OVM硬件上的Proxmox主机 – 访客虚拟机无法通过名称访问Internet主机

我已经在OVM硬件上安装了一个Proxmox主机，并使用桥接设置给予访客虚拟机的Internet访问权限。 但是，由于这需要编辑客户端上的configuration文件才能正常工作，因此在实际安装过程中会出现错误，导致无法创build接口文件或缺lessresolv.conf文件。

我正试图通过在Guest安装期间添加一个基于NAT的接口来解决这个问题。 但是，我在Guest虚拟机可以通过IP访问外部服务器，但没有名称的问题。

这是主机上的networkingconfiguration：

# for Routing auto vmbr1 iface vmbr1 inet static address 192.168.0.1 netmask 255.255.255.0 #post-up /etc/pve/kvm-networking.sh bridge_ports none bridge_stp off bridge_fd 0 post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE post-down iptables -t nat -F # vmbr0: Bridging. Make sure to use only MAC adresses that were assigned to you. auto vmbr0 iface vmbr0 inet static address 192.99.36.XXX netmask 255.255.255.0 network 192.99.36.0 broadcast 192.99.36.255 gateway 192.99.36.254 bridge_ports eth0 bridge_stp off bridge_fd 0 post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr0/forwarding post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr0/proxy_arp 

我还在主机上启用了IP转发和ARP代理：

• KVM上的Exchange 2010 – CPU使用情况报告不正确
• Proxmox vps容器连接问题
• 如何将专用vCPU分配给Proxmox（KVM）上的特定虚拟机或者什么系统可以做到这一点？
• 在Proxmox 4上从OpenVZ迁移到LXC后，Debian容器无法启动
• 在Proxmox 4中将第二个磁盘映像添加到LXC容器中

 # cat /proc/sys/net/ipv4/ip_forward 1 # cat /proc/sys/net/ipv4/conf/all/proxy_arp 1 

为了让DNS工作，我给iptables添加了一些规则。 这是主机的iptables输出：

 Chain INPUT (policy ACCEPT 5344 packets, 2016K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.0/24 udp spt:53 dpts:1024:65535 state ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.0/24 tcp spt:53 dpts:1024:65535 state ESTABLISHED Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- * * 192.168.0.0/24 0.0.0.0/0 udp dpt:53 state NEW,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp dpt:53 state NEW,ESTABLISHED Chain OUTPUT (policy ACCEPT 5141 packets, 2302K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp spts:1024:65535 dpt:53 state NEW,ESTABLISHED Chain PREROUTING (policy ACCEPT 60270 packets, 7555K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 53578 packets, 11M bytes) pkts bytes target prot opt in out source destination 5 420 MASQUERADE all -- * vmbr0 192.168.0.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 53578 packets, 11M bytes) pkts bytes target prot opt in out source destination 

一旦启动Guest虚拟机，以下是Guest中ping / nslookup的输出：

这是来宾的ifconfig输出：

运行nslookup时，客户级别的tcpdump输出如下所示：

主机级别的tcpdump的输出非常类似，但是我仍然将其作为参考：

 # tcpdump -n -tttt -i vmbr1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vmbr1, link-type EN10MB (Ethernet), capture size 65535 bytes 2014-04-20 08:38:48.013775 ARP, Request who-has 192.168.0.1 tell 192.168.0.101, length 28 2014-04-20 08:38:48.013796 ARP, Reply 192.168.0.1 is-at 56:6a:38:7c:1b:0a, length 28 2014-04-20 08:38:48.013860 IP 192.168.0.101.41572 > 192.168.0.1.53: 54954+ A? google.com. (28) 2014-04-20 08:38:48.013884 IP 192.168.0.1 > 192.168.0.101: ICMP 192.168.0.1 udp port 53 unreachable, length 64 2014-04-20 08:38:53.013443 ARP, Request who-has 192.168.0.101 tell 192.168.0.1, length 28 2014-04-20 08:38:53.013594 ARP, Reply 192.168.0.101 is-at de:0a:bd:d1:82:19, length 28 2014-04-20 08:38:53.013676 IP 192.168.0.101.41572 > 192.168.0.1.53: 54954+ A? google.com. (28) 2014-04-20 08:38:53.013701 IP 192.168.0.1 > 192.168.0.101: ICMP 192.168.0.1 udp port 53 unreachable, length 64 2014-04-20 08:38:56.810432 IP 0.0.0.0 > 224.0.0.1: igmp query v2 2014-04-20 08:38:56.810433 IP6 23dc:26d9:f488:a50d:100:: > ff02::1: HBH ICMP6, multicast listener querymax resp delay: 1000 addr: ::, length 24 2014-04-20 08:38:58.013733 IP 192.168.0.101.41572 > 192.168.0.1.53: 54954+ A? google.com. (28) 2014-04-20 08:38:58.013758 IP 192.168.0.1 > 192.168.0.101: ICMP 192.168.0.1 udp port 53 unreachable, length 64 ^C 12 packets captured 12 packets received by filter 0 packets dropped by kernel 

如果有人能告诉我我做错了什么，如何解决，我真的很感激！