KVM 中的 VM 具有不同的网络,A 可以 ping 通 B 但 B 无法 ping 通 A?(桥接 KVM 网络)

tag-icon tag-icon linux-networking kvm-virtualization ping bridge route
KVM 中的 VM 具有不同的网络,A 可以 ping 通 B 但 B 无法 ping 通 A?(桥接 KVM 网络)

我有 2 个 KVM 虚拟机,以及 2 个网络defaultnew

1 使用defaut网络:(virbr0)

192.168.122.0/24
IP: 192.168.122.152.
fowarding: NAT

其他使用new网络:(virbr1)

192.168.124.0/24
IP: 192.168.124.182
fowarding: NAT

iptables规则为空且不ufw活跃

从两个虚拟机,我都可以 ping 通主机和互联网,而且主机也可以 ping 通虚拟机。

quanlm@quanlm-laptop:/home/quan$ ping 192.168.122.152
PING 192.168.122.152 (192.168.122.152) 56(84) bytes of data.
64 bytes from 192.168.122.152: icmp_seq=1 ttl=64 time=0.596 ms


quanlm@quanlm-laptop:/home/quan$ ping 192.168.124.182
PING 192.168.124.182 (192.168.124.182) 56(84) bytes of data.
64 bytes from 192.168.124.182: icmp_seq=1 ttl=64 time=0.509 ms

但在虚拟机使用defaut网络中,我可以 pingnew网络

root@test:~# ping 192.168.124.1
PING 192.168.124.1 (192.168.124.1) 56(84) bytes of data.
64 bytes from 192.168.124.1: icmp_seq=1 ttl=64 time=0.165 ms
64 bytes from 192.168.124.1: icmp_seq=2 ttl=64 time=0.551 ms

但其他虚拟机不使用new网络

root@test:~# ping 192.168.124.182
PING 192.168.124.182 (192.168.124.182) 56(84) bytes of data.
From 192.168.122.1 icmp_seq=1 Destination Port Unreachable
From 192.168.122.1 icmp_seq=2 Destination Port Unreachable
From 192.168.122.1 icmp_seq=3 Destination Port Unreachable

但使用网络的虚拟机也new可以直接 pingdefault网络虚拟机

root@test2:~# ping 192.168.122.152
PING 192.168.122.152 (192.168.122.152) 56(84) bytes of data.
64 bytes from 192.168.122.152: icmp_seq=1 ttl=63 time=1.30 ms
64 bytes from 192.168.122.152: icmp_seq=2 ttl=63 time=1.10 ms

default在虚拟机上跟踪路由

root@test:~# traceroute 192.168.124.182
traceroute to 192.168.124.182 (192.168.124.182), 30 hops max, 60 byte packets
 1  quanlm-laptop (192.168.122.1)  0.565 ms  0.446 ms  0.440 ms
 2  quanlm-laptop (192.168.122.1)  0.454 ms  0.551 ms  0.441 ms

new虚拟机中的跟踪路由

root@test2:~# traceroute 192.168.122.152
traceroute to 192.168.122.152 (192.168.122.152), 30 hops max, 60 byte packets
 1  quanlm-laptop (192.168.124.1)  0.459 ms  0.455 ms  0.453 ms
 2  test.192.168.124.1 (192.168.122.152)  1.234 ms  1.383 ms  1.782 ms

主办路线:

quanlm@quanlm-laptop:/home/quan$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         _gateway        0.0.0.0         UG    600    0        0 wlo1
link-local      0.0.0.0         255.255.0.0     U     1000   0        0 wlo1
172.16.161.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet1
192.168.48.0    0.0.0.0         255.255.255.0   U     0      0        0 vmnet8
192.168.64.0    0.0.0.0         255.255.240.0   U     600    0        0 wlo1
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.124.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr1

问题是如何使第一台虚拟机default可以 ping 通第二台虚拟机new

相关内容