Linux:如何在一个 Linux 机器中模拟多个 IP 和 MAC 地址以进行网络测试

tag-icon tag-icon linux-networking bridge
Linux:如何在一个 Linux 机器中模拟多个 IP 和 MAC 地址以进行网络测试

我想用一个 Linux 盒子测试一个网络,它应该获得 100 个不同的 IP 地址,每个 IP 地址都有自己的 MAC,在与其他设备通信时应该用作源 MAC 地址。

我已经编写了这个脚本:

#!/bin/bash
for i in `seq 0 10 `; do 
    hex=`perl -e "printf ('%02X', $i)"`
    echo tap$i / $hex
    ip link add link eth0 address 00:00:13:37:00:$hex eth0-$i type macvlan
done
sleep 2
for i in `seq 0 10 `; do
    echo eth0-$i ip
    while ! ifconfig eth0-$i &>/dev/null; do
        sleep 1
    done
    ii=`expr $i + 100`
    ip addr add 10.254.251.$ii/24 dev eth0-$i
    ifconfig eth0-$i up
done

然后我得到了具有自己的IP和MAC地址的设备。

但是当任何人从外部对我的一个 IP 地址进行 ARP 时,Linux 主机会通过 eth0 使用我的所有虚拟地址多次应答,然后另一台设备将最后一个地址插入其 ARP 表中。

23:43:22.764080 00:24:43:8f:e5:39 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.254.251.100 tell 10.254.251.1, length 46
23:43:22.764340 b8:27:eb:b3:e1:36 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at b8:27:eb:b3:e1:36, length 28
23:43:22.764442 00:00:13:37:00:00 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:00, length 28
23:43:22.764642 00:00:13:37:00:01 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:01, length 28
23:43:22.764733 00:00:13:37:00:02 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:02, length 28
23:43:22.764929 00:00:13:37:00:03 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:03, length 28
23:43:22.765071 00:00:13:37:00:04 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:04, length 28
23:43:22.765208 00:00:13:37:00:05 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:05, length 28
23:43:22.765342 00:00:13:37:00:06 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:06, length 28
23:43:22.765476 00:00:13:37:00:07 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:07, length 28
23:43:22.765560 00:00:13:37:00:08 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:08, length 28
23:43:22.765713 00:00:13:37:00:09 > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:09, length 28
23:43:22.765845 00:00:13:37:00:0a > 00:24:43:8f:e5:39, ethertype ARP (0x0806), length 42: Reply 10.254.251.100 is-at 00:00:13:37:00:0a, length 28
23:43:22.767375 00:24:43:8f:e5:39 > b8:27:eb:b3:e1:36, ethertype IPv4 (0x0800), length 98: 10.254.251.1 > 10.254.251.100: ICMP echo request, id 2984, seq 0, length 64
23:43:22.767561 b8:27:eb:b3:e1:36 > 00:24:43:8f:e5:39, ethertype IPv4 (0x0800), length 98: 10.254.251.100 > 10.254.251.1: ICMP echo reply, id 2984, seq 0, length 64

有人能告诉我如何设置吗?macvlan 是不是设置错了?

使用 Linux brige 我可以做类似的设置,但主机会使用传出接口的物理 MAC 回复所有 IP。

答案1

看看 arp_filter 和 arp_ignore

/proc/sys/net/ipv4/conf/*/arp_filter/proc/sys/net/ipv4/conf/*/arp_ignore

相关内容