Configuring Kernel Parameters and Routes for ECS 3

Scenarios

ECS 3 has two NICs, eth0 and eth1. You need to configure kernel parameters and add routes for ECS 3 to allow communications between eth0 and eth1.

ECS 3 runs CentOS 8.0 64-bit. The configuration commands may vary by the OS.

Procedure

Log in to the ECS.
Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.

In this example, use VNC provided on the management console to log in to an ECS.
Disable the verification of data packet source addresses:
1. Run the following command to open the /etc/sysctl.conf file:
  vim /etc/sysctl.conf
2. Press i to enter the editing mode.
3. Add the following content to the end of the file:
```
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
```
4. Press Esc to exit and enter :wq! to save the configuration.
5. Run the following command for the configuration to take effect:
  sysctl -p
6. Run the following command to check whether verification of data packet source addresses is disabled:
  sysctl -a | grep rp_filter
  
  If the value of net.ipv4.conf.all.rp_filter and net.ipv4.conf.default.rp_filter is 0, verification of data packet source addresses is disabled.
Enable the forwarding function.
1. Run the following command to open the /etc/sysctl.conf file:
  vim /etc/sysctl.conf
2. Press i to enter the editing mode.
3. Add the following content to the end of the file:
```
net.ipv4.ip_forward = 1
```
4. Press Esc to exit and enter :wq! to save the configuration.
5. Run the following command for the configuration to take effect:
  sysctl -p
6. Run the following command to verify that the forwarding function is enabled.
  sysctl -a | grep ip_forward
  
  If the value of net.ipv4.ip_forward is 1, the forwarding function is enabled.
Add routes.
The routes are for forwarding scrubbed traffic from eth1 to VPC 1 and VPC 2.

To add routes for ECSs running CentOS 8.0 or CentOS 7.4, perform the following:
- CentOS 8.0:
  1. Run the following command to open the NIC configuration file:
    vi /etc/sysconfig/network-scripts/route-eth1
  2. Press i to enter the editing mode.
  3. Add the following content to the end of the file:
```
10.1.0.0/16 via 192.168.1.1
10.2.0.0/16 via 192.168.1.1
```
    10.1.0.0/16 is the CIDR block of VPC 1, 10.2.0.0/16 is that of VPC 2, and 192.168.1.1 is the gateway address of eth1.
  4. Press Esc to exit and enter :wq! to save the configuration.
  5. Restart ECS 3 for the routes to take effect.
  6. After the restart is complete, run the following command to verify that the routes are added successfully:
    route -n
    
    If information similar to the following is displayed, the two routes have been added.
- CentOS 7.4:
  1. Run the following command to open the NIC configuration file:
    vi /etc/sysconfig/static-routes
  2. Press i to enter the editing mode.
  3. Add the following content to the end of the file:
```
any net 10.1.0.0/16 gw 192.168.1.1
any net 10.2.0.0/16 gw 192.168.1.1
```
    10.1.0.0/16 is the CIDR block of VPC 1, 10.2.0.0/16 is that of VPC 2, and 192.168.1.1 is the gateway address of eth1.
  4. Press Esc to exit and enter :wq! to save the configuration.
  5. Run the following command to restart the network service for the configuration to take effect:
    service network restart
  6. After the restart is complete, run the following command to verify that the routes are added successfully:
    route -n
    
    If information similar to the following is displayed, the two routes have been added.