我正在运行 Ubuntu 11.10 桌面,系统安装了两个网卡。
eth0 由网络管理器管理,eth1 是桥接接口
/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface (managed by networkmanager)
# auto eth0
# iface eth0 inet manual
# The secondary network interface
auto eth1
iface eth1 inet manual
auto br0
iface br0 inet static
address 192.168.7.211
netmask 255.255.255.0
bridge_ports eth1
bridge_fd 0
bridge_stp no
每个接口的 arp-scan 显示不同的输出
arp-scan --interface=eth0 192.168.7.0/24
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.7.1 00:1b:c0:34:45:12 Juniper Networks
192.168.7.254 00:14:bf:a2:79:05 Cisco-Linksys LLC
arp-scan --interface=br0 192.168.7.0/24
Interface: br0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.7.1 00:1b:c0:34:45:12 Juniper Networks
192.168.7.254 00:14:bf:a2:79:05 Cisco-Linksys LL
arp-scan --interface=eth1 192.168.7.0/24
ioctl: Cannot assign requested address
WARNING: Could not obtain IP address for interface eth1. Using 0.0.0.0 for
the source address, which is probably not what you want.
Either configure eth1 with an IP address, or manually specify the address
with the --arpspa option.
Interface: eth1, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.7.1 00:1b:c0:34:45:12 Juniper Networks
192.168.7.210 f4:6d:04:af:01:d9 ASUSTek COMPUTER INC.
192.168.7.211 f4:6d:04:af:01:d9 ASUSTek COMPUTER INC.
192.168.7.254 00:14:bf:a2:79:05 Cisco-Linksys LLC
仅当使用 0.0.0.0 作为源地址时,才会显示 IP 地址 210 和 211,但它们具有相同的 MAC 地址,但它们位于不同的网卡上。
output ifconfig
br0 Link encap:Ethernet Hardware Adresse f4:6d:04:ae:e8:d0
inet Adresse:192.168.7.211 Bcast:0.0.0.0 Maske:255.255.255.0
inet6-Adresse: fe80::f66d:4ff:feae:e8d0/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
RX packets:5297 errors:0 dropped:0 overruns:0 frame:0
TX packets:1896 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:463074 (463.0 KB) TX bytes:115018 (115.0 KB)
eth0 Link encap:Ethernet Hardware Adresse f4:6d:04:af:01:d9
inet Adresse:192.168.7.210 Bcast:192.168.7.255 Maske:255.255.255.0
inet6-Adresse: fe80::f66d:4ff:feaf:1d9/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
RX packets:120669 errors:0 dropped:0 overruns:0 frame:0
TX packets:93541 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:124115299 (124.1 MB) TX bytes:8299417 (8.2 MB)
Interrupt:16 Basisadresse:0x8000
eth1 Link encap:Ethernet Hardware Adresse f4:6d:04:ae:e8:d0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
RX packets:6769 errors:0 dropped:0 overruns:0 frame:0
TX packets:3373 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:1006597 (1.0 MB) TX bytes:244116 (244.1 KB)
Interrupt:18 Speicher:fa700000-fa720000
lo Link encap:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
inet6-Adresse: ::1/128 Gültigkeitsbereich:Maschine
UP LOOPBACK RUNNING MTU:16436 Metrik:1
RX packets:2288 errors:0 dropped:0 overruns:0 frame:0
TX packets:2288 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:288354 (288.3 KB) TX bytes:288354 (288.3 KB)
因此我的网络连接时常会丢失。
更新:
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.default.arp_filter=0
#net.ipv4.conf.all.rp_filter=1
# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
答案1
如果一个网络中有多个网络接口,则必须在/etc/sysctl.conf文件中设置以下设置:
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_filter = 1
基本上,存在问题,当一个接口使用 ARP 请求向 MAC 广播传输数据包并且计算机从另一个接口接收答复时......