我对 NetworkManager 如何通过 nmcli 管理静态路由感到怀疑。我有一台带有三个网络接口的 CentOS 7.1.1503 服务器:
[root@brick ~ ]# nmcli con show
NOMBRE UUID TIPO DISPOSITIVO
int-ofi-nueva 3646ca3f-42b7-4bef-a677-6f92a5d55ee7 802-3-ethernet enp4s0
tvcable-ext e4dce451-6cc1-4a32-a8d6-394905f6a024 802-3-ethernet enp2s0
int-ofi-vieja ecbb8828-cd46-4b18-8b5e-61291a051553 802-3-ethernet enp5s0
接口enp2s0是我的 WAN 接口,是具有默认路由的接口。我已通过 nmcli 在接口上配置了静态路由enp5s0,但即使我重新启动 NetworkManager,此路由也不会添加到路由表中。仅添加了与连接到每个接口的网络相对应的路由。以下是详细信息:
[root@brick ~ ]# ifconfig
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet xxx.xxx.xxx.xxx netmask 255.255.255.248 broadcast xxx.xxx.xxx.xxx
inet6 fe80::feaa:14ff:fe76:fc7b prefixlen 64 scopeid 0x20<link>
ether fc:aa:14:76:fc:7b txqueuelen 1000 (Ethernet)
RX packets 13928182 bytes 1503741109 (1.4 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 372577 bytes 75107061 (71.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.2.1 netmask 255.255.255.0 broadcast 172.17.2.255
inet6 fe80::fe75:16ff:fe8a:a702 prefixlen 64 scopeid 0x20<link>
ether fc:75:16:8a:a7:02 txqueuelen 1000 (Ethernet)
RX packets 336962 bytes 70850425 (67.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 515100 bytes 589742232 (562.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp5s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.1.2 netmask 255.255.255.0 broadcast 172.17.1.255
inet6 fe80::c6e9:84ff:fe02:fbcc prefixlen 64 scopeid 0x20<link>
ether c4:e9:84:02:fb:cc txqueuelen 1000 (Ethernet)
RX packets 41353 bytes 12914987 (12.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11386 bytes 1672601 (1.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
路由表:
[root@brick ~ ]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 <wan_gateway> 0.0.0.0 UG 100 0 0 enp2s0
172.17.1.0 0.0.0.0 255.255.255.0 U 1 0 0 enp5s0
172.17.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp4s0
<wan_network> 0.0.0.0 255.255.255.248 U 0 0 0 enp2s0
连接配置:
[root@brick ~ ]# nmcli con show int-ofi-vieja
connection.id: int-ofi-vieja
connection.uuid: ecbb8828-cd46-4b18-8b5e-61291a051553
connection.interface-name: enp5s0
connection.type: 802-3-ethernet
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.timestamp: 1444951423
connection.read-only: no
connection.permissions:
connection.zone: --
connection.master: --
connection.slave-type: --
connection.secondaries:
connection.gateway-ping-timeout: 0
802-3-ethernet.port: --
802-3-ethernet.speed: 0
802-3-ethernet.duplex: --
802-3-ethernet.auto-negotiate: yes
802-3-ethernet.mac-address: --
802-3-ethernet.cloned-mac-address: --
802-3-ethernet.mac-address-blacklist:
802-3-ethernet.mtu: auto
802-3-ethernet.s390-subchannels:
802-3-ethernet.s390-nettype: --
802-3-ethernet.s390-options:
ipv4.method: manual
ipv4.dns:
ipv4.dns-search:
ipv4.addresses: 172.17.1.2/24
ipv4.gateway: --
ipv4.routes: { ip = 10.125.25.0/24, nh = 172.17.1.9 }
ipv4.route-metric: 1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.never-default: no
ipv4.may-fail: yes
[ipv6 settings ommitted for brevity]
请注意,属性 ipv4.routes 已设置,但路由未加载。我是否必须在该连接上设置其他内容才能让内核看到它?