我想连接macvlan到互联网,但无法连接。我已将 macvlan 添加到网络命名空间,下一步该怎么做?
我正在使用 VPS 服务器(云 VPS),操作系统Debian 10
我的默认网关,在网络命名空间之外:192.0.2.1
netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.0.2.1 0.0.0.0 UG 0 0 0 eth0
10.5.0.0 0.0.0.0 255.255.255.224 U 0 0 0 tun0
10.168.179.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
187.215.130.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
我尝试添加一个命名空间,并将 macvlan 附加到它:
ip netns add net1;\
ip link add macvlan1 link eth0 type macvlan mode bridge;\
ip link set macvlan1 netns net1;\
ip netns exec net1 ip addr add 187.215.130.107 dev macvlan1;\
ip netns exec net1 ip link set macvlan1 up; ip netns exec net1 ip link set lo up;\
ip netns exec net1 su -c "screen"
187.215.130.107- 服务器的第二个公网 IP 地址。
我尝试在命名空间内添加默认网关net1,但出现错误:
ip route add default via 192.0.2.1
Error: Nexthop has invalid gateway.
route add default gw 192.0.2.1 dev macvlan1
SIOCADDRT: Network is unreachable
路由表为空:
netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
curl http://ipecho.net/plain
curl:(6)无法解析主机:ipecho.net
ping 192.0.2.1
连接:网络不可达
ping 192.168.0.1
连接:网络不可达
ping 10.5.0.1
连接:网络不可达
ping 187.215.130.0
连接:网络不可达
ping 10.168.179.0
连接:网络不可达
命名空间内部net1:ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
40: macvlan1@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 32:5d:65:12:b1:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 187.215.130.107/32 scope global macvlan1
valid_lft forever preferred_lft forever
inet6 fe80::305d:65ff:fe12:b1fe/64 scope link
valid_lft forever preferred_lft forever
网络命名空间之外:ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:ec:a6:68:1c brd ff:ff:ff:ff:ff:ff
inet 187.151.116.253/32 brd 187.151.116.253 scope global eth0
valid_lft forever preferred_lft forever
inet 187.215.130.107/24 brd 187.215.130.255 scope global eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::5054:ecff:fea6:681c/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:09:08:9c brd ff:ff:ff:ff:ff:ff
inet 10.168.179.38/24 brd 10.168.179.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe09:89c/64 scope link
valid_lft forever preferred_lft forever
10: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.5.0.1/27 brd 10.5.0.31 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::4235:badc:190b:2d1d/64 scope link stable-privacy
valid_lft forever preferred_lft forever
看起来 macvlan1 和 eth0 之间没有桥接。在我移至命名空间之前,有一个桥接macvlan1。net1我现在该怎么做才能连接macvlan1到eth0?