嘿朋友们。目前我正在运行我的 Fedora 30 主机,使用 Cockpit 和 cockpit-virtual-machines 来管理我的机器。我得到了网络接口 enp35s0、vlan 子接口 enp35s0.220,以及在 enp35s0、bridge200 上创建的网桥。我的所有客人都以“直接连接”方式连接到bridge200,并且互联网访问工作得很好。不幸的是,所有这些访客都无法 ping 或互相访问。他们只能通过 DNS 检索 IP,但根本无法互相 ping 通。在这种情况下,最好的方法是什么?所有访客均位于 192.168.200.0/24 子网中。这里可能有什么问题?提前致谢!
PING freenas.lan (192.168.200.79) 56(84) bytes of data.
From 192.168.200.60 (192.168.200.60) icmp_seq=1 Destination Host Unreachable
From 192.168.200.60 (192.168.200.60) icmp_seq=2 Destination Host Unreachable
From 192.168.200.60 (192.168.200.60) icmp_seq=3 Destination Host Unreachable
网络摘要,机密信息已省略。
bridge200: connected to bridge200
"bridge200"
bridge, 02:68:9F:C2:CC:89, sw, mtu 1500
ip4 default
inet4 192.168.200.65/24
route4 0.0.0.0/0
route4 192.168.200.0/24
inet6 fdfb:9584:eb33:2:68:9fff:fec2:cc89/64
inet6 fe80::68:9fff:fec2:cc89/64
route6 fdfb:9584:eb33:2::/64
route6 fe80::/64
route6 ::/0
route6 ff00::/8
bridge3: connected to bridge3
"bridge3"
bridge, 5E:63:93:76:B0:89, sw, mtu 1500
ip6 default
inet4 192.168.3.98/24
route4 0.0.0.0/0
route4 192.168.3.0/24
inet6 2001:4dd0:5033:3:2c25:758:1d92:5bd3/64
inet6 2002:5c32:5c86:3:559:ec8c:9497:978e/64
inet6 fdfb:9584:eb33:3:fb6a:32ab:5c91:d30a/64
inet6 fe80::a85f:26b1:11d6:903c/64
route6 2002:5c32:5c86:3::/64
route6 fdfb:9584:eb33:3::/64
route6 2001:4dd0:5033:3::/64
route6 ::/0
route6 2001:4dd0:5033:3::fed/128
route6 2002:b0c7:bc86:83::fed/128
route6 fdfb:9584:eb33:3::fed/128
route6 fe80::/64
route6 ff00::/8
bridge110: connected to bridge110
"bridge110"
bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
inet4 172.20.32.15/24
route4 172.20.32.0/24
route4 0.0.0.0/0
virbr0: connected (externally) to virbr0
"virbr0"
bridge, 52:54:00:72:A1:8F, sw, mtu 1500
inet4 192.168.122.1/24
route4 192.168.122.0/24
enp43s0: connected to Wired connection 3
"Mellanox MT26448"
ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
inet4 192.168.2.1/31
route4 192.168.2.0/31
enp35s0: connected to Wired connection 1
"Intel I210"
ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
master bridge3
vnet0: connected (externally) to vnet0
"vnet0"
tun, FE:54:00:23:76:BE, sw, mtu 1500
master virbr0
enp35s0.110: connected to enp35s0.110
"enp35s0.110"
vlan, D0:50:99:D6:ED:53, sw, mtu 1500
master bridge110
enp35s0.200: connected to enp35s0.200
"enp35s0.200"
vlan, D0:50:99:D6:ED:53, sw, mtu 1500
master bridge200
enp36s0: unavailable
"Intel I210"
ethernet (igb), D0:50:99:D6:ED:54, hw, mtu 1500
lo: unmanaged
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
macvtap0: unmanaged
"macvtap0"
macvlan (macvtap), 52:54:00:F1:D0:30, sw, mtu 1500
macvtap1: unmanaged
"macvtap1"
macvlan (macvtap), 52:54:00:C5:8B:10, sw, mtu 1500
macvtap10: unmanaged
route6 fe80::/64
route6 ff00::/8
bridge110: connected to bridge110
"bridge110"
bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
inet4 172.20.32.15/24
route4 172.20.32.0/24
route4 0.0.0.0/0
virbr0: connected (externally) to virbr0
"virbr0"
bridge, 52:54:00:72:A1:8F, sw, mtu 1500
inet4 192.168.122.1/24
route4 192.168.122.0/24
enp43s0: connected to Wired connection 3
"Mellanox MT26448"
ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
inet4 192.168.2.1/31
route4 192.168.2.0/31
enp35s0: connected to Wired connection 1
"Intel I210"
ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
master bridge3
vnet0: connected (externally) to vnet0
"vnet0"
tun, FE:54:00:23:76:BE, sw, mtu 1500
master virbr0
enp35s0.110: connected to enp35s0.110
"enp35s0.110"
vlan, D0:50:99:D6:ED:53, sw, mtu 1500
master bridge110
enp35s0.200: connected to enp35s0.200
"enp35s0.200"
vlan, D0:50:99:D6:ED:53, sw, mtu 1500
master bridge200
enp36s0: unavailable
"Intel I210"
ethernet (igb), D0:50:99:D6:ED:54, hw, mtu 1500
lo: unmanaged
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
macvtap0: unmanaged
"macvtap0"
macvlan (macvtap), 52:54:00:F1:D0:30, sw, mtu 1500
macvtap1: unmanaged
"macvtap1"
macvlan (macvtap), 52:54:00:C5:8B:10, sw, mtu 1500
macvtap10: unmanaged
bridge200: connected to bridge200
"bridge200"
bridge, 02:68:9F:C2:CC:89, sw, mtu 1500
ip4 default
inet4 192.168.200.65/24
route4 0.0.0.0/0
route4 192.168.200.0/24
inet6 fdfb:9584:eb33:2:68:9fff:fec2:cc89/64
inet6 fe80::68:9fff:fec2:cc89/64
route6 fdfb:9584:eb33:2::/64
route6 fe80::/64
route6 ::/0
route6 ff00::/8
bridge3: connected to bridge3
"bridge3"
bridge, 5E:63:93:76:B0:89, sw, mtu 1500
ip6 default
inet4 192.168.3.98/24
route4 0.0.0.0/0
route4 192.168.3.0/24
inet6 2001:4dd0:5033:3:2c25:758:1d92:5bd3/64
inet6 2002:5c32:5c86:3:559:ec8c:9497:978e/64
inet6 fdfb:9584:eb33:3:fb6a:32ab:5c91:d30a/64
inet6 fe80::a85f:26b1:11d6:903c/64
route6 2002:5c32:5c86:3::/64
route6 fdfb:9584:eb33:3::/64
route6 2001:4dd0:5033:3::/64
route6 ::/0
route6 2001:4dd0:5033:3::fed/128
route6 2002:b0c7:bc86:83::fed/128
route6 fdfb:9584:eb33:3::fed/128
route6 fe80::/64
route6 ff00::/8
bridge110: connected to bridge110
"bridge110"
bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
inet4 172.20.32.15/24
route4 172.20.32.0/24
route4 0.0.0.0/0
virbr0: connected (externally) to virbr0
"virbr0"
bridge, 52:54:00:72:A1:8F, sw, mtu 1500
inet4 192.168.122.1/24
route4 192.168.122.0/24
enp43s0: connected to Wired connection 3
"Mellanox MT26448"
ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
inet4 192.168.2.1/31
route4 192.168.2.0/31
enp35s0: connected to Wired connection 1
"Intel I210"
ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
master bridge3
从virsh dumpxml
<interface type='direct'>
<mac address='52:54:00:04:c4:e3'/>
<source dev='bridge200' mode='vepa'/>
<target dev='macvtap5'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
nmcli device status
DEVICE TYPE STATE CONNECTION
bridge200 bridge connected bridge200
bridge3 bridge connected bridge3
bridge110 bridge connected bridge110
virbr0 bridge connected (externally) virbr0
enp43s0 ethernet connected Wired connection 3
enp35s0 ethernet connected Wired connection 1
vnet0 tun connected (externally) vnet0
enp35s0.110 vlan connected enp35s0.110
enp35s0.200 vlan connected enp35s0.200
enp36s0 ethernet unavailable --
lo loopback unmanaged --
macvtap0 macvlan unmanaged --
macvtap1 macvlan unmanaged --
macvtap10 macvlan unmanaged --
macvtap11 macvlan unmanaged --
macvtap2 macvlan unmanaged --
macvtap3 macvlan unmanaged --
macvtap4 macvlan unmanaged --
macvtap5 macvlan unmanaged --
macvtap6 macvlan unmanaged --
macvtap7 macvlan unmanaged --
macvtap8 macvlan unmanaged --
macvtap9 macvlan unmanaged --
virbr0-nic tun unmanaged --
答案1
通过检查几个不同的来源,我能够解决这个问题。第一步,根据https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt.html我必须添加以下规则
/etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
根据此处引用的解决方案,虚拟机直通本地网络(桥接)Fedora 31 服务器我必须选择“lanbridge”才能连接bridge200接口而不是“directattachment”。这就是拯救我并解决我的问题的原因!不过还是非常感谢!