为什么我的 Send-Q 不断加载但没有任何结果?

tag-icon tag-icon networking tcp tcpdump namespace tcp-ip
为什么我的 Send-Q 不断加载但没有任何结果?

我目前正在诊断与数据包转发相关的问题。我将链路层数据包转发到 B 网络命名空间,发现 B 网络命名空间没有回复它们,但我可以从默认命名空间卷曲并查看 B 网络命名空间中托管的站点。

这是我如何设置我的命名空间

sysctl -w net.ipv4.ip_forward=1 &&
sysctl -w net.ipv6.conf.all.forwarding=1 &&
ip netns add namespace1 &&
ip link add veth0 type veth peer name veth1 &&
ip link set veth0 netns namespace1 &&
ip netns exec namespace1 ip addr add 192.168.1.11/24 dev veth0 &&
ip link add name br0 type bridge &&
ip link set br0 up &&
ip link set veth1 up &&
ip netns exec namespace1 ip link set veth0 up &&
ip netns exec namespace1 ip link set lo up &&
ip link set veth1 master br0 &&
ip addr add 192.168.1.10/24 brd + dev br0 &&
ip -all netns exec ip route add default via 192.168.1.10 &&
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE

现在,当我ss -lntp在 B 网络命名空间上运行命令时,它输出:

State           Recv-Q          Send-Q                     Local Address:Port                     Peer Address:Port          Process
LISTEN          0               511                                    *:443                                 *:*              users:(("node",pid=30798,fd=20))
LISTEN          0               511                                    *:7000

我不确定为什么 Send-Q 总是被填满而不是空的。我今天也运行了这个,我看到与非空 Send Q 相同的输出。

而且,当我在 B 网络命名空间上运行 TCP Dump 时,它会显示以下内容:

16:50:11.742116 IP (tos 0x2a,ECT(0), ttl 115, id 8487, offset 0, flags [DF], proto TCP (6), length 52)
    MYHOMEIP.51202 > SERVERIP.https: Flags [SEW], cksum 0x59a4 (correct), seq 332112346, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

这里ip link是默认(主机)命名空间的输出,

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether f2:3c:92:cc:a4:92 brd ff:ff:ff:ff:ff:ff
3: veth1@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000
    link/ether 5e:ea:89:32:05:b1 brd ff:ff:ff:ff:ff:ff link-netns namespace1
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 5e:ea:89:32:05:b1 brd ff:ff:ff:ff:ff:ff

这里ip address是默认(主机)命名空间的输出,

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether f2:3c:92:cc:a4:92 brd ff:ff:ff:ff:ff:ff
    inet MYSERVERIPHIDDENFORPRIVACY/24 brd MYSERVERIPHIDDENFORPRIVACY.25.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2600:3c04::f03c:92ff:fecc:a492/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 2592000sec preferred_lft 604800sec
    inet6 fe80::f03c:92ff:fecc:a492/64 scope link
       valid_lft forever preferred_lft forever
3: veth1@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 5e:ea:89:32:05:b1 brd ff:ff:ff:ff:ff:ff link-netns namespace1
    inet6 fe80::5cea:89ff:fe32:5b1/64 scope link
       valid_lft forever preferred_lft forever
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 5e:ea:89:32:05:b1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.10/24 brd 192.168.1.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::4c9a:7dff:fee0:b45/64 scope link
       valid_lft forever preferred_lft forever

这里ip route来自默认(主机)命名空间的输出

default via HIDDENIPPRIVACY.25.1 dev eth0 proto static
HIDDENIPPRIVACY.25.0/24 dev eth0 proto kernel scope link src HIDDENIPPRIVACY.25.129
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.10

这里的ip link输出namespace1我将其称为上面的 B 命名空间,

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
4: veth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether d6:9d:1c:c2:c9:28 brd ff:ff:ff:ff:ff:ff link-netnsid 0

这里的ip address输出namespace1我将其称为上面的 B 命名空间,

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
4: veth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d6:9d:1c:c2:c9:28 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.1.11/24 scope global veth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d49d:1cff:fec2:c928/64 scope link
       valid_lft forever preferred_lft forever

这里的ip route输出namespace1我将其称为上面的 B 命名空间,

default via 192.168.1.10 dev veth0
192.168.1.0/24 dev veth0 proto kernel scope link src 192.168.1.11

一个类似的问题之前曾在此网站上询问过,但没有人成功提供解决方案。

更新:我仍然找不到为什么会发生这种情况。

相关内容