我正在运行 Archlinux 机器,我想运行 VLAN。根据韓國語 维基我已经尝试配置。
我想要实现的目标:网卡enp4s0
获得 2 个 IPv4 地址192.168.0.249
,并且192.168.5.5
两者兼而有之/24
。此外,我想创建一个vlan1
位于 VLAN 中的id=1
具有 IPv4的虚拟控制器192.168.4.5/24
。
我的生产系统中有一个没有 VLAN 的运行配置。我尝试将其他部分添加到配置中,如下所示:
# In /etc/systemd/network/lan.network
[Match]
MACAddress=<MAC of the physical interface>
[Address]
Address=192.168.0.249/24
[Address]
Address=192.168.5.5/24
[Route]
Gateway=192.168.5.1
[Network]
VLAN=vlan1 # <--- This line is new
DNS=8.8.8.8
我还添加了两个文件/etc/systemd/network
:
# vlan1.netdev
[NetDev]
Name=vlan1
Kind=vlan
[VLAN]
Id=1
和
# vlan1.network
[Match]
Name=vlan1
[Network]
DHCP=no
[Address]
Address=192.168.4.5/24
systemd-networking
重新启动服务(或重新启动)时vlan1
会创建一个接口。但是,该文件vlan1.network
似乎被完全忽略了。新接口获取从 复制的 IP enp4s0
。192.168.4.0/24
网络未分配给任何适配器。因此,我无法访问这些机器中的任何一台,同时路由到错误的设备。
以下是输出ip addr
:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state UP group default qlen 1000
link/ether 40:8d:5c:4e:53:cb brd ff:ff:ff:ff:ff:ff
inet 192.168.0.249/24 brd 192.168.0.255 scope global enp4s0
valid_lft forever preferred_lft forever
inet 192.168.5.5/24 brd 192.168.5.255 scope global enp4s0
valid_lft forever preferred_lft forever
inet6 2a02:8070:c1a0:7000:428d:5cff:fe4e:53cb/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 413147sec preferred_lft 110747sec
inet6 fe80::428d:5cff:fe4e:53cb/64 scope link
valid_lft forever preferred_lft forever
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.1.22.1 peer 10.1.22.2/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::106a:de17:dd6e:3f34/64 scope link stable-privacy
valid_lft forever preferred_lft forever
5: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.1.21.1 peer 10.1.21.2/32 scope global tun1
valid_lft forever preferred_lft forever
inet6 fe80::7d1b:3f04:e82c:6a60/64 scope link stable-privacy
valid_lft forever preferred_lft forever
6: tun2: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.1.20.1 peer 10.1.20.2/32 scope global tun2
valid_lft forever preferred_lft forever
inet6 fe80::33ad:9ca3:121a:4360/64 scope link stable-privacy
valid_lft forever preferred_lft forever
7: br-281bb5420586: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:fb:44:85:f8 brd ff:ff:ff:ff:ff:ff
inet 172.19.0.1/16 brd 172.19.255.255 scope global br-281bb5420586
valid_lft forever preferred_lft forever
inet6 fe80::42:fbff:fe44:85f8/64 scope link
valid_lft forever preferred_lft forever
8: br-4b99362f92cc: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:46:95:82:a7 brd ff:ff:ff:ff:ff:ff
inet 172.25.0.1/16 brd 172.25.255.255 scope global br-4b99362f92cc
valid_lft forever preferred_lft forever
9: br-57b5f61b2f20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:64:eb:e6:4a brd ff:ff:ff:ff:ff:ff
inet 172.20.0.1/16 brd 172.20.255.255 scope global br-57b5f61b2f20
valid_lft forever preferred_lft forever
inet6 fe80::42:64ff:feeb:e64a/64 scope link
valid_lft forever preferred_lft forever
10: br-8487e108bf3a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:b2:2d:b1:cc brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-8487e108bf3a
valid_lft forever preferred_lft forever
inet6 fe80::42:b2ff:fe2d:b1cc/64 scope link
valid_lft forever preferred_lft forever
11: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:55:c5:93:a9 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:55ff:fec5:93a9/64 scope link
valid_lft forever preferred_lft forever
13: vethf7a4cfe@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-281bb5420586 state UP group default
link/ether 7a:51:cf:e0:33:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::7851:cfff:fee0:33d3/64 scope link
valid_lft forever preferred_lft forever
15: vethe7356fb@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1a:98:38:e8:3e:b8 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1898:38ff:fee8:3eb8/64 scope link
valid_lft forever preferred_lft forever
17: veth22fb0d5@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-8487e108bf3a state UP group default
link/ether ca:ec:ab:6f:02:74 brd ff:ff:ff:ff:ff:ff link-netnsid 5
inet6 fe80::c8ec:abff:fe6f:274/64 scope link
valid_lft forever preferred_lft forever
19: veth685a449@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-281bb5420586 state UP group default
link/ether ee:10:fa:61:78:a8 brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet6 fe80::ec10:faff:fe61:78a8/64 scope link
valid_lft forever preferred_lft forever
21: veth1000b45@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-57b5f61b2f20 state UP group default
link/ether ee:b4:13:46:79:c2 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::ecb4:13ff:fe46:79c2/64 scope link
valid_lft forever preferred_lft forever
23: vethffd57b1@if22: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-8487e108bf3a state UP group default
link/ether 5a:a3:01:3f:85:1a brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::58a3:1ff:fe3f:851a/64 scope link
valid_lft forever preferred_lft forever
25: veth8051ebf@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-281bb5420586 state UP group default
link/ether 86:17:70:25:44:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 6
inet6 fe80::8417:70ff:fe25:44d3/64 scope link
valid_lft forever preferred_lft forever
27: vethe305af6@if26: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-57b5f61b2f20 state UP group default
link/ether 7e:a9:d3:b5:31:14 brd ff:ff:ff:ff:ff:ff link-netnsid 7
inet6 fe80::7ca9:d3ff:feb5:3114/64 scope link
valid_lft forever preferred_lft forever
29: veth7c4a3b4@if28: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-281bb5420586 state UP group default
link/ether 32:b2:a0:f3:8d:ad brd ff:ff:ff:ff:ff:ff link-netnsid 8
inet6 fe80::30b2:a0ff:fef3:8dad/64 scope link
valid_lft forever preferred_lft forever
30: vlan1@enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 40:8d:5c:4e:53:cb brd ff:ff:ff:ff:ff:ff
inet 192.168.0.249/24 brd 192.168.0.255 scope global vlan1
valid_lft forever preferred_lft forever
inet 192.168.5.5/24 brd 192.168.5.255 scope global vlan1
valid_lft forever preferred_lft forever
inet6 fe80::428d:5cff:fe4e:53cb/64 scope link
valid_lft forever preferred_lft forever
你看,vlan1
附加了错误的 IP。该命令ip route
进一步证实了这一点:
default via 192.168.5.1 dev enp4s0 proto static
default via 192.168.5.1 dev vlan1 proto static
10.1.1.0/24 via 10.1.21.2 dev tun1
10.1.20.0/24 via 10.1.20.2 dev tun2
10.1.20.2 dev tun2 proto kernel scope link src 10.1.20.1
10.1.21.0/24 via 10.1.21.2 dev tun1
10.1.21.2 dev tun1 proto kernel scope link src 10.1.21.1
10.1.22.0/24 via 10.1.22.2 dev tun0
10.1.22.2 dev tun0 proto kernel scope link src 10.1.22.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.18.0.0/16 dev br-8487e108bf3a proto kernel scope link src 172.18.0.1
172.19.0.0/16 dev br-281bb5420586 proto kernel scope link src 172.19.0.1
172.20.0.0/16 dev br-57b5f61b2f20 proto kernel scope link src 172.20.0.1
172.25.0.0/16 dev br-4b99362f92cc proto kernel scope link src 172.25.0.1 linkdown
192.168.0.0/24 dev enp4s0 proto kernel scope link src 192.168.0.249
192.168.0.0/24 dev vlan1 proto kernel scope link src 192.168.0.249
192.168.5.0/24 dev enp4s0 proto kernel scope link src 192.168.5.5
192.168.5.0/24 dev vlan1 proto kernel scope link src 192.168.5.5
192.168.6.0/24 via 10.1.21.2 dev tun1
我尝试在一个小的虚拟环境中进行操作,以避免干扰生产机器,在那里,这种行为非常有用:vlan
界面仅有的文件中配置的 IP *.network
。原始路由是不是复制过来(这看起来很糟糕)。
systemd-networkd.service
重启后在日志中会出现以下几行:
Feb 26 17:54:31 server-hh systemd[1]: Starting Network Service...
Feb 26 17:54:31 server-hh systemd-networkd[21461]: veth7c4a3b4: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vethe305af6: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: veth8051ebf: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vethffd57b1: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: veth1000b45: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: veth685a449: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: veth22fb0d5: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vethe7356fb: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vethf7a4cfe: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: docker0: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: br-8487e108bf3a: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: br-57b5f61b2f20: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: br-281bb5420586: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: tun2: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: tun1: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: tun0: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: enp4s0: Gained IPv6LL
Feb 26 17:54:31 server-hh systemd-networkd[21461]: Enumeration completed
Feb 26 17:54:31 server-hh systemd[1]: Started Network Service.
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vlan1: netdev ready
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vlan1: Gained carrier
Feb 26 17:54:31 server-hh systemd-networkd[21461]: vlan1: Could not bring up interface: Invalid argument
Feb 26 17:54:32 server-hh systemd-networkd[21461]: enp4s0: Configured
Feb 26 17:54:33 server-hh systemd-networkd[21461]: vlan1: Gained IPv6LL
Feb 26 17:54:45 server-hh systemd-networkd[21461]: vlan1: Configured
Feb 26 17:58:43 server-hh systemd-networkd[21461]: vlan1: Lost carrier
日志中的错误与测试系统日志中的错误相同。据我了解,这似乎是日志输出的一个错误。
也许我只是太傻或太迟了,但我不明白为什么这种情况只发生在生产服务器上,而不发生在测试服务器上。你有什么建议我可以进一步研究这个问题吗?
答案1
MACAddress=
如果 .network 文件包含,则不应在 [Match] 部分中使用VLAN=
。
有关详细信息,请参阅评论https://github.com/systemd/systemd/issues/11921。
答案2
对于遇到类似问题的人:
我不得不将 vlan 接口重命名为enp4s0.1
而不是vlan1
。我以为我可以随意命名,但这并不如预期的那样。我可能会询问 systemd 的开发人员,但目前找到了一种解决方法。