![dracut-initqueue[588]:RTNETLINK 答案:网络无法访问](https://linux22.com/image/107976/dracut-initqueue%5B588%5D%EF%BC%9ARTNETLINK%20%E7%AD%94%E6%A1%88%EF%BC%9A%E7%BD%91%E7%BB%9C%E6%97%A0%E6%B3%95%E8%AE%BF%E9%97%AE.png)
virt-installCentOS 7 主机需要使用一个文件来安装 CentOS 7 来宾操作系统kickstart。然后,主机和访客都需要通过ssh互联网使用单独的公共静态 IP 地址进行访问。
需要输入哪些具体命令和配置才能ssh通过静态公共 IP 地址访问来宾和主机?
我的理解是,设置包括以下步骤:
1.) 在主机上配置桥接网络,以替换默认的 NAT
2.) 在来宾上配置静态网络
但这应该如何设置呢? 我们是virbr0用如下所示的新的替换br0,还是只是修改virbr0?
请注意,此设置具有以下公共静态 IP 地址(出于安全原因,此处已隐藏/匿名):
host: 12.34.567.8aa
guest: 12.34.567.8cc
network gateway: 12.34.567.8bb
当前错误:
使用下面概述的方法,安装期间的终端输出包括与此网络连接问题相关的以下行:
[ 4.555887] 8021q: adding VLAN 0 to HW filter on device eth0
[ 4.447513] dracut-initqueue[588]: RTNETLINK answers: Network is unreachable
......................
[ 8.096306] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
第一次尝试配置主机:
主机的公共网络(运行完美)是使用以下命令设置的:
nmcli con mod eno1 ipv4.addresses 12.34.567.8aa/29
nmcli con mod eno1 ipv4.gateway 12.34.567.8bb
nmcli con mod eno1 ipv4.dns "xx.xx.xx.xx xx.xx.yy.yy"
nmcli con mod eno1 ipv4.method manual
nmcli con mod eno1 connection.autoconnect yes
然后使用以下命令设置主机的桥(尚未工作):
nmcli con add type bridge con-name br0 ifname br0 autoconnect yes
nmcli con add type ethernet con-name br0-slave-1 ifname eno1 master br0 autoconnect yes
nmcli con add type ethernet con-name br0-slave-2 ifname eth0 master br0 autoconnect yes
nmcli con modify br0 bridge.stp no
nmcli connection modify br0 ipv4.addresses 12.34.567.8aa/29 ipv4.method manual ipv4.gateway 12.34.567.8bb ipv4.dns xx.xx.xx.xx,xx.xx.yy.yy
nmcli con up br0
brctl show br0
请注意,前面的命令尝试对两者进行奴役,eth0因为eno是eth0在 GUEST 中定义的,而 是eno1在 HOST 中定义的。不清楚这些名称的可见范围是什么,所以我在这里尝试这两个名称,但没有成功。
访客是如何创建的:
以下是访客创建方式的具体信息:
HOST上的kickstart文件是:
[root@remote-host ~]# vi /tmp/vm.ks
install
lang en_US.UTF-8
keyboard us
timezone SomeContinent/SomeCity
auth --enableshadow --passalgo=sha512
services --enabled=NetworkManager,sshd
eula --agreed
reboot
network --bootproto=static --ip=12.34.567.8cc --netmask=255.255.255.248 --gateway=12.34.567.8bb --nameserver=xx.xx.xx.xx,xx.xx.yy.yy --device=eth0
bootloader --location=mbr
zerombr
clearpart --all --initlabel
part swap --asprimary --fstype="swap" --size=1024
part /boot --fstype xfs --size=200
part pv.01 --size=1 --grow
volgroup rootvg01 pv.01
logvol / --fstype xfs --name=lv01 --vgname=rootvg01 --size=1 --grow
# Root password
rootpw --iscrypted $someLongHashedPassword
repo --name="CentOS" --baseurl="http://mirror.centos.org/centos/7/os/x86_64/"
%packages
@core
%end
~
"/tmp/vm.ks" 30L, 1002C
virt-install从主机运行的命令是 :
[root@remote-host ~]# virt-install --name=public-centos7 --disk path=/home/disk_test.img,size=100 --graphics none
--vcpus=1 --memory=2048 --location /tmp/CentOS-7-x86_64-Minimal-1611.iso --network bridge=br0
--os-type=linux --os-variant=rhel7.0 --initrd-inject=/tmp/vm.ks --extra-args "ks=file:/vm.ks console=ttyS0"
主机配置信息:
在主机上,nmcli详细信息如下:
[root@remote-host ~]# nmcli con show
NAME UUID TYPE DEVICE
br0 very-long-string bridge br0
eno1 very-long-string 802-3-ethernet eno1
virbr0 very-long-string bridge virbr0
vnet0 very-long-string tun vnet0
br0-slave-1 very-long-string 802-3-ethernet --
br0-slave-2 very-long-string 802-3-ethernet --
[root@remote-host ~]# nmcli con show br0
connection.id: br0
connection.uuid: very-long-string
connection.interface-name: br0
connection.type: bridge
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.timestamp: 1490056018
connection.read-only: no
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.lldp: -1 (default)
ipv4.method: manual
ipv4.dns: xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options: (default)
ipv4.dns-priority: 0
ipv4.addresses: 12.34.567.8aa/29
ipv4.gateway: 12.34.567.8bb
ipv4.routes:
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
........skipping ipv6 stuff
bridge.stp: no
bridge.priority: 32758
bridge.forward-delay: 15
bridge.hello-time: 2
bridge.max-age: 20
bridge.ageing-time: 300
bridge.multicast-snooping: yes
GENERAL.NAME: br0
GENERAL.UUID: very-long-string
GENERAL.DEVICES: br0
GENERAL.STATE: activated
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/40
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/38
GENERAL.SPEC-OBJECT: /
GENERAL.MASTER-PATH: --
IP4.ADDRESS[1]: 12.34.567.8aa/29
IP4.GATEWAY: 12.34.567.8bb
IP4.DNS[1]: xx.xx.xx.xx
IP4.DNS[2]: xx.xx.yy.yy
.....skipping ipv6 stuff
[root@remote-host ~]# nmcli con show virbr0
connection.id: virbr0
connection.uuid: very-long-string
connection.stable-id: --
connection.interface-name: virbr0
connection.type: bridge
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.timestamp: 1490056018
connection.read-only: no
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
ipv4.method: manual
ipv4.dns-options: (default)
ipv4.dns-priority: 100
ipv4.addresses: 192.168.122.1/24 (purposely NOT obscured because this IP is private and auto-generated)
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
.............skipping ipv6 stuff
bridge.stp: yes
bridge.priority: 32xx8
bridge.forward-delay: 2
bridge.hello-time: 2
bridge.max-age: 20
bridge.ageing-time: 300
bridge.multicast-snooping: yes
GENERAL.NAME: virbr0
GENERAL.UUID: very-long-string
GENERAL.DEVICES: virbr0
GENERAL.STATE: activated
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/1
GENERAL.SPEC-OBJECT: /
IP4.ADDRESS[1]: 192.168.122.1/24 (purposely NOT obscured because this IP is private and auto-generated)
[root@remote-host ~]# nmcli con show eno1
connection.id: eno1
connection.uuid: very-long-string
connection.interface-name: eno1
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.timestamp: 1490056018
connection.read-only: no
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
802-3-ethernet.speed: 0
802-3-ethernet.auto-negotiate: yes
802-3-ethernet.mtu: auto
802-3-ethernet.wake-on-lan: 1 (default)
ipv4.method: manual
ipv4.dns: xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options: (default)
ipv4.dns-priority: 0
ipv4.addresses: 12.34.567.8aa/29
ipv4.gateway: 12.34.567.8bb
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
..........skipping ipv6 stuff
GENERAL.NAME: eno1
GENERAL.UUID: very-long-string
GENERAL.DEVICES: eno1
GENERAL.STATE: activated
GENERAL.DEFAULT: yes
GENERAL.DEFAULT6: yes
GENERAL.VPN: no
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/3
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/0
GENERAL.SPEC-OBJECT: /
IP4.ADDRESS[1]: 12.34.567.8aa/29
IP4.GATEWAY: 12.34.567.8bb
IP4.DNS[1]: xx.xx.xx.xx
IP4.DNS[2]: xx.xx.yy.yy
..........skipping ipv6 stuff
[root@remote-host ~]# nmcli con show br0-slave-1
connection.id: br0-slave-1
connection.uuid: very-long-string
connection.interface-name: eno1
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.read-only: no
connection.master: br0
connection.slave-type: bridge
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.lldp: -1 (default)
802-3-ethernet.speed: 0
802-3-ethernet.auto-negotiate: yes
802-3-ethernet.mtu: auto
802-3-ethernet.wake-on-lan: 1 (default)
bridge-port.priority: 32
bridge-port.path-cost: 100
bridge-port.hairpin-mode: no
[root@remote-host ~]# nmcli con show br0-slave-2
connection.id: br0-slave-2
connection.uuid: very-long-string
connection.interface-name: eth0
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.read-only: no
connection.master: br0
connection.slave-type: bridge
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
802-3-ethernet.speed: 0
802-3-ethernet.auto-negotiate: yes
802-3-ethernet.mtu: auto
802-3-ethernet.wake-on-lan: 1 (default)
bridge-port.priority: 32
bridge-port.path-cost: 100
bridge-port.hairpin-mode: no
GUEST 知道其静态公共 IP,但无法退出:
以下是从 GUEST 内部运行命令ping的结果。curl正如您所看到的,两个程序都在运行,但都无法离开虚拟机到达外部世界:
[root@localhost ~]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 12.34.567.8cc icmp_seq=1 Destination Host Unreachable
From 12.34.567.8cc icmp_seq=2 Destination Host Unreachable
From 12.34.567.8cc icmp_seq=3 Destination Host Unreachable
..........
--- 8.8.8.8 ping statistics ---
14 packets transmitted, 0 received, +13 errors, 100% packet loss, time 13004ms
pipe 4
[root@localhost ~]# curl ipinfo.io/ip
curl: (6) Could not resolve host: ipinfo.io; Unknown error
GUEST内部配置:
从 GUEST 内部访问,自动生成的ifcfg-eth0文件是:
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
NAME="eth0"
HWADDR="11:22:33:44:55:66"
ONBOOT=yes
NETBOOT=yes
UUID="some-very-long-complex-string"
IPV6INIT=yes
BOOTPROTO=none
IPADDR="12.34.567.8cc"
NETMASK="255.255.255.248"
GATEWAY="12.34.567.8bb"
TYPE=Ethernet
DNS1="xx.xx.xx.xx,xx.xx.yy.yy"
~
"/etc/sysconfig/network-scripts/ifcfg-eth0" 13L, 281C
以下是nmcli在 GUEST 中运行命令的结果:
[root@localhost ~]# nmcli con show
NAME UUID TYPE DEVICE
eth0 very-long-string 802-3-ethernet eth0
[root@localhost ~]# nmcli con show eth0
connection.id: eth0
connection.uuid: very-long-string
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.timestamp: 1490079856
connection.read-only: no
connection.autoconnect-slaves: -1 (default)
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
802-3-ethernet.speed: 0
802-3-ethernet.auto-negotiate: yes
802-3-ethernet.mac-address: qq:ww:ee:rr:tt:yy (not really qwerty)
802-3-ethernet.mtu: auto
802-3-ethernet.wake-on-lan: 1 (default)
ipv4.method: manual
ipv4.dns: xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options: (default)
ipv4.dns-priority: 0
ipv4.addresses: 12.34.567.8cc/29
ipv4.gateway: 12.34.567.8bb
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
.........skipping ipv6 stuff
GENERAL.NAME: eth0
GENERAL.UUID: very-long-string
GENERAL.DEVICES: eth0
GENERAL.STATE: activated
GENERAL.DEFAULT: yes
GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/0
GENERAL.SPEC-OBJECT: /
IP4.ADDRESS[1]: 12.34.567.8cc/29
IP4.GATEWAY: 12.34.567.8bb
IP4.DNS[1]: xx.xx.xx.xx
IP4.DNS[2]: xx.xx.yy.yy
......skipping ipv6 stuff
[root@localhost ~]#
@garethTheRed 的建议:
输入 @garethTheRed 的 4 个nmcli命令并重新运行virt-install命令来--network bridge=br1创建新虚拟机后,主机上的防火墙设置现在为:
[root@remote-host ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: br0 br1 eno1
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
[root@remote-host ~]#
然后,在 GUEST 上,防火墙设置为:
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
[root@localhost ~]#
同样,以下结果似乎表明 HOST 上的路由已打开:
[root@remote-host ~]# /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
[root@remote-host ~]#
而以下结果似乎表明 GUEST 上的路由已关闭:
[root@localhost ~]# /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
[root@localhost ~]#
ip addr show在 HOST 上给出以下内容:
[root@remote-host ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 12.34.567.8aa/29 brd 12.34.567.8(bb+1) scope global eno1
valid_lft forever preferred_lft forever
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
41: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 12.34.567.8aa/29 brd 12.34.567.8(bb+1) scope global br0
valid_lft forever preferred_lft forever
50: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 12.34.567.8cc/29 brd 12.34.567.8(bb+1) scope global br1
valid_lft forever preferred_lft forever
51: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UNKNOWN qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet6 ipv6:doesnt:matter:to:me/64 scope link
valid_lft forever preferred_lft forever
[root@remote-host ~]#
我注意到了,eno1并且br0有相同的 IP 地址。这是否意味着可以安全地删除 IP,eno1并且外界仍然能够通过 与机器的相同 IP 地址进行通信br0?我仍在学习这是如何工作的。
在 GUEST 上,ip addr show给出以下内容:
[root@localhost ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
inet 12.34.567.8cc/29 brd 12.34.567.8(bb+1) scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]#
尽管我更喜欢对所有内容使用nmcli和NetworkManager,但我virsh在下面包含了诊断信息,如下所示。请注意,主机只能看到默认网络。
以下所有程序均在 HOST 上运行:
[root@remote-host ~]# virsh net-list --all
Name State Autostart Persistent
----------------------------------------------------------
default active yes yes
[root@remote-host ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no
br1 8000.oneLongID... yes vnet0
virbr0 8000.secondLongID yes virbr0-nic
[root@remote-host ~]# virsh edit public-centos7
....skipping irrelevant stuff for brevity
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</controller>
<interface type='bridge'>
<mac address='qq:ww:ee:rr:tt:yy'/>
<source bridge='br1'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
.....skipping irrelevant stuff
<channel type='unix'>
<target type='virtio' name='org.qemu.guest_agent.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
....skipping irrelevant stuff
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</memballoon>
</devices>
</domain>
[root@remote-host ~]# virsh net-dumpxml default
<network>
<name>default</name>
<uuid>some-very-long-complex-string</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='aa:nn:oo:tt:hh:er'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
然后,我使用以下命令在主机上创建了第二个网络:
vi /root/test-bridge.xml
<network>
<name>test-bridge</name>
<forward mode="bridge"/>
<bridge name="br1"/>
</network>
virsh net-create /root/test-bridge.xml
创建新的后test-bridge,外界现在已经能够成功了ping 12.34.567.8cc。但GUEST依然无法得到外界的回应ping 8.8.8.8。
在 GUEST 中,我检查了路由是否已定义,结果如下:
[root@localhost ~]# ip route
default via 12.34.567.8bb dev eth0 proto static metric 100
12.34.567.8mm/29 dev eth0 proto kernel scope link src 12.34.567.8cc metric 100
12.34.567.8bb物理路由器的正确网关在哪里,12.34.567.8cc是访客的正确/预期静态公共 IP,并且12.34.567.8mm不是分配给我们的静态公共 IP 地址之一。但是,12.34.567.8mm等于12.34.567.(8aa-1),这意味着它可能是从我们的 5 个公共 IP 地址之一以编程方式派生的。
当我virsh在主机上要求显示访客的接口和IP时,virsh能够显示接口,但不能显示IP,如下所示:
[root@remote-host ~]# virsh domiflist public-centos7
Interface Type Source Model MAC
-------------------------------------------------------
vnet0 bridge br1 virtio 11:22:33:44:55:66
[root@remote-host ~]# virsh domifaddr public-centos7
Name MAC address Protocol Address
------------------------------------------------------
[root@remote-host ~]#
将firewall --disabled和添加selinux --disabled到 kickstart 文件,然后使用相同的命令重新安装virt-install并不会导致能够ping 8.8.8.8从新创建的虚拟机内部成功连接到外部世界。
我还应该尝试什么?
答案1
将网络设置添加到网桥上是正常的;不是物理接口。
从中删除 IP 详细信息eno1(首先确保您知道如何在需要时恢复它们)。
然后,尝试:
nmcli connection add type bridge autoconnect yes con-name br1 ifname br1
nmcli connection modify br1 ipv4.addresses aa.bb.cc.dd/29 ipv4.method manual
nmcli connection modify br1 ipv4.gateway aa.bb.cc.ee
nmcli connection modify br1 ipv4.dns xx.xx.xx.xx
其中aa.bb.cc.dd等是您的 IP 设置eno1。
在主机上,您需要加载br_netfilter模块:
modprobe br_netfilter
然后,/etc/sysctl.d/bridge.conf使用以下命令创建:
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
并加载设置:
sysctl -p /etc/sysctl.d/bridge.conf
最后,virt-install运行--net bridge=br1
提供访客和 IP 地址并尝试 ping 下一个主机。
请记住,您可能需要考虑防火墙并在主机上启用路由。