我有一台 Linux 机器(基于 Debian 10 的操作系统),有 3 个硬件接口连接到互联网,其中 2 个是 USB 调制解调器:ifconfig 给出 ->
eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether b8:27:eb:95:a0:2c txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 14258 bytes 1613046 (1.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14258 bytes 1613046 (1.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.199.25.78 netmask 255.255.255.255 destination 10.64.64.64
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 7 bytes 130 (130.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 181 (181.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ppp1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.227.136.222 netmask 255.255.255.255 destination 10.64.64.65
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 7 bytes 130 (130.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 181 (181.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.105 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::e1b9:e62c:3140:bfc5 prefixlen 64 scopeid 0x20<link>
ether b8:27:eb:c0:f5:79 txqueuelen 1000 (Ethernet)
RX packets 26548 bytes 5187998 (4.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20025 bytes 5171235 (4.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0 是这里的默认接口,当我尝试:curl --interface ppp1 ifconfig.me或curl --interface ppp0 ifconfig.me请求超时,使用 sudo, sudo curl --interface ppp1 ifconfig.me给出响应,但 ppp0 的等效超时,要添加哪些正确的路由规则才能选择要路由的硬件接口?
实际路由规则:
default via 192.168.2.1 dev wlan0 proto dhcp src 192.168.2.105 metric 303
10.64.64.64 dev ppp0 proto kernel scope link src 10.233.6.240
10.64.64.65 dev ppp1 proto kernel scope link src 10.149.182.92
192.168.2.0/24 dev wlan0 proto dhcp scope link src 192.168.2.105 metric 303
ip rule给出:
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
ip -4 route show table all:
default via 192.168.2.1 dev wlan0
10.64.64.64 dev ppp0 proto kernel scope link src 10.235.137.107
10.64.64.65 dev ppp1 proto kernel scope link src 10.121.55.130
192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.101
local 10.121.55.130 dev ppp1 table local proto kernel scope host src 10.121.55.130
local 10.235.137.107 dev ppp0 table local proto kernel scope host src 10.235.137.107
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.2.0 dev wlan0 table local proto kernel scope link src 192.168.2.101
local 192.168.2.101 dev wlan0 table local proto kernel scope host src 192.168.2.101
broadcast 192.168.2.255 dev wlan0 table local proto kernel scope link src 192.168.2.101
附言:重启后,我尝试的所有路由都消失了(正如预期的那样)
答案1
所做curl --interface <iface> http://example.com的就是连接到example.com,使用接口的<iface>IP 地址作为源。否则路由将照常进行。
如果您希望根据数据包的源地址进行路由,则需要添加两个路由表(一个用于带有源的数据包10.199.25.78,另一个用于带有源的数据包10.227.136.222)。让我们通过添加以下内容来为路由表命名:
200 ppp0
201 ppp1
并为/etc/iproute2/rt_tables来自这些接口的数据包填充默认路由:
ip route add default dev ppp0 via 10.64.64.64 table ppp0
ip route add default dev ppp1 via 10.64.64.65 table ppp1
现在,您需要做的就是添加两个规则,它们将根据源地址选择ppp0表ppp1:
ip rule add from 10.199.25.78 table ppp0
ip rule add from 10.227.136.222 table ppp1
编辑:我深入研究卷曲的--interface ppp0选择。它可以以两种方式工作(参见连接.c):
- 如果该过程具有
CAP_NET_RAW能力(例如当你根)它绑定到给定的接口(通过SO_BINDTODEVICE)并且所有不使用该ppp0接口的路由将被忽略。 - 如果该进程没有特权,卷曲绑定到接口的 IP 地址
ppp0(10.199.25.78)并且路由照常进行。