链路层
数据帧(Data Frame)
MAC SRC (6 Octets)
MAC DEST (6 Octets)
1 Octet = 8 bits (0 ~ 256)
ARP
Address Resolution Protocol
通过 IP 找 MAC
- 从
ARP 缓存表中找 IP 对应的 MAC
- 没有找到则发送广播 ARP Request
- 目标单播 ARP Response
- 写入缓存表
网络层
IP
ICMP
传输层
TCP
UDP
应用层
HTTP
VPN
Virtual Private Network
PPTP
PPP (Point-to-Point Protocol)
- 在两个节点间创建链接,可提供认证、传输加密、压缩的功能
- 认证
CHAP (Challenge-Handshake Authentication Protocol)
1
2
3
| # sudo vim /etc/pptpd.conf
localip 192.168.3.1
remoteip 192.168.3.100-200
|
1
2
3
| # sudo vim /etc/ppp/pptpd-options
ms-dns 1.1.1.1
ms-dns 8.8.8.8
|
1
2
3
| # sudo vi /etc/ppp/chap-secrets
# client server secret IP
username * password *
|
1
| sudo systemctl restart pptpd.service
|
1
2
3
| # sudo vim /etc/sysctl.conf
net.ipv4.ip_forward=1
# sudo sysctl -p
|
1
2
| sudo iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -p tcp --syn -s 192.168.3.0/24 -j TCPMSS --set-mss 1356
|