我使用在不支持 WiFi 的打印机附近设置的连接 WiFi 的计算机作为将打印机置于我的子网中的桥梁。计算机设置为 VPN 客户端,tap 端口与 eth0 桥接。 VPN 服务器也被桥接,以便 VPN 客户端位于网络内。这很好用。可通过网络访问打印机。唯一的例外是打印机无法直接与运行 VPN 服务器的计算机进行通信。 L2 流量运行良好。 VPN 服务器能够向打印机发送 arp 请求并接收响应,但服务器未收到来自打印机的 ping 回复。观察 VPN 客户端的流量,我看到了从打印机发送的 ping 回复。
从 172.16.0.1(VPN 服务器)转储
$ sudo tcpdump -i br0 host 172.16.1.213
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
22:14:50.419458 IP 172.16.0.1 > 172.16.1.213: ICMP echo request, id 5937, seq 1, length 64
22:14:50.424190 ARP, Request who-has 172.16.0.1 tell 172.16.1.213, length 46
22:14:50.424283 ARP, Reply 172.16.0.1 is-at 00:08:a1:01:8d:96 (oui Unknown), length 28
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel
从 172.16.1.212 转储(桥接 VPN 客户端)
$ sudo tcpdump -i br0 host 172.16.1.213
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
22:14:50.423435 IP 172.16.0.1 > 172.16.1.213: ICMP echo request, id 5937, seq 1, length 64
22:14:50.423719 ARP, Request who-has 172.16.0.1 tell 172.16.1.213, length 46
22:14:50.426531 ARP, Reply 172.16.0.1 is-at 00:08:a1:01:8d:96 (oui Unknown), length 28
22:14:50.426743 IP 172.16.1.213 > 172.16.0.1: ICMP echo reply, id 5937, seq 1, length 64
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
来自 172.16.0.1 的 Ping 操作
$ ping 172.16.1.213 -c1
PING 172.16.1.213 (172.16.1.213) 56(84) bytes of data.
--- 172.16.1.213 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms