我已经在服务器上的命名空间中设置了 macvlan。我可以 ping 默认命名空间和 macvlan 命名空间,甚至可以从 LAN 中的任何其他客户端 ping macvlan 命名空间。
但 DNS 不起作用。我还需要配置什么?
pi@testpi:~ $ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:98:70:4b brd ff:ff:ff:ff:ff:ff
inet 192.168.100.222/24 brd 192.168.100.255 scope global dynamic noprefixroute eth0
valid_lft 84768sec preferred_lft 73968sec
inet6 fe80::247e:fd3c:36d7:68f5/64 scope link
valid_lft forever preferred_lft forever
4: hostmacvlanben0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether b8:27:eb:98:70:4c brd ff:ff:ff:ff:ff:ff
inet 192.168.100.222/24 scope global noprefixroute hostmacvlanben0
valid_lft forever preferred_lft forever
inet 192.168.100.174/24 brd 192.168.100.255 scope global secondary dynamic noprefixroute hostmacvlanben0
valid_lft 84792sec preferred_lft 73992sec
inet6 fe80::8d5f:20a4:abba:2d1c/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::ba27:ebff:fe98:704c/64 scope link
valid_lft forever preferred_lft forever
pi@testpi:~ $ ip r
default via 192.168.100.1 dev eth0 proto dhcp src 192.168.100.222 metric 202
default via 192.168.100.1 dev hostmacvlanben0 proto dhcp src 192.168.100.174 metric 204
192.168.100.0/24 dev eth0 proto dhcp scope link src 192.168.100.222 metric 202
192.168.100.0/24 dev hostmacvlanben0 proto dhcp scope link src 192.168.100.174 metric 204
192.168.100.224 dev hostmacvlanben0 scope link
命名空间的输出nsben1:
pi@testpi:~ $ sudo ip netns exec nsben1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: macvlanclient1@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether b8:27:eb:98:70:4d brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.100.224/24 scope global macvlanclient1
valid_lft forever preferred_lft forever
inet6 fe80::ba27:ebff:fe98:704d/64 scope link
valid_lft forever preferred_lft forever
pi@testpi:~ $ sudo ip netns exec nsben1 ip r
default via 192.168.100.1 dev macvlanclient1
192.168.100.0/24 dev macvlanclient1 proto kernel scope link src 192.168.100.224
pingIP有效、pingURL无效:
pi@testpi:~ $ sudo ip netns exec nsben1 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=111 time=23.0 ms
^[[A64 bytes from 8.8.8.8: icmp_seq=2 ttl=111 time=24.3 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 23.003/23.667/24.332/0.682 ms
pi@testpi:~ $ sudo ip netns exec nsben1 ping google.com
ping: google.com: Temporary failure in name resolution
traceroute没有给出任何提示:
pi@testpi:~ $ sudo ip netns exec nsben1 traceroute google.com
google.com: Temporary failure in name resolution
Cannot handle "host" cmdline arg `google.com' on position 1 (argc 1)
我的/etc/resolv.conf是:
pi@testpi:~ $ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 192.168.100.1
192.168.100.1是我的私人局域网中的边缘路由器。然后我还从 ISP 获得了电缆调制解调器。
检查与tcpdumpmacvlan命名空间的 IP nsben1,然后从命名空间内部 ping 以8.8.8.8获得一些答案:
pi@testpi:~ $ sudo tcpdump --interface eth0 host 192.168.100.224
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
15:43:45.417310 IP 192.168.100.224 > dns.google: ICMP echo request, id 20611, seq 1, length 64
15:43:45.440190 IP dns.google > 192.168.100.224: ICMP echo reply, id 20611, seq 1, length 64
15:43:46.418707 IP 192.168.100.224 > dns.google: ICMP echo request, id 20611, seq 2, length 64
15:43:46.440392 IP dns.google > 192.168.100.224: ICMP echo reply, id 20611, seq 2, length 64
并且 pingwww.google.com没有得到任何答复。这是8.8.1.1我不明白的 ping(请注意,8.8.1.1直接 ping 也没有得到任何答案):
15:44:13.988596 IP 192.168.100.224.45822 > 8.8.1.1.domain: 22489+ A? google.com. (28)
15:44:13.989314 IP 192.168.100.224.45822 > 8.8.1.1.domain: 25561+ AAAA? google.com. (28)
15:44:18.994541 IP 192.168.100.224.45822 > 8.8.1.1.domain: 22489+ A? google.com. (28)
15:44:18.994660 IP 192.168.100.224.45822 > 8.8.1.1.domain: 25561+ AAAA? google.com. (28)
我用的是编辑过的/etc/dhcpcd.conf将名称服务器从 更改192.168.100.1为8.8.8.8并重新启动服务。现在resolv.conf显示nameserver 8.8.8.8但行为仍然相同。
答案1
不需要特殊设置:
/etc/resolv.conf通常,命名空间中提供的名称服务器也default应该在附加命名空间 ( ) 中使用nsben1。
就我而言,这是行不通的。
起初,我将 LAN 路由器作为名称服务器,但将其更改为8.8.8.8尝试测试路由器端的 DNS 是否出现问题。
由于这并没有改变我的行为,我进行了更多调查,发现结果sudo ip netns exec nsben1 cat /etc/resolv.conf表明nameserver 8.8.1.1。
这是错误的。甚至ping 8.8.1.1没有给出任何回应。
我之前没有从命名空间中检查这一点,nsben1因为我认为它只是相同的。/etc/resolv.conf如果是 RaspberryPi 操作系统,可以通过/etc/dhcpcd.conf使用行进行编辑来进行更改static domain_name_servers=。
重新启动后,命名空间现在也显示8.8.8.8并且 DNS 工作正常。