作为实验的一部分迷你网,我的 IPv4 网络对于通过两个路由器连接的两台主机具有以下拓扑。 (在 Ubuntu 22.04.02 虚拟机上运行 Mininet。)
N.0.103 N.0.1 N.2.1 N.2.2 N.1.1 N.1.2
h1 ------------------------ r1 ------------------------ r2 ------------------------ h2
N.0.0/24 N.2.0/24 N.1.0/24
顶行是接口地址,底行是网络地址,其中N = 192.168。
具体来说,主机'h1'具有以下配置:
h1-eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.103 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::70e9:dfff:fe2c:6242 prefixlen 64 scopeid 0x20<link>
ether 72:e9:df:2c:62:42 txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1076 (1.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 1076 (1.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
主机“h2”具有以下配置:
h2-eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::f429:9fff:fe6a:5211 prefixlen 64 scopeid 0x20<link>
ether f6:29:9f:6a:52:11 txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1076 (1.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 1076 (1.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
路由器“r1”具有以下配置:
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
r1-eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::10dc:6cff:feb2:1688 prefixlen 64 scopeid 0x20<link>
ether 12:dc:6c:b2:16:88 txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1076 (1.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 1076 (1.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
r1-eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::8cd5:99ff:fedf:e2a8 prefixlen 64 scopeid 0x20<link>
ether 8e:d5:99:df:e2:a8 txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1076 (1.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 1146 (1.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
路由器“r2”具有以下配置:
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
r2-eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::87d:6aff:fee9:477 prefixlen 64 scopeid 0x20<link>
ether 0a:7d:6a:e9:04:77 txqueuelen 1000 (Ethernet)
RX packets 21 bytes 1398 (1.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 1146 (1.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
r2-eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.2 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::cc40:70ff:fe31:f96d prefixlen 64 scopeid 0x20<link>
ether ce:40:70:31:f9:6d txqueuelen 1000 (Ethernet)
RX packets 15 bytes 1146 (1.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 1146 (1.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
我正在尝试设置实验拓扑,以便两台主机都可以访问另一台主机,这当然可以通过配置路由表来实现。
我已采取以下步骤:
上r1 终端(xterm):
ifconfig r1-eth0 192.168.0.1 netmask 255.255.255.0
ifconfig r1-eth1 192.168.2.1 netmask 255.255.255.0
ip route add 192.168.0.0/24 dev r1-eth0
ip route add 192.168.1.0/24 via 192.168.2.2
上r2 终端(xterm):
ifconfig r2-eth0 192.168.1.1 netmask 255.255.255.0
ifconfig r2-eth1 192.168.2.2 netmask 255.255.255.0
ip route add 192.168.0.0/24 via 192.168.2.1
ip route add 192.168.2.0/24 dev r1-eth1
上h1 终端(xterm)
ifconfig h1-eth0 192.168.0.103 netmask 255.255.255.0
route add default gw 192.168.0.1
ip route add 192.168.1.0/24 via 192.168.0.1
上h2 终端(xterm)
ifconfig h2-eth0 192.168.1.2 netmask 255.255.255.0
route add default gw 192.168.1.1
ip route add 192.168.0.0/24 via 192.168.1.1
h1、h2、r1、r2更新后的路由表如下:
h1 路线:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 h1-eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 h1-eth0
192.168.1.0 192.168.0.1 255.255.255.0 UG 0 0 0 h1-eth0
h2 路线:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 h2-eth0
192.168.0.0 192.168.1.1 255.255.255.0 UG 0 0 0 h2-eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 h2-eth0
r1 路由表:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 r1-eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 r1-eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 r1-eth1
r2 路由表:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 r2-eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 r2-eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 r2-eth1
当我尝试从“h1”对“h2”执行 ping 操作(反之亦然)时,我收到“目标主机无法访问”错误。
这是我的 ping 可达性矩阵(由pingallMininet CLI 生成)以显示一些结果:
r1 -> r2 h1 X
r2 -> r1 X X
h1 -> r1 r2 X
h2 -> r1 r2 X
它可以解释为:
通过 ping 操作,
r1可以达到r2,h1但不能h2。r2可以到达r1,但不能到达,h1也不能到达h2。h1可以达到r1,r2但不能h2。h2可以达到r1,r2但不能h1。
作为实际矩阵,
| 下面的节点可以ping通其他节点 | r1 | r2 | h1 | 小时2 |
|---|---|---|---|---|
| r1 | - | 是的 | 是的 | |
| r2 | 是的 | - | ||
| h1 | 是的 | 是的 | - | |
| 小时2 | 是的 | 是的 | - |
我哪里错了?我是否跳过了某个步骤?任何见解/帮助表示赞赏。
答案1
您可能没有在 r1 和 r2 上启用转发
sysctl -w net.ipv4.ip_forward=1
在运行此命令之前(或之后),您可以检查当前状态
sysctl net.ipv4.ip_forward
0表示未启用,1否则
答案2
有一个错字:
# On the h1 terminal (xterm)
[...]
ip route add 192.168.1.0/24 via 192.168.1.1
我猜你想输入的内容(与 h2 一致)是
ip route add 192.168.1.0/24 via 192.168.0.1
这个错误特别令人难过,因为这些条目完全没有用。在这两种情况下,默认路由都会覆盖它。
一般来说:遇到此类问题,您应该tcpdump在所有主机上运行,以查看数据包传输了多远。
您可以使用以下命令测试本地路由配置
ip route get 1.2.3.4 # tells you what would happen with a packet to that address
更新1
路由器上的路由表似乎是错误的。我花了一些时间才注意到,因为我不习惯route.您应该使用ip addressandip link代替ifconfig和ip route。route
路由器的路由表必须包含两个链路条目(针对两个接口)和一个下一跳条目。但所有条目看起来都一样。
原因是每个路由器上缺少路由配置。每个人都需要(不同的)条目
- 192.168.0.0/24
- 192.168.0.1/24
- 192.168.0.2/24
r1不见了:
ip route add 192.168.2.0/24 dev r1-eth1
r2不见了:
ip route add 192.168.1.0/24 dev r2-eth0