我在 Hyper-V 主机上有一个虚拟 Ubuntu 服务器(14.04)虚拟机,它有三块网卡
- eth0 桥接到外部网络
- eth1 和 eth2 连接到一个私有虚拟交换机
目的是让虚拟机使用 eth1 和 eth2 与自身进行通信,同时流量仍通过交换机发送 - 这样就可以转发/嗅探
我相信我已经为每个接口设置了正确的设置,并且也遵循了此处的帖子 -使用一个网关设置两个 IP 地址?
当我尝试从一个接口 ping 到另一个接口时,tcpdump 显示 ARP 请求到达另一个接口,但从未得到响应:
$ ping -b -I eth1 10.0.0.6
PING 10.0.0.6 (10.0.0.6) from 10.0.0.5 eth1: 56(84) bytes of data.
From 10.0.0.5 icmp_seq=1 Destination Host Unreachable
From 10.0.0.5 icmp_seq=2 Destination Host Unreachable
From 10.0.0.5 icmp_seq=3 Destination Host Unreachable
From 10.0.0.5 icmp_seq=4 Destination Host Unreachable
From 10.0.0.5 icmp_seq=5 Destination Host Unreachable
From 10.0.0.5 icmp_seq=6 Destination Host Unreachable
^C
--- 10.0.0.6 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6018ms
pipe 4
$ tcpdump -i eth2
21:27:19.666738 ARP, Request who-has 10.0.0.6 tell 10.0.0.5, length 28
21:27:20.666636 ARP, Request who-has 10.0.0.6 tell 10.0.0.5, length 28
...
我可以 ping 虚拟交换机上的其他设备...
更奇怪的是,我可以从另一个接口通过 SSH 连接到任一接口,但其流量不会显示在 tcpdump 上。
$ ssh -i eth1[电子邮件保护]
我所尝试做的事情有可能实现吗?
一些额外的信息:
$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:15:5d:0e:f9:09
inet addr:172.16.33.225 Bcast:172.16.39.255 Mask:255.255.248.0
inet6 addr: fe80::215:5dff:fe0e:f909/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:480545 errors:0 dropped:7810 overruns:0 frame:0
TX packets:10662 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:50354580 (50.3 MB) TX bytes:1754707 (1.7 MB)
eth1 Link encap:Ethernet HWaddr 00:15:5d:0e:f9:0a
inet addr:10.0.0.5 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::215:5dff:fe0e:f90a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:107 errors:0 dropped:0 overruns:0 frame:0
TX packets:506 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9293 (9.2 KB) TX bytes:100827 (100.8 KB)
eth2 Link encap:Ethernet HWaddr 00:15:5d:0e:f9:0b
inet addr:10.0.0.6 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::215:5dff:fe0e:f90b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:347 errors:0 dropped:0 overruns:0 frame:0
TX packets:88 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:20373 (20.3 KB) TX bytes:6448 (6.4 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:5523 errors:0 dropped:0 overruns:0 frame:0
TX packets:5523 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2173284 (2.1 MB) TX bytes:2173284 (2.1 MB)
$ cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 172.16.33.225
netmask 255.255.248.0
...
auto eth1
iface eth1 inet static
address 10.0.0.5
network 10.0.0.0
netmask 255.0.0.0
broadcast 10.255.255.255
up ip route add 10.0.0.0/8 dev eth1 src 10.0.0.5 table eth1table
up ip route add default via 0.0.0.0 dev eth1 table eth1table
up ip rule add from 10.0.0.5 table eth1table
up ip route add 10.0.0.0/8 dev eth1 src 10.0.0.5
auto eth2
iface eth2 inet static
address 10.0.0.6
network 10.0.0.0
netmask 255.0.0.0
broadcast 10.255.255.255
up ip route add 10.0.0.0/8 dev eth2 src 10.0.0.6 table eth2table
up ip route add default via 0.0.0.0 dev eth2 table eth2table
up ip rule add from 10.0.0.6 table eth2table
up ip route add default via 0.0.0.0 dev eth2
up ip route add 10.0.0.0/8 dev eth2 src 10.0.0.6
任何帮助都非常感谢大家!!
答案1
不,这是不可能的:发往本地机器的数据包由本地机器处理,而不是转发。