我最近刚刚将 Debian 11 服务器设置为带有多个 KVM 客户机的主机。我在不同的 LAN 上有两个物理接口,并设置了两个不同的桥接器,以便将客户机连接到它们所需的 LAN,这些 LAN 具有各自的 IP。当我关闭服务器以便向其添加驱动器时,这工作正常。当服务器关闭(以向其添加驱动器)时,我更改了 DHCP 分配给桥接接口的 IP。当我重新启动它(三天后)时,网络根本无法工作。我无法 ping 网关,无法进行 DNS 查找,无法通过 SSH 进入服务器,甚至无法从服务器内部 ping 客户机。我尝试了所有能想到的方法,重新启动了十几次网络服务,又重新启动了六次服务器,但都不起作用。所有接口都通过 DHCP 获取正确的 IP,但我根本无法让网络工作。我不知道发生了什么。通过 DHCP 更改桥接接口的 IP 应该不会有任何效果。我在故障排除过程中还更新并重新启动了防火墙。我的网络其余部分都很好。我能够获得任何网络的唯一方法是删除 /etc/network/interfaces 中除一个接口之外的所有接口,然后重新启动服务器。显然,这在生产中行不通。有人有什么想法吗?我已经束手无策了。我将包括我能想到的所有信息:
/etc/网络/接口
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# Onboard Ethernet 1 (top)
allow-hotplug eno1
auto eno1
iface eno1 inet dhcp
# dhcp
# Onboard Ehternet 2 (bottom)
auto eno2
allow-hotplug eno2
iface eno2 inet dhcp
#Bridge setup
auto br0
iface br0 inet dhcp
bridge_ports eno1
bridge_stp off
bridge_maxwait 0
bridge_fd 0
auto br1
iface br1 inet dhcp
bridge_ports eno2
bridge_stp off
bridge_maxwait 0
bridge_fd 0
brctl_显示
bridge name bridge id STP enabled interfaces
br0 8000.0258ab8fb9c5 no eno1
vnet0
vnet3
vnet5
br1 8000.62ba805c2dfd no eno2
vnet1
vnet2
vnet4
int0 8000.525400acd0ee yes
IP地址
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0a:cd:23:18:a4 brd ff:ff:ff:ff:ff:ff
altname enp68s0
3: enp69s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0a:cd:23:18:a5 brd ff:ff:ff:ff:ff:ff
4: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 90:b1:1c:53:48:8d brd ff:ff:ff:ff:ff:ff
altname enp6s0f0
inet 192.168.0.130/24 brd 192.168.0.255 scope global dynamic eno1
valid_lft 2350sec preferred_lft 2350sec
5: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br1 state UP group default qlen 1000
link/ether 90:b1:1c:53:48:8e brd ff:ff:ff:ff:ff:ff
altname enp6s0f1
inet 192.168.1.130/24 brd 192.168.1.255 scope global dynamic eno2
valid_lft 2349sec preferred_lft 2349sec
6: idrac: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 90:b1:1c:53:48:90 brd ff:ff:ff:ff:ff:ff
7: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:58:ab:8f:b9:c5 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.118/24 brd 192.168.0.255 scope global dynamic br0
valid_lft 2350sec preferred_lft 2350sec
inet6 fe80::58:abff:fe8f:b9c5/64 scope link
valid_lft forever preferred_lft forever
8: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 62:ba:80:5c:2d:fd brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global dynamic br1
valid_lft 2351sec preferred_lft 2351sec
inet6 fe80::60ba:80ff:fe5c:2dfd/64 scope link
valid_lft forever preferred_lft forever
9: int0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:ac:d0:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global int0
valid_lft forever preferred_lft forever
10: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:02 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7202/64 scope link
valid_lft forever preferred_lft forever
11: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br1 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:12 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7212/64 scope link
valid_lft forever preferred_lft forever
12: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br1 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:13 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7213/64 scope link
valid_lft forever preferred_lft forever
13: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:05 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7205/64 scope link
valid_lft forever preferred_lft forever
14: vnet4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br1 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:15 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7215/64 scope link
valid_lft forever preferred_lft forever
15: vnet5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UNKNOWN group default qlen 1000
link/ether fe:54:00:30:72:04 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe30:7204/64 scope link
valid_lft forever preferred_lft forever
路由
default via 192.168.1.1 dev eno2
192.168.0.0/24 dev eno1 proto kernel scope link src 192.168.0.130
192.168.0.0/24 dev br0 proto kernel scope link src 192.168.0.118
192.168.1.0/24 dev eno2 proto kernel scope link src 192.168.1.130
192.168.1.0/24 dev br1 proto kernel scope link src 192.168.1.2
192.168.122.0/24 dev int0 proto kernel scope link src 192.168.122.1 linkdown
我也曾将默认路由设置为 192.168.0.1 dev eno1,但它仍然不起作用。我希望默认路由为 192.168.0.1,但现在,我只需要它能正常工作。防火墙(DNS 和 DHCP 服务器)位于 192.168.0.1 和 192.168.1.1。
有人有什么想法可以帮助我解决这个问题吗?
答案1
给桥接成员分配 IP 地址是错误的,不管是 DHCP 还是静态地址,还是其他任何方法。如果之前一直能正常工作,那只是偶然,可能是 NIC 初始化顺序太幸运了,并且“连接”类型的路由设置正确,所以它能正常工作。
将 eno1 和 eno2 配置方法设置为manual:
iface eno1 inet manual
iface eno2 inet manual
auto对于这些接口(也不需要或) ,您不需要任何其他东西allow-hotplug;拥有它们的桥实际上会在初始化期间将它们拉起。
仅将 IP 分配给网桥,静态配置可能比 DHCP 分配更适合服务器,但这完全由您决定。
另外,请注意brctl(和整个bridge-utils包)已过时,并且它显示的信息是多余的。我们可以通过查看(或)输出master中其他接口的属性来查看哪些是哪些的成员。有关更多详细信息和桥接操作,请使用与捆绑在一起的实用程序(您已经拥有,也属于那里)。ip addrip linkbridgeiproute2ip