以下configuration:
Ubuntu 10.04服务器,2个网卡:
– eth0 192.168.1.215/24,默认GW:192.168.1.250
– eth1 192.168.3.225/24
两者都连接到相同的路由器(Funkwerk Bintec R3000)。
路由器可以(通过内置的诊断)成功ping通两个IP。
当服务器中的两个NIC都在线时,从本地PC(IP为192.168.1.14/24),我只能ping eth0,而不能ping eth1。
但是:在ubuntu-box上禁用eth0时,我突然可以ping通eth1!
现在的问题是:我怎样才能让ubuntu-machine在eth0和eth1上响应ping?
非常感谢!
编辑:命令输出
IP地址显示
# ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:db:2a:22 brd ff:ff:ff:ff:ff:ff inet 192.168.1.215/24 brd 192.168.1.255 scope global eth0 inet6 fe80::20c:29ff:fedb:2a22/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:db:2a:2c brd ff:ff:ff:ff:ff:ff inet 192.168.3.226/24 brd 192.168.3.255 scope global eth1 inet6 fe80::20c:29ff:fedb:2a2c/64 scope link valid_lft forever preferred_lft forever IP链接显示
# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:db:2a:22 brd ff:ff:ff:ff:ff:ff 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:db:2a:2c brd ff:ff:ff:ff:ff:ff
路线-n
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.250 0.0.0.0 UG 100 0 0 eth0
arp -an
# arp -an ? (192.168.1.200) at 00:0c:29:2d:c6:3b [ether] on eth0 ? (192.168.1.222) at 00:0c:29:e9:a4:e5 [ether] on eth0 ? (192.168.1.250) at 00:a0:f9:02:4e:01 [ether] on eth0 ? (192.168.1.70) at 00:0c:29:a1:21:87 [ether] on eth0 ? (192.168.3.250) at 00:a0:f9:02:4e:03 [ether] on eth1 ? (192.168.3.201) at 00:0c:29:bb:56:8f [ether] on eth1 ? (192.168.1.192) at 00:0c:29:45:6f:46 [ether] on eth0 ? (192.168.1.14) at 00:26:18:87:89:cf [ether] on eth0 ? (192.168.1.105) at 00:0c:29:4c:8a:30 [ether] on eth0
您的本地PC可以ping服务器,因为它与服务器在同一个子网中。
eth0在192.168.1.0到192.168.1.255子网中
eth1在192.168.3.0到192.168.3.255子网中
您的本地PC与eth0在同一个子网中,这就是为什么您可以ping eth0而不是eth1
请使用这些设置来评估你是否被臭名昭着的linux rp_filter咬了:
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter ## I think you'll only need this echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter ## Just in case...
假设这个工作,我会跟进一个更好的长期configuration。
尝试这个…
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter
编辑/etc/sysctl.conf并设置:
net.ipv4.conf.all.rp_filter = 0
并重新加载sysctl:
sysctl -p