我有一个多宿主主机,eth0在172.31.254.0/24上,eth0.10在172.31.253.0/24上。 显然,eth0.10是vlan id 10的子接口。
在这台主机上,我可以成功ping通172.31.253.0/24networking上的主机,但不能始终在172.31.254.0/24networking上ping主机。 例如,请注意ping#5-#25中的丢失:
[root@pbx1 ~]# ping -I eth0 172.31.254.37 PING 172.31.254.31 (172.31.254.31) from 172.31.254.13 eth0: 56(84) bytes of data. 64 bytes from 172.31.254.37: icmp_seq=1 ttl=128 time=1.03 ms 64 bytes from 172.31.254.37: icmp_seq=2 ttl=128 time=0.247 ms 64 bytes from 172.31.254.37: icmp_seq=3 ttl=128 time=0.236 ms 64 bytes from 172.31.254.37: icmp_seq=4 ttl=128 time=4.00 ms 64 bytes from 172.31.254.37: icmp_seq=26 ttl=128 time=0.237 ms 64 bytes from 172.31.254.37: icmp_seq=27 ttl=128 time=0.299 ms 我的界面看起来正确:
[root@myhost1 ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:22:4D:B2:28:AC inet addr:172.31.254.13 Bcast:172.31.254.255 Mask:255.255.255.0 inet6 addr: fe80::222:4dff:feb2:28ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:121808 errors:0 dropped:0 overruns:0 frame:0 TX packets:120948 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16685937 (15.9 MiB) TX bytes:23059300 (21.9 MiB) Interrupt:16 Memory:d0020000-d0040000 eth0.10 Link encap:Ethernet HWaddr 00:22:4D:B2:28:AC inet addr:172.31.253.4 Bcast:172.31.253.255 Mask:255.255.255.0 inet6 addr: fe80::222:4dff:feb2:28ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2732 errors:0 dropped:0 overruns:0 frame:0 TX packets:828 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1394817 (1.3 MiB) TX bytes:417925 (408.1 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:30573 errors:0 dropped:0 overruns:0 frame:0 TX packets:30573 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2225449 (2.1 MiB) TX bytes:2225449 (2.1 MiB)
路由表看起来是正确的:
[root@myhost1 ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.31.254.0 * 255.255.255.0 U 0 0 0 eth0 172.31.253.0 * 255.255.255.0 U 0 0 0 eth0.10 link-local * 255.255.0.0 U 1002 0 0 eth0 default firewall.mydomain.com 0.0.0.0 UG 0 0 0 eth0
那么为什么我的数据包不能进入172.31.254.0/24networking的主机(或者回应)呢? 我设置/ proc / sys / net / ipv4 / conf / eth0 / rp_filter为0,但没有区别
更新:目标主机的路由表:
IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 172.31.254.1 172.31.254.37 266 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 172.31.252.0 255.255.255.0 172.31.254.2 172.31.254.37 11 172.31.253.0 255.255.255.0 172.31.254.2 172.31.254.37 11 172.31.254.0 255.255.255.0 On-link 172.31.254.37 266 172.31.254.37 255.255.255.255 On-link 172.31.254.37 266 172.31.254.255 255.255.255.255 On-link 172.31.254.37 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 172.31.254.37 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 172.31.254.37 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 172.31.252.0 255.255.255.0 172.31.254.2 1 172.31.253.0 255.255.255.0 172.31.254.2 1 0.0.0.0 0.0.0.0 172.31.254.1 Default ===========================================================================
您的networking上可能使用了两次172.31.254.13。
我也怀疑接收方的路由或ARP协议问题:
你可以在主机172.31.254.13和主机172.31.254.31上检查arp -na吗?
在每个主机上使用ip route命令完整路由表也可能有所帮助。
我需要创build一个iproute2策略,并禁用接口和子接口的rp_filter。
之后,它完美的工作。
您在同一张卡上的不同networking上有VIP。 (相同的MAC)尝试做同样的事情,但创build不同的网段的vNIC,然后设置一个默认的路由和特定的其他网卡。