使用 OpenWRT virtualbox 模拟桥接的问题

tag-icon tag-icon virtualbox bridge openwrt
使用 OpenWRT virtualbox 模拟桥接的问题

我在 virtualbox 中设置了一个 BarrierBreaker OpenWRT 实例。WAN 是 NAT 适配器 LAN 是内部网络

我尝试桥接这些接口,因为我想开始学习 ebtables。但是我连接到 VirtualBox 内部网络的客户端虚拟机无法访问互联网。(但它们确实从 DHCP 分配了一个 IP)

没有 iptables 规则,一切都设置为接受我是否错过了配置网桥的某个步骤?

root@OpenWrt:~# cat /etc/config/network 
config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option ifname 'eth0 eth1'
    option type 'bridge'
    option proto 'dhcp'
    option netmask '255.255.255.0'

brctl 输出

root@OpenWrt:~# brctl show
bridge name bridge id       STP enabled interfaces
br-lan      7fff.080027a068e5   no      eth0
                            eth1

OpenWrt 上的路由

root@OpenWrt:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.0.2.2        0.0.0.0         UG    0      0        0 br-lan
10.0.2.0        *               255.255.255.0   U     0      0        0 br-lan

OpenWRT 的 ifconfig

root@OpenWrt:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 08:00:27:A0:68:E5  
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fea0:68e5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2148 errors:0 dropped:0 overruns:0 frame:0
          TX packets:933 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:174021 (169.9 KiB)  TX bytes:190814 (186.3 KiB)

eth0      Link encap:Ethernet  HWaddr 08:00:27:A0:68:E5  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1153 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1969 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:103216 (100.7 KiB)  TX bytes:297768 (290.7 KiB)

eth1      Link encap:Ethernet  HWaddr 08:00:27:26:69:03  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1536 errors:0 dropped:0 overruns:0 frame:0
          TX packets:463 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:150875 (147.3 KiB)  TX bytes:47254 (46.1 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1134 (1.1 KiB)  TX bytes:1134 (1.1 KiB)

客户端路由表

C:\Users\IEUser>netstat -r
===========================================================================
Interface List
 13...08 00 27 3f 03 bc ......Intel(R) PRO/1000 MT Desktop Adapter
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.2.2        10.0.2.16     10
         10.0.2.0    255.255.255.0         On-link         10.0.2.16    266
        10.0.2.16  255.255.255.255         On-link         10.0.2.16    266
       10.0.2.255  255.255.255.255         On-link         10.0.2.16    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.2.16    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.2.16    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    266 fe80::/64                On-link
 13    266 fe80::35c5:9a8c:12ea:cf69/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

SysCtl 设置

root@OpenWrt:~# cat /etc/sysctl.conf 
kernel.panic=3
net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.all.arp_ignore=1
net.ipv4.ip_forward=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
net.ipv4.tcp_ecn=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=120
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_dsack=1

net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1

net.netfilter.nf_conntrack_acct=1
net.netfilter.nf_conntrack_checksum=0
net.netfilter.nf_conntrack_max=16384
net.netfilter.nf_conntrack_tcp_timeout_established=7440
net.netfilter.nf_conntrack_udp_timeout=60
net.netfilter.nf_conntrack_udp_timeout_stream=180
net.netfilter.nf_conntrack_skip_filter=1

# disable bridge firewalling by default
net.bridge.bridge-nf-call-arptables=0
net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0

答案1

内部网络适配器必须设置为允许混杂模式 https://stackoverflow.com/questions/1649353/network-link-between-multiple-virtualbox-machines

相关内容