KVM 客户机找不到网关

2024-5-29 • tag-icon

我尝试设置具有桥接网络的 KVM 服务器。我按照文档操作，但仍然无法使其工作。客户系统可以 ping 主机系统，主机可以 ping 客户系统，因此这两者之间的连接似乎可以正常工作。

我基本上只是希望 KVM 客户机与主机系统位于同一网络中，并且它们共享以太网端口。

如果有人能给我一些提示如何让它工作，我将不胜感激。

在/etc/config/接口：

auto lo
iface lo inet loopback
iface eth1 inet manual
auto br0
iface br0 inet static
address 172.16.66.22
network 172.16.66.0
netmask 255.255.255.0
gateway 172.16.66.254
broadcast 172.16.66.255
bridge_stp off
bridge_ports eth1
bridge_maxwait 0
bridge_fd 0

服务器上 ifconfig 的输出：

br0       Link encap:Ethernet  HWaddr 00:c0:dd:0b:84:3e  
      inet addr:172.16.66.22  Bcast:172.16.66.255  Mask:255.255.255.0
      inet6 addr: 2401:f000:3:0:2c0:ddff:fe0b:843e/64 Scope:Global
      inet6 addr: fe80::2c0:ddff:fe0b:843e/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:12363 errors:0 dropped:0 overruns:0 frame:0
      TX packets:853 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:1939520 (1.8 MiB)  TX bytes:308716 (301.4 KiB)

eth1      Link encap:Ethernet  HWaddr 00:c0:dd:0b:84:3e  
      inet6 addr: fe80::2c0:ddff:fe0b:843e/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:12444 errors:0 dropped:0 overruns:0 frame:0
      TX packets:915 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:256 
      RX bytes:2133993 (2.0 MiB)  TX bytes:312032 (304.7 KiB)
      Interrupt:18 

lo        Link encap:Local Loopback  
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING  MTU:16436  Metric:1
      RX packets:976 errors:0 dropped:0 overruns:0 frame:0
      TX packets:976 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:323811 (316.2 KiB)  TX bytes:323811 (316.2 KiB)

vnet0     Link encap:Ethernet  HWaddr fe:54:00:9a:a0:14  
      inet6 addr: fe80::fc54:ff:fe9a:a014/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:71 errors:0 dropped:0 overruns:0 frame:0
      TX packets:11443 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:500 
      RX bytes:3946 (3.8 KiB)  TX bytes:1969514 (1.8 MiB

$ cat /proc/sys/net/ipv4/ip_forward
1

$ brctl show
bridge name bridge id       STP enabled interfaces
br0     8000.00c0dd0b843e   no      eth1
                                    vnet0

$ ps -ef | egrep '(qemu|kvm)'
root      1346     2  0 13:20 ?        00:00:00 [kvm-irqfd-clean]
105       1823     1  3 13:22 ?        00:04:45 /usr/bin/kvm -S -M pc-0.12 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name secondserver -uuid 3c31fa7d-6fe7-26fa-e62e-3b948a4023a4 -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/secondserver.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=utc -boot c -drive file=/dev/kvm-server/secondserver,if=none,id=drive-virtio-disk0,boot=on,format=raw,cache=none -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device virtio-net-pci,vlan=0,id=net0,mac=52:54:00:9a:a0:14,bus=pci.0,addr=0x3 -net tap,fd=66,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:0 -k en-us -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5

$ iptables -L && iptables -L -t nat
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination  

$ brctl showmacs br0
port no mac addr        is local?   ageing timer
1   00:0c:42:30:ef:cb   no         5.94
1   00:0e:08:d7:32:dd   no        41.34
1   00:0e:08:dd:9f:94   no        30.49
1   00:0e:08:dd:9f:96   no        46.45
1   00:19:b9:08:2f:6d   no         0.00
1   00:1a:c1:f3:95:66   no         1.98
1   00:c0:dd:0b:84:3e   yes        0.00
1   3c:ce:73:d2:67:2f   no        53.84
1   3c:ce:73:d2:67:3c   no         6.84
1   44:d3:ca:78:b4:b1   no        13.97
1   98:d6:bb:61:44:43   no       186.44
1   f4:ce:46:48:ef:1f   no         4.46
2   fe:54:00:9a:a0:14   yes        0.00

$ tail -n 3 /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

我还在服务器上执行了 tcpdump，当我尝试从客户端到网关时，我得到以下输出：

16:12:32.533844 ARP, Request who-has 172.16.66.254 tell 172.16.66.36, length 28
...

最后它失败了，因为它无法到达网关。

我还截取了客户端网络配置的屏幕截图，因为我还没有互联网连接来安装 openssh。

http://bit.ly/VN9fnl http://bit.ly/X07sgo

KVM 客户机找不到网关

答案1

相关内容