From 026507919b5b4ca773289217c445725095ce31d5 Mon Sep 17 00:00:00 2001
From: ultraman <1394466835@qq.com>
Date: Tue, 14 May 2024 11:08:50 +0800
Subject: [PATCH] feat: update

---
 2024/05/new_nic_with_hub_switch.md | 73 ++++++++++++++++++++++++++++++
 README.md                          |  1 +
 2 files changed, 74 insertions(+)
 create mode 100644 2024/05/new_nic_with_hub_switch.md

diff --git a/2024/05/new_nic_with_hub_switch.md b/2024/05/new_nic_with_hub_switch.md
new file mode 100644
index 0000000..170de31
--- /dev/null
+++ b/2024/05/new_nic_with_hub_switch.md
@@ -0,0 +1,73 @@
+## 场景
+
+在192.168.0.53(router)机器上配置新的网段 172.100.1.0/24，并配置有一台机器172.100.1.21
+
+- 给router安装一个USB网卡
+- 用交换机连接起router的USB网卡和新主机
+
+## 操作
+
+注意：这里NIC1（eno1）和NIC2（enx503eaa9ad449）是示例名称，你应该替换为你实际的网络接口名称。
+
+### **配置NIC2**
+
+```sh
+// on route1 (192.168.0.53)
+root@router1:~# service network_manager stop
+root@router1:~# ifconfig NIC2 172.100.1.1 mtu 1500 up
+```
+
+**添加路由以供局域网访问，并启用IP转发**
+
+```sh
+// on route1 (192.168.0.53)
+root@router1:~# route add -net 172.100.1.0 netmask 255.255.255.0 dev NIC2
+root@router1:~# echo 1 > /proc/sys/net/ipv4/ip_forward
+```
+
+**在Router1上启用SNAT，以便内部局域网172.100.1.0/24可以访问互联网**
+
+```sh
+// on route1 (192.168.0.53)
+root@router1:~# iptables -P INPUT ACCEPT
+root@router1:~# iptables -P FORWARD ACCEPT
+root@router1:~# iptables -t nat -A POSTROUTING -o NIC1 -j MASQUERADE
+root@router1:~# iptables-save
+```
+
+配置完成后，路由表和iptables的状态如下：
+
+```sh
+root@router1:~# route
+	Kernel IP routing table
+	Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
+	default         192.168.0.1     0.0.0.0         UG    100    0        0 eno1
+	172.100.1.0     *               255.255.255.0   U     0      0        0 enx503eaa9ad449
+	192.168.0.0     *               255.255.255.0   U     100    0        0 eno1
+root@route1:~# iptables -t nat -L -nv
+	..........
+	Chain POSTROUTING (policy ACCEPT 3174 packets, 194K bytes)
+	196 13787 MASQUERADE  all  --  *      enx503eaa9ad449  0.0.0.0/0            0.0.0.0/0
+```
+
+### 配置HOST
+
+注意：这里eth0是示例名称，你应该替换为你实际的接口名称，例如enp0s31f6、eno2等。
+
+```sh
+// on 172.100.1.21 host
+root@k8s-h-1:~# ifconfig eth0 172.100.1.21 mtu 1500 up
+root@k8s-h-1:~# route add default gw 172.100.1.1
+```
+
+### 验证
+
+在上述设置之后，从局域网172.100.1.0/24和192.168.1.0/24，主机电脑可以ping通局域网192.168.0.0/24
+
+```sh
+  root@k8s-h-1:~# ping 192.168.0.1 
+    PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
+    64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.514 ms
+    64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.529 ms
+    ^C
+```
diff --git a/README.md b/README.md
index a4f0a70..bca670f 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,7 @@
 - [列表 - 韩立的修炼](/)
 - [Hobby Projects](/hobby_projects.md)
 - **2024-05**
+  - [如何搭建新个网段，并配有一台机器挂载](/2024/05/new_nic_with_hub_switch.md)
   - [RC-incubator-answer 论坛](/2024/05/incubator-answer.md)
   - [cilium-hive 依赖注入框架](/2024/05/cilium_hive_di.md)
 - **2024-04**