我将该dnsmasq服务用作 DHCP 服务器。每个节点都有一个桥接接口,br0该接口分配有两个 IP 地址。一个是公共 IP 地址,另一个被视为内部网络。
我有两个节点,它们的公共 IP 地址位于不同的子网中。但是,它们的私有 IP 地址位于同一网络中。server被视为dnsmasq在其上提供服务的节点,relay被视为 VM 在其上运行的节点。VM 有一个已连接到网桥的 TAP 设备br0。
内部网络在192.168.10.0/24子网内,server节点私网ip为192.168.10.1,relay节点私网ip为192.168.10.2。
我必须说,应分配给虚拟机的服务中定义的 IP 池dnsmasq位于不同的子网中,而不是其他现有子网中。
dnsmasq以下是节点上的服务的配置server:
interface=br0
listen-address=127.0.0.1,192.168.10.2
shared-network=192.168.10.1,X.Y.Z.12
dhcp-range=X.Y.Z.12,X.Y.Z.127,255.255.255.0,1d
dhcp-option=option:router,X.Y.Z.1
dhcp-option=option:dns-server,8.8.8.8,1.1.1.1
dhcp-broadcast
我已经在节点上测试了几种 dhcp-relay 服务,relay例如isc-dhcp-relay、dhcp-helper以及dnsmasq提供该dhcp-relay选项的节点本身。但节点上的 VMrelay无法从放置在server节点上的 DHCP 服务器获取任何 IP 地址。
下面是作为dhcp-relay服务dnsmasq放置在节点上的配置文件。relay
dhcp-relay=192.168.10.1,192.168.10.2
以下是 dhcp-server 显示的日志:
Aug 15 12:32:50 server dnsmasq-dhcp[595455]: DHCPDISCOVER(br0) 52:54:a0:02:02:a1
Aug 15 12:32:50 server dnsmasq-dhcp[595455]: DHCPOFFER(br0) X.Y.Z.23 52:54:a0:02:02:a1
Aug 15 12:32:50 server dnsmasq-dhcp[595455]: DHCPDISCOVER(br0) 52:54:a0:02:02:a1
Aug 15 12:32:50 server dnsmasq-dhcp[595455]: DHCPOFFER(br0) X.Y.Z.23 52:54:a0:02:02:a1
Aug 15 12:32:55 server dnsmasq-dhcp[595455]: DHCPDISCOVER(br0) 52:54:a0:02:02:a1
Aug 15 12:32:55 server dnsmasq-dhcp[595455]: DHCPOFFER(br0) X.Y.Z.23 52:54:a0:02:02:a1
以下是在 节点tcpdump桥接接口的 67 和 68 端口捕获的输出:br0server
12:32:55.461965 52:54:a0:02:02:a1 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 52:54:a0:02:02:a1, length 300, xid 0x956c917e, secs 7, Flags [none] (0x0000)
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Discover
Hostname (12), length 10: "test-relay"
Parameter-Request (55), length 13:
Subnet-Mask (1), BR (28), Time-Zone (2), Default-Gateway (3)
Domain-Name (15), Domain-Name-Server (6), Unknown (119), Hostname (12)
Netbios-Name-Server (44), Netbios-Scope (47), MTU (26), Classless-Static-Route (121)
NTP (42)
END (255), length 0
PAD (0), length 0, occurs 29
12:32:55.462108 2e:b0:bf:e2:73:9e > 2e:18:10:8c:25:4f, ethertype IPv4 (0x0800), length 342: (tos 0xc0, ttl 64, id 39650, offset 0, flags [none], proto UDP (17), length 328)
192.168.10.1.67 > 192.168.10.2.67: [udp sum ok] BOOTP/DHCP, Request from 52:54:a0:02:02:a1, length 300, hops 1, xid 0x956c917e, secs 7, Flags [none] (0x0000)
Gateway-IP 192.168.10.1
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Discover
Hostname (12), length 10: "test-relay"
Parameter-Request (55), length 13:
Subnet-Mask (1), BR (28), Time-Zone (2), Default-Gateway (3)
Domain-Name (15), Domain-Name-Server (6), Unknown (119), Hostname (12)
Netbios-Name-Server (44), Netbios-Scope (47), MTU (26), Classless-Static-Route (121)
NTP (42)
END (255), length 0
PAD (0), length 0, occurs 29
12:32:55.462318 2e:18:10:8c:25:4f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0xc0, ttl 64, id 58284, offset 0, flags [none], proto UDP (17), length 328)
SERVER.PUBLIC.IP.ADDRESS.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x956c917e, secs 7, Flags [Broadcast] (0x8000)
Your-IP X.Y.Z.23
Server-IP 192.168.10.2
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Offer
Server-ID (54), length 4: 192.168.30.2
Lease-Time (51), length 4: 86400
RN (58), length 4: 43200
RB (59), length 4: 75600
Subnet-Mask (1), length 4: 255.255.255.0
BR (28), length 4: X.Y.Z.255
Domain-Name-Server (6), length 8: 8.8.8.8,1.1.1.1
Default-Gateway (3), length 4: X.Y.Z.1
END (255), length 0
PAD (0), length 0, occurs 4
12:32:55.462557 2e:18:10:8c:25:4f > 2e:b0:bf:e2:73:9e, ethertype IPv4 (0x0800), length 342: (tos 0xc0, ttl 64, id 37343, offset 0, flags [none], proto UDP (17), length 328)
192.168.10.2.67 > 192.168.10.1.67: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x956c917e, secs 7, Flags [Broadcast] (0x8000)
Your-IP X.Y.Z.23
Server-IP 192.168.10.2
Gateway-IP 192.168.10.1
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Offer
Server-ID (54), length 4: 192.168.10.2
Lease-Time (51), length 4: 86400
RN (58), length 4: 43200
RB (59), length 4: 75600
Subnet-Mask (1), length 4: 255.255.255.0
BR (28), length 4: 195.206.171.255
Domain-Name-Server (6), length 8: 8.8.8.8,1.1.1.1
Default-Gateway (3), length 4: X.Y.Z.1
END (255), length 0
PAD (0), length 0, occurs 4
12 packets captured
12 packets received by filter
0 packets dropped by kernel
以下是在节点tcpdump桥接接口的 67 和 68 端口捕获的输出:br0relay
tcpdump: listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
12:32:47.818621 52:54:a0:02:02:a1 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, fl)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 52:54:a0:02:02:a1, length 300, xid 0x956c917e, Flags [n)
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Discover
Hostname (12), length 10: "test-relay"
Parameter-Request (55), length 13:
Subnet-Mask (1), BR (28), Time-Zone (2), Default-Gateway (3)
Domain-Name (15), Domain-Name-Server (6), Unknown (119), Hostname (12)
Netbios-Name-Server (44), Netbios-Scope (47), MTU (26), Classless-Static-Route (121)
NTP (42)
END (255), length 0
PAD (0), length 0, occurs 29
12:32:47.818830 2e:b0:bf:e2:73:9e > 2e:18:10:8c:25:4f, ethertype IPv4 (0x0800), length 342: (tos 0xc0, ttl 64, id 37786, offset 0,)
192.168.10.1.67 > 192.168.10.2.67: [bad udp cksum 0xbe99 -> 0x2f1c!] BOOTP/DHCP, Request from 52:54:a0:02:02:a1, length 300, h)
Gateway-IP 192.168.10.1
Client-Ethernet-Address 52:54:a0:02:02:a1
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Discover
Hostname (12), length 10: "test-relay"
Parameter-Request (55), length 13:
Subnet-Mask (1), BR (28), Time-Zone (2), Default-Gateway (3)
Domain-Name (15), Domain-Name-Server (6), Unknown (119), Hostname (12)
Netbios-Name-Server (44), Netbios-Scope (47), MTU (26), Classless-Static-Route (121)
NTP (42)
END (255), length 0
PAD (0), length 0, occurs 29
6 packets captured
6 packets received by filter
0 packets dropped by kernel
从tcpdump输出中我了解到以下几点:
1-server节点可以接收来自relay节点的 DHCP 发现数据包,并可以向relay服务发送回 DHCP 提供。但relay节点无法接收来自 的 DHCP 提供数据包server。
2- 每当relay服务向 发送 DHCP 发现数据包时server,其数据包中都有bad udp checksum。但是, 收到的相同数据包的server校验和等于 OK。
我的问题:
为什么中继服务无法接收 DHCP 提供数据包以及如何修复?
任何帮助都将受到赞赏。