我正在使用一个CentOS 7系统,它有一个单一的物理以太网端口连接到networking。 该networking主要位于一个子网(“pipe理networking”)上,但也使用带有单独子网的标记VLAN(VLAN 137)。
当configuration为“正常”时 – 它出现并在pipe理子网上工作。
但是,我想创build一个连接到同一个物理适配器的网桥设备,但是要使用该网桥来使用该VLAN。
我无法弄清楚如何做到这一点。 我可以在普通(无标签)局域网上安装网卡,并且可以在(主)局域网或VLAN上创build网桥设备。 但我不知道如何在同一时间获得“主”networking上的主机和VLAN上的网桥。
看起来好像一个网卡一次只能分配给一个“网桥”,一个网桥可以分配给一个VLAN,或者没有VLAN。
我明显失去了一些东西。 有任何想法吗?
(PS最好这样做没有networkingpipe理器 – 我认为是必须的)。
没有使用网桥,我在虚拟服务器上做了以下testing,服务器有eth0configuration。
ip link add link eth0 name eth0.100 type vlan id 100 ip addr add 10.0.0.10/24 dev eth0.100 ip link set eth0.100 up 如果我尝试ping google.it
[root@localhost ~]# tcpdump -i any not port 22 -nne tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes 17:49:34.880834 Out 52:54:00:c5:83:ad ethertype IPv4 (0x0800), length 71: 10.0.2.15.57014 > 10.0.2.3.53: 53728+ A? google.it. (27) 17:49:34.928806 In 52:54:00:12:35:02 ethertype IPv4 (0x0800), length 87: 10.0.2.3.53 > 10.0.2.15.57014: 53728 1/0/0 A 216.58.205.99 (43) 17:49:34.929356 Out 52:54:00:c5:83:ad ethertype IPv4 (0x0800), length 100: 10.0.2.15 > 216.58.205.99: ICMP echo request, id 28643, seq 1, length 64 17:49:34.946459 In 52:54:00:12:35:02 ethertype IPv4 (0x0800), length 100: 216.58.205.99 > 10.0.2.15: ICMP echo reply, id 28643, seq 1, length 64 17:49:34.947340 Out 52:54:00:c5:83:ad ethertype IPv4 (0x0800), length 88: 10.0.2.15.35452 > 10.0.2.3.53: 7858+ PTR? 99.205.58.216.in-addr.arpa. (44) 17:49:34.997721 In 52:54:00:12:35:02 ethertype IPv4 (0x0800), length 156: 10.0.2.3.53 > 10.0.2.15.35452: 7858 2/0/0 PTR mil04s26-in-f99.1e100.net., PTR mil04s26-in-f3.1e100.net. (112)
如果尝试在vlan子网中ping主机,则可以看到vlan标记:
[root@localhost ~]# tcpdump -i any not port 22 -nne tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes 17:51:12.237624 Out 52:54:00:c5:83:ad ethertype ARP (0x0806), length 44: Request who-has 10.0.0.11 tell 10.0.0.10, length 28 17:51:12.237628 Out 52:54:00:c5:83:ad ethertype 802.1Q (0x8100), length 48: vlan 100, p 0, ethertype ARP, Request who-has 10.0.0.11 tell 10.0.0.10, length 28 17:51:13.238115 Out 52:54:00:c5:83:ad ethertype ARP (0x0806), length 44: Request who-has 10.0.0.11 tell 10.0.0.10, length 28 17:51:13.238123 Out 52:54:00:c5:83:ad ethertype 802.1Q (0x8100), length 48: vlan 100, p 0, ethertype ARP, Request who-has 10.0.0.11 tell 10.0.0.10, length 28 17:51:14.239809 Out 52:54:00:c5:83:ad ethertype ARP (0x0806), length 44: Request who-has 10.0.0.11 tell 10.0.0.10, length 28
对于我来说,可以在物理接口上configurationpipe理IP,在VLAN接口上configuration其他IPS
以下configuration需要一个网卡 – 为它创build一个VLAN接口 – 然后将网桥设备添加到原始网卡和VLAN接口
的ifcfg-BR0
BOOTPROTO="static" DEFROUTE="yes" NAME="br0" DEVICE="br0" ONBOOT="yes" DNS1="10.244.53.108" DNS2="10.245.177.15" DOMAIN="dssdhop.lab.emc.com" NM_CONTROLLED="no" TYPE="Bridge" IPADDR=10.244.141.171 PREFIX=24 GATEWAY=10.244.141.1 DNS1="10.244.53.108"
的ifcfg-br0.137
BOOTPROTO="static" DEFROUTE="yes" NAME="br0.137" DEVICE="br0.137" ONBOOT="no" DNS1="10.244.53.108" DNS2="10.245.177.15" DOMAIN="dssdhop.lab.emc.com" NM_CONTROLLED="no" TYPE="Bridge" # Enable the following 3 IF you want to assign a local address to the host on this network #IPADDR=10.244.137.54 #PREFIX=24 #GATEWAY=10.244.137.1 – Generally don't want to specify a gatway - or it'll try using this as a default route!
的ifcfg-ENO1
TYPE=Ethernet BOOTPROTO=none NAME=eno1 UUID=8378a1f0-0330-45c8-bba6-7b77190cfb08 DEVICE=eno1 ONBOOT=yes NM_CONTROLLED="no" BRIDGE="br0"
的ifcfg-eno1.137
DEVICE=eno1.137 VLAN=yes ONBOOT=no BRIDGE=br0.137 NM_CONTROLLED=NO