为什么我可以看到我的机器上有很多流量转发

tag-icon tag-icon linux networking tcpdump traffic
为什么我可以看到我的机器上有很多流量转发

我在局域网中工作,这是一个云产品。这个局域网中有很多 Linux 机器。我在这个局域网中部署了我的整个 Web 服务后端。

tcpdump -i eth0 -nne -p今天在一台本机IP为的机器上执行172.16.0.11,意外的发现了很多流量转发记录:

16:07:14.639206 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 1366: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [P.], seq 2796:4096, ack 1, win 9677, options [nop,nop,TS val 483833918 ecr 1703882345], length 1300
16:07:14.639241 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 2862: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [.], seq 4096:6892, ack 1, win 9677, options [nop,nop,TS val 483833918 ecr 1703882345], length 2796
16:07:14.639267 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 1366: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [P.], seq 6892:8192, ack 1, win 9677, options [nop,nop,TS val 483833918 ecr 1703882345], length 1300
16:07:14.639302 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 2862: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [.], seq 8192:10988, ack 1, win 9677, options [nop,nop,TS val 483833919 ecr 1703882345], length 2796
16:07:14.639328 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 1366: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [P.], seq 10988:12288, ack 1, win 9677, options [nop,nop,TS val 483833919 ecr 1703882345], length 1300
16:07:14.639533 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 4260: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [.], seq 12288:16482, ack 1, win 9677, options [nop,nop,TS val 483833919 ecr 1703882346], length 4194
16:07:14.639575 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 5658: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [.], seq 16482:22074, ack 1, win 9677, options [nop,nop,TS val 483833919 ecr 1703882346], length 5592
16:07:14.639766 fa:31:3f:2a:30:b7 > fa:31:3f:ba:7b:be, ethertype IPv4 (0x0800), length 3979: 172.16.0.227.9029 > 172.16.0.72.36726: Flags [P.], seq 22074:25987, ack 1, win 9677, options [nop,nop,TS val 483833919 ecr 1703882347], length 3913

如你所见,有很多从172.16.0.227到 的数据包172.16.0.72

我现在完全糊涂了。我从来没有在机器上创建过任何流量转发规则。但我该如何解释 的输出tcpdump?这是不是某种神奇的技术,让一台机器能够监控另外两台机器之间的流量?

相关内容