创建一千个macvlan,ping本地ip失败

tag-icon tag-icon linux networking linux-networking linux-kernel
创建一千个macvlan,ping本地ip失败

我想创建 1000 个macvlan具有不同 IP 的 IP 地址。并使用ip rule多个接口将不同的公共 IP 地址路由到互联网。

首先创建1000个macvlan:

ip link add link eth0 address %02x:%02x:%02x:%02x:%02x:%02x eth0_%d type macvlan

%02x是mac地址,%d是0-999。

然后使用 ifconfig 设置每个 macvlan 不同的公网 ip。最后使用 ip 规则:

ip route add default via ${router} dev ${interface} src ${ip} table ${interfaceidx}
ip rule add from ${ip} table ${interfaceidx}

每个macvlan都会添加一条规则,一张表。

使用其他服务器 ping 任何 macvlan ip 均正常。

root@ubuntu:/tmp# ping 222.217.107.102
PING 222.217.107.102 (222.217.107.102) 56(84) bytes of data.
64 bytes from 222.217.107.102: icmp_seq=1 ttl=56 time=57.5 ms
64 bytes from 222.217.107.102: icmp_seq=2 ttl=56 time=58.0 ms
64 bytes from 222.217.107.102: icmp_seq=3 ttl=56 time=60.1 ms
64 bytes from 222.217.107.102: icmp_seq=4 ttl=56 time=57.5 ms

但是在主机上 ping macvlan 会丢弃数据包:

[root@localhost ~]# ping 222.217.107.102
PING 222.217.107.102 (222.217.107.102) 56(84) bytes of data.
64 bytes from 222.217.107.102: icmp_seq=1 ttl=64 time=0.124 ms
ping: sendmsg: Invalid argument
64 bytes from 222.217.107.102: icmp_seq=3 ttl=64 time=0.049 ms
ping: sendmsg: Invalid argument

ping 127.0.0.1 也会丢弃数据包:

[root@localhost ~]# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
ping: sendmsg: Invalid argument
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.050 ms
ping: sendmsg: Invalid argument
ping: sendmsg: Invalid argument
64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.061 ms
ping: sendmsg: Invalid argument
ping: sendmsg: Invalid argument
ping: sendmsg: Invalid argument


[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core) 
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-957.10.1.el7.x86_64 #1 SMP Mon Mar 18 15:06:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

我认为我的路由表没有问题。其他 PC ping 没问题。现代 Linux 内核支持 4294967295 个表 ID,作为 32 位长度的 rtnetlink 属性 RTA_TABLE 实现。https://bird.network.cz/pipermail/bird-users/2013-November/008706.html

327654: from 113.15.163.120 lookup 1429 
327655: from 113.15.163.121 lookup 1511 
327656: from 113.15.163.122 lookup 1522 
327657: from 113.15.163.123 lookup 1186 
327658: from 113.15.163.125 lookup 1513 
327659: from 113.15.163.124 lookup 1190 
327660: from all lookup main 
327670: from all lookup default

答案1

linux默认的arp表是1000。

net.ipv4.neigh.default.gc_thresh1 = 8192
net.ipv4.neigh.default.gc_thresh2 = 32768
net.ipv4.neigh.default.gc_thresh3 = 65536

sysctl.conf1000 macvlan 会导致 arp 丢失,因此 ping 会丢失。在.中添加以下行sysctl -p

相关内容