我正在运行一个装有 OpenVPN 和 apache 的 Ubuntu 服务器(192.168.178.30)。FritzBox(路由器)是192.168.178.1。OpenVPN 是桥接模式。当我使用 OpenVPN shell 脚本(下面的 bee)启动桥接时,ifconfig 看起来像这样,我没有网络连接:
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.178.30 netmask 255.255.255.0 broadcast 192.168.178.255
inet6 fe80::215:5dff:feb2:400 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:b2:04:00 txqueuelen 1000 (Ethernet)
RX packets 22 bytes 2448 (2.4 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1310 (1.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
inet6 fe80::215:5dff:feb2:400 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:b2:04:00 txqueuelen 1000 (Ethernet)
RX packets 112428 bytes 21475704 (21.4 MB)
RX errors 0 dropped 21826 overruns 0 frame 0
TX packets 54705 bytes 14757275 (14.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 208 bytes 19137 (19.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 208 bytes 19137 (19.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap0: flags=4355<UP,BROADCAST,PROMISC,MULTICAST> mtu 1500
ether 6a:e5:9c:c5:4e:5f txqueuelen 100 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
禁用网桥时 ifconfig 看起来像互联网作品再次:
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
inet 192.168.178.30 netmask 255.255.255.0 broadcast 192.168.178.255
inet6 fe80::215:5dff:feb2:400 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:b2:04:00 txqueuelen 1000 (Ethernet)
RX packets 112037 bytes 21430886 (21.4 MB)
RX errors 0 dropped 21820 overruns 0 frame 0
TX packets 54532 bytes 14721454 (14.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 208 bytes 19137 (19.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 208 bytes 19137 (19.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
OpenVPN 连接在网络中工作 – 服务器正在监听并运行良好。但是当使用 DynDNS 名称并通过 fritzbox 运行时(端口 1194 被重定向),什么都没有发生 – 而且服务器无法访问 google.de – 因此当桥接启动时互联网连接就断开了。
这是 OpenVPN 桥接启动 (https://openvpn.net/community-resources/ethernet-bridging/#linuxscript) 使用我的 IP 设置的 shell 脚本:
#!/bin/bash
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.178.30"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.178.255"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
桥接配置也应该正确:
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.00155db20400 no eth0 tap0
更新
我发现 /etc/network/interfaces 已禁用,而 netplan 处于活动状态。netplan 配置如下所示:
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses:
- 192.168.178.30/24
gateway4: 192.168.178.1
nameservers:
addresses: [8.8.8.8, 1.1.1.1]
这里应该定义 br0(而不是 eth0)吗?试过了,似乎这就是答案。会观察到这一点。