seq=1 ttl=62 time=19.0 ms 64 bytes from 192.168.11.8: icmp_seq=2 ttl=62 time=14.6 ms 64 bytes from 192.168.11.8: icmp_seq=3 ttl=62 time=15.0 ms 64 bytes from 192.168.11.8: icmp_seq=4 ttl=62 time=16.1 ms 64 bytes from 192.168.11.8: icmp_seq=5 ttl=62 time=16.9 ms ^C --- 192.168.11.8 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4004ms rtt min/avg/max/mdev = 14.592/16.344/19.022/1.572 ms [email protected]:/etc/apt#

refer: https://vnf.cc/2020/09/zerotier-l3-rip/

大佬有話說 (10)