Debian 11 上的数据包转发

tag-icon tag-icon debian networking bridge
Debian 11 上的数据包转发

我在一个小型机器上运行 Debian 11。

我想要从以太网接口上的网络分接头上游获取所有流量eno2并将其输出到 sfp+ 接口eno8

我已使用以下命令设置桥接:

brctl addbr br0
brctl addif br0 eno2 eno8
ip link set br0 up

当我执行此操作时,tcpdump -ni eno2我会看到大量流量,这是预期的。但是当我执行 a 时,tcpdump -ni eno8我看到的流量非常少,而且似乎仅限于 UDP 流量。我希望所有流量从eno2前往eno8

不知何故,它没有桥接 TCP 流量。

的输出ip a

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether ac:1f:6b:72:d0:2a brd ff:ff:ff:ff:ff:ff
    altname enp7s0
    inet 10.0.20.250/24 brd 10.0.50.255 scope global eno1
       valid_lft forever preferred_lft forever
    inet6 fe80::ae1f:6bff:fe72:d02a/64 scope link
       valid_lft forever preferred_lft forever
3: eno2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
    link/ether ac:1f:6b:72:d0:2b brd ff:ff:ff:ff:ff:ff
    altname enp8s0
4: eno3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ac:1f:6b:72:d0:2c brd ff:ff:ff:ff:ff:ff
    altname enp11s0f0
5: eno4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ac:1f:6b:72:d0:2d brd ff:ff:ff:ff:ff:ff
    altname enp11s0f1
6: eno5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ac:1f:6b:72:d0:2e brd ff:ff:ff:ff:ff:ff
    altname enp11s0f2
7: eno6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether ac:1f:6b:72:d0:2f brd ff:ff:ff:ff:ff:ff
    altname enp11s0f3
8: eno7: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master br0 state DOWN group default qlen 1000
    link/ether ac:1f:6b:72:d9:ba brd ff:ff:ff:ff:ff:ff
    altname enp4s0f0
9: eno8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
    link/ether ac:1f:6b:72:d9:bb brd ff:ff:ff:ff:ff:ff
    altname enp4s0f1
16: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 72:69:25:12:99:da brd ff:ff:ff:ff:ff:ff
    inet6 fe80::7069:25ff:fe12:99da/64 scope link
       valid_lft forever preferred_lft forever

谁能指出我解决这个问题的方向?

答案1

终于找到答案了:

内核代码并没有真正实现桥接器,而更多地实现了虚拟交换机。因此,它将了解哪些 MAC 地址属于哪个端口,并且仅将流量转发到该端口。

如果设置brctl setaging br0 0该框将不会保留 MAC 信息。

现在正在工作。感谢所有看到这里的人!

相关内容