单向路由

2024-5-28 • tag-icon

我有两台通过 VPN 连接的计算机，每台计算机上都有一些虚拟机。我希望所有计算机都能互相看到（基本上是 4 台不同的联网计算机）。到目前为止，我还没有做到的是让一端的计算机对另一端可见。在 tracert 术语中：

192.168.78.42>tracert 192.168.69.18
Tracing route to WIN-2K8R2 [192.168.69.18]
over a maximum of 30 hops:
  1    <1 ms    <1 ms    <1 ms  192.168.78.17
  2     *        *        *     Request timed out.
  3   217 ms    78 ms    78 ms  WIN-2K8R2 [192.168.69.18]
Trace complete.
192.168.78.42>tracert 192.168.69.112
Tracing route to 192.168.69.112 over a maximum of 30 hops
  1    <1 ms    <1 ms    <1 ms  192.168.78.17
  2   333 ms     *      337 ms  WIN-2K8R2 [192.168.86.22]
  3/4/5     *        *        *     Request timed out.
  6  ^C
192.168.69.18>tracert 192.168.69.112
Tracing route to 192.168.69.112 over a maximum of 30 hops
  1    <1 ms    <1 ms    <1 ms  192.168.69.112
Trace complete.
192.168.69.112>tracert 192.168.78.42
Tracing route to 192.168.78.42 over a maximum of 30 hops
  1     1 ms     *       <1 ms  192.168.69.18
  2    79 ms    77 ms    80 ms  192.168.86.21
  3    80 ms    77 ms    81 ms  192.168.78.42
Trace complete.

注意：这 4 台机器分别是 192.168.69.112 (winXP)、192.168.69.18=192.168.86.22 (win2K8R2)、192.168.86.21=192.168.78.17 (Linux)、192.168.78.42 (win2K3)。VPN
是 192.168.86.21 和 192.168.86.22 之间的 TAP openvpn 连接。
我想说问题出在 win2K8 机器上，但 Windows 网络是我的弱点。

[电子邮件保护]：因为我用的是VPN，所以有个可行的解决方法，就是从winXP机器到Linux VPN服务器建立VPN连接，这样winXP和win2K3就可以连接起来了。但是原来的问题，也就是为什么win2K8R2不转发包，仍然没有解决。

路由表（不含广播等条目）：
winXP

Network Destination        Netmask          Gateway       Interface  Metric
      0.0.0.0          0.0.0.0         10.0.3.2       10.0.3.15   20
     10.0.3.0    255.255.255.0        10.0.3.15       10.0.3.15   20
    10.0.3.15  255.255.255.255        127.0.0.1       127.0.0.1   20
 10.255.255.255  255.255.255.255        10.0.3.15       10.0.3.15     20
    127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
  192.168.0.0    255.255.255.0    192.168.0.112   192.168.0.112   20
  192.168.0.112  255.255.255.255        127.0.0.1       127.0.0.1     20
  192.168.0.255  255.255.255.255    192.168.0.112   192.168.0.112     20
 192.168.69.0    255.255.255.0   192.168.69.112  192.168.69.112   20
 192.168.69.112  255.255.255.255        127.0.0.1       127.0.0.1     20
 192.168.69.255  255.255.255.255   192.168.69.112  192.168.69.112     20
 192.168.78.0    255.255.255.0    192.168.69.18  192.168.69.112   1
...
Default Gateway:          10.0.3.2
===========================================================================
Persistent Routes:
Network Address          Netmask  Gateway Address  Metric
   192.168.78.0    255.255.255.0    192.168.69.18       1

赢2K8R2

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.17     20
      192.168.0.0    255.255.255.0         On-link      192.168.0.17    276
     192.168.0.17  255.255.255.255         On-link      192.168.0.17    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.17    276
     192.168.69.0    255.255.255.0         On-link     192.168.69.18    276
    192.168.69.18  255.255.255.255         On-link     192.168.69.18    276
   192.168.69.112  255.255.255.255         On-link     192.168.69.18     21
   192.168.69.255  255.255.255.255         On-link     192.168.69.18    276
     192.168.78.0    255.255.255.0    192.168.86.21    192.168.86.22     31
    192.168.86.20  255.255.255.252         On-link     192.168.86.22    286
    192.168.86.22  255.255.255.255         On-link     192.168.86.22    286
    192.168.86.23  255.255.255.255         On-link     192.168.86.22    286
...
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
     192.168.78.0    255.255.255.0    192.168.86.21       1
   192.168.69.112  255.255.255.255    192.168.69.18       1

Linux

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         *               0.0.0.0         U     0      0        0 ppp0
10.0.0.1        *               255.255.255.255 UH    0      0        0 ppp0
192.168.69.0    192.168.86.22   255.255.255.0   UG    0      0        0 tap1
192.168.75.0    192.168.86.22   255.255.255.0   UG    0      0        0 tap1
192.168.75.0    192.168.86.22   255.255.255.0   UG    0      0        0 ppp0
192.168.76.0    *               255.255.255.0   U     0      0        0 eth0
192.168.78.0    *               255.255.255.0   U     0      0        0 vboxnet0
192.168.85.0    *               255.255.255.0   U     0      0        0 vboxnet1
192.168.86.16   *               255.255.255.252 U     0      0        0 tap0
192.168.86.20   *               255.255.255.252 U     0      0        0 tap1
192.168.186.24  *               255.255.255.252 U     0      0        0 tap2

操作系统

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.78.17    192.168.78.42     10
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
     192.168.78.0    255.255.255.0    192.168.78.42    192.168.78.42     10
    192.168.78.42  255.255.255.255        127.0.0.1        127.0.0.1     10
   192.168.78.255  255.255.255.255    192.168.78.42    192.168.78.42     10
     192.168.85.0    255.255.255.0    192.168.85.42    192.168.85.42     10
...
Default Gateway:     192.168.78.17

答案1

但我的观点是，回显请求和 RDP 连接在一个方向上有效，但在另一个方向上失败。由于回显回复以另一种方式工作，我想，路由表应该没问题

每台主机上都应该有到每个网络的路由。我见过在一台机器上安装了路由而在另一台机器上没有安装的情况，你之前描述的情况正是这种情况。

添加具有正确网关的路由，以便可以到达其他网络块

Windows Example = route add -p 192.168.X.X/24 gw 192.168.X.X
Linux Example = route add -net 192.168.X.X/24 192.168.X.X

-p 使它在 Windows 重启后保持不变。要使路由在 Linux 重启后保持不变，您必须将路由添加到静态路由文件。

答案1

相关内容