我希望有人以前遇到过这个问题,因为它让我抓狂。我有 2500 台 Linux 嵌入式 Linux 服务器。我们部分使用这些服务器作为位于私有网络上的其他设备的网关。配置包含一系列虚拟接口(不是 VLAN),带有 DNAT 和 SNAT 规则,用于将请求传递给所述设备。
多年来,这种方法一直运行良好。上周,我们添加了大约 25 个虚拟接口和大约 50 多个 iptables 规则。此时,我们遇到了一个意想不到的问题。我们的嵌入式 Linux 服务器随机停止响应针对主以太网接口 eth0 配置的 IP 虚拟 IP 地址的请求。ARP 请求得不到答复,例如:
tcpdump -vvvnn arp -- *x.x.x.23 is the virtual IP address and x.x.x.16 is the router the request came from*
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes
16:15:10.404513 arp who-has x.x.x.23 tell x.x.x.16
16:15:12.403592 arp who-has x.x.x.23 tell x.x.x.16
16:15:14.407617 arp who-has x.x.x.23 tell x.x.x.16
xxx23 所网络地址转换的设备可以从 Linux 服务器 ping 通,并且 IPtables 条目看起来正确,但从未被评估。
有人知道 Linux 中是否存在某种缓冲区/缓存,可以限制针对单个以太网接口定义的接口数量吗?现在每个 Linux 服务器大约有 50 个。
我们的防火墙配置越来越大,但如果这导致了问题,我预计会出现操作系统错误。
我在 dmesg 或 /var/log/messages 中看不到操作系统错误。
我们混合使用了不同的以太网硬件 RLT8139 和 RDC6040。2 种不同的 Linux 版本,Debian 6 和 Puppy Linux 3(旧站点)。两者都出现了同样的问题。
这几乎就像服务器不知道它有接口一样。刷新防火墙规则似乎没有任何作用。当 nat 规则被禁用时,服务器应该回复 ping,但它没有。
我现在头都快被撞破了。这就是我们的界面。IP 已被屏蔽以保护无辜者……
eth0 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.1 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1036673 errors:0 dropped:0 overruns:0 frame:0
TX packets:4606675 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:164871619 (157.2 MiB) TX bytes:354806888 (338.3 MiB)
Interrupt:10 Base address:0xde00
eth0:1 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.3 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:10 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.13 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:14 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.14 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:15 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.15 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:16 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.16 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:17 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.17 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:18 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.18 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:19 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.19 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:2 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.11 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:20 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.20 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:21 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.21 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:22 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.22 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:23 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.23 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:24 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.24 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:25 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.25 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:26 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.26 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:27 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.27 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:3 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.12 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:33 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.33 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:34 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.34 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:39 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.39 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:4 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.4 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:40 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.40 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:41 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.41 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:42 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.42 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:43 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.43 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:44 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.44 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:45 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.45 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:46 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.46 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:47 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.47 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:48 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.48 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:49 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.49 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:5 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.5 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:50 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.50 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:51 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.51 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:52 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.52 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:53 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.53 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:54 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.54 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:55 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.55 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:56 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.56 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:57 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.57 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:58 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.58 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:59 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.59 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:6 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.6 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:7 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.7 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:8 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.8 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
eth0:9 Link encap:Ethernet HWaddr 00:1B:EB:43:24:05
inet addr:x.x.x.9 Bcast:x.x.x.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0xde00
答案1
根据您的报告:xxx16既是eth0:16和路由器。
你是否掩盖了太多的东西?
无论如何,我会看看/proc/sys/net/ipv4/conf/[全部|默认|eth0]/arp_ignore和arp_anounce 函数。
问候,