将 Ubuntu 22.04 桌面 Ping 到虚拟机管理器 4.0.0 VM 目标主机无法访问

tag-icon tag-icon networking kvm-virtualization network-bridge
将 Ubuntu 22.04 桌面 Ping 到虚拟机管理器 4.0.0 VM 目标主机无法访问

目标:运行虚拟机管理器的主机在局域网上拥有客户虚拟机路由器。

主机 Ubuntu 22.04 桌面 192.168.1.120 ping VM 路由器 pfSense 192.168.1.1 错误:目标主机不可达。

问题可能出在 netplan 和 libvirtd 之间?

ubuntu@ubuntu:/etc/netplan$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
From 192.168.1.120 icmp_seq=1 Destination Host Unreachable

VMM 自动创建网桥 virbr0,我不知道如何忽略它并使用我创建的网桥 NIC0-br0 和 NIC1-br1。

ubuntu@ubuntu:/etc/netplan$ ip -c a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
           valid_lft forever preferred_lft forever
    2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br1 state UP group default qlen 1000
        link/ether 1c:61:b4:6d:38:4f brd ff:ff:ff:ff:ff:ff
        inet6 fe80::31ca:9227:dcb3:d09e/64 scope link noprefixroute
           valid_lft forever preferred_lft forever
    3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
        link/ether a8:a1:59:6e:1f:8b brd ff:ff:ff:ff:ff:ff
    4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
        link/ether 52:54:00:88:b4:b4 brd ff:ff:ff:ff:ff:ff
        inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
           valid_lft forever preferred_lft forever
    7: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
        link/ether fe:54:00:33:3c:4b brd ff:ff:ff:ff:ff:ff
        inet6 fe80::fc54:ff:fe33:3c4b/64 scope link
           valid_lft forever preferred_lft forever
    8: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
        link/ether fe:54:00:50:81:3f brd ff:ff:ff:ff:ff:ff
        inet6 fe80::fc54:ff:fe50:813f/64 scope link
           valid_lft forever preferred_lft forever
    9: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
        link/ether 0a:d4:78:1f:cd:41 brd ff:ff:ff:ff:ff:ff
        inet 100.76.25.213/10 brd 100.127.255.255 scope global dynamic noprefixroute br0
           valid_lft 294sec preferred_lft 294sec
        inet6 2406:2d40:4100:8fb2:19c5:376e:1317:8ae1/64 scope global temporary dynamic
           valid_lft 197sec preferred_lft 47sec
        inet6 2406:2d40:4100:8fb2:8d4:78ff:fe1f:cd41/64 scope global dynamic mngtmpaddr
           valid_lft 197sec preferred_lft 47sec
        inet6 fe80::8d4:78ff:fe1f:cd41/64 scope link
           valid_lft forever preferred_lft forever
    10: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
        link/ether d2:da:46:a2:b2:3e brd ff:ff:ff:ff:ff:ff
        inet 192.168.1.120/24 brd 192.168.1.255 scope global noprefixroute br1
           valid_lft forever preferred_lft forever
        inet6 fe80::d0da:46ff:fea2:b23e/64 scope link
           valid_lft forever preferred_lft forever

我创建的桥梁:

ubuntu@ubuntu:/etc/netplan$ bridge link
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br1 state forwarding priority 32 cost 4
3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100

NetworkManager 配置文件:

ubuntu@ubuntu:/etc/netplan$ cat 01-network-manager-all.yaml
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager
  ethernets:
    enp2s0:
      dhcp4: true
    enp3s0:
      dhcp4: true
  bridges:
    br0:
      dhcp4: true
      interfaces:
        - enp3s0
    br1:
      dhcp4: false
      addresses: [192.168.1.120/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8,8.8.8.4]
      interfaces:
        - enp2s0

路线:

ubuntu@ubuntu:/etc/netplan$ ip r
default via 100.64.0.1 dev br0 proto dhcp metric 425
default via 192.168.1.1 dev br1 proto static metric 20426
34.120.255.244 dev br0 proto dhcp scope link metric 425
100.64.0.0/10 dev br0 proto kernel scope link src 100.76.25.213 metric 425
169.254.0.0/16 dev virbr0 scope link metric 1000 linkdown
192.168.1.0/24 dev br1 proto kernel scope link src 192.168.1.120 metric 426
192.168.100.1 dev br0 proto dhcp scope link metric 425
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

不确定是否存在 iptables 问题?

ubuntu@ubuntu:/etc/netplan$ sudo iptables -n -t nat -L
[sudo] password for ubuntu:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
LIBVIRT_PRT all -- 0.0.0.0/0 0.0.0.0/0

Chain LIBVIRT_PRT (1 references)
target prot opt source destination
RETURN all -- 192.168.122.0/24 224.0.0.0/24
RETURN all -- 192.168.122.0/24 255.255.255.255
MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24

相关内容