Linux QEMU 桥接网络接口问题

tag-icon tag-icon qemu centos7
Linux QEMU 桥接网络接口问题

我正在尝试为在 CentOS 7 上运行的 QEMU 之一设置桥接接口。我有以下用于运行 TAP 接口的脚本

$ cat /etc/qemu-ifup
ifconfig ens192 down
ifconfig ens192 0.0.0.0 promisc up
openvpn --mktun --dev tap0
ifconfig tap0 0.0.0.0 up
brctl addbr br0
brctl addif br0 ens192
brctl addif br0 tap0
brctl stp br0 off
ifconfig br0 192.168.42.201 netmask 255.255.255.0

现在,在运行 QEMU 机器之前,我运行此脚本,以便我们可以启动并运行桥接接口。我可以从其他主机 ping 此接口。以下是输出

$ ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.42.201  netmask 255.255.255.0  broadcast 192.168.42.255
        inet6 fe80::646a:f6ff:fe1e:42ce  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:1f:e0:db  txqueuelen 0  (Ethernet)
        RX packets 314  bytes 15522 (15.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 38  bytes 4803 (4.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
ens192: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        ether 00:0c:29:1f:e0:db  txqueuelen 1000  (Ethernet)
        RX packets 258  bytes 16020 (15.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 92  bytes 8269 (8.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 7404  bytes 108578604 (103.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7404  bytes 108578604 (103.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tap0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::e8d9:3ff:fedf:85d3  prefixlen 64  scopeid 0x20<link>
        ether ea:d9:03:df:85:d3  txqueuelen 100  (Ethernet)
        RX packets 69  bytes 4722 (4.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 193  bytes 12111 (11.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 02:a1:9f:a4:81:bc  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1  bytes 90 (90.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

以下是从其他主机 192.168.42.12 执行 ping 操作的输出

# ping 192.168.42.201
PING 192.168.42.201 (192.168.42.201) 56(84) bytes of data.
64 bytes from 192.168.42.201: icmp_seq=1 ttl=64 time=1.19 ms
64 bytes from 192.168.42.201: icmp_seq=2 ttl=64 time=0.369 ms

下面是我运行 QEMU 时执行的命令

/home/test/yocto/poky/build/tmp/sysroots/x86_64-linux/usr/bin/qemu-system-arm -kernel /home/test/yocto/poky/build/tmp/deploy/images/qemuarm/zImage-qemuarm.bin -net nic,vlan=0 -net tap,vlan=0,ifname=tap0,script=no,downscript=no -M versatilepb -hda /home/test/yocto/poky/build/tmp/deploy/images/qemuarm/core-image-minimal-dev-qemuarm-20141124054625.rootfs.ext3 -no-reboot -show-cursor -usb -usbdevice wacom-tablet -no-reboot -m 128 --append "root=/dev/sda rw console=ttyAMA0,115200 console=tty mem=128M highres=off "

我也停止了 iptables 并尝试从 QEMU 机器(192.168.42.202)或其他主机 ping 主机,但无法访问。

# ping 192.168.42.202
PING 192.168.42.202 (192.168.42.202) 56(84) bytes of data.
^C
--- 192.168.42.202 ping statistics ---
670 packets transmitted, 0 received, 100% packet loss, time 669735ms

因此有任何想法可以解决这个问题吗?

答案1

最后我通过 OpenVPN 隧道机制解决了这个问题。因此我给出了解决方案以供参考。这可能是其中之一,因为可能还有更多。

  1. 安装 Epel RPM,然后安装 openvpn 包yum install openvpn
  2. 现在修改示例桥接启动脚本(可以在中找到/usr/share/doc/openvpn<version>/sample-scripts),如下所示:
#!/bin/bash

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0" #<== Change it with your physical ethernet device.

eth_ip="192.168.8.4/24" #<== Update this with the address which you want to use it.

# create the bridge interface, assign the ip address for it, and enable
ip link add name $br type bridge
ip address add $eth_ip dev $br
ip link set dev $br up

# add eth interface into the bridge
ip link set dev $eth master $br
ip link set dev $eth up

# create the tap interfaces and add they into the bridge
for t in $tap; do
    openvpn --mktun --dev $t
    ip link set dev $t master $br
    ip link set dev $t up
done

exit 0

  1. 类似地,还有 bridge-stop 脚本。它可用于移除分接设备和桥接。

  2. 现在使其可执行并以 ./bridge-start 形式运行。运行之前先启动 Qemu。

  3. 现在使用 TAP 设备(即)启动 Qemu tap0。它将能够与其他主机和设备通信。

欲了解更多信息,请参阅OpenVPN 以太网桥接网络

相关内容