CentOS 7 服务器有 2 个网卡(eth0 和 eth1)和 2 个公共静态 IP。 eth1的IP不可达。
/etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
DEFROUTE=yes
DEVICE=eth0
GATEWAY=37.32.20.1
HWADDR=fa:16:3e:fe:eb:e6
IPADDR=37.32.23.77
MTU=1500
NETMASK=255.255.252.0
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
/etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=static
DEFROUTE=no
DEVICE=eth1
HWADDR=fa:16:3e:d6:4d:a8
IPADDR=94.101.179.215
MTU=1500
NETMASK=255.255.252.0
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
我已经定义了路由 /etc/sysconfig/network-scripts/route-eth0
37.32.20.0/22 dev eth0 table table200
default dev eth0 via 37.32.20.1 table table200
/etc/sysconfig/network-scripts/route-eth1
94.101.176.0/22 dev eth1 table table201
default dev eth1 via 94.101.176.1 table table201
/etc/sysconfig/network-scripts/rule-eth0
from 37.32.23.205 lookup table200
/etc/sysconfig/network-scripts/rule-eth1
from 94.101.177.221 lookup table201
和ip路由是
default via 37.32.20.1 dev eth0
37.32.20.0/22 dev eth0 proto kernel scope link src 37.32.23.77
94.101.176.0/22 dev eth1 proto kernel scope link src 94.101.179.215
现在以太网1无法从 Internet 访问 IP。
更新1
命令的输出 sysctl -ar '\.rp_filter
:
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.eth1.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 0
更新2
命令的输出 ip neigh
:
94.101.176.1 dev eth1 lladdr aa:aa:bb:bb:cc:cc STALE
37.32.20.1 dev eth0 lladdr aa:aa:bb:bb:cc:cc DELAY