我正在尝试通过连接主机和目标设备的以太网电缆将主机的互联网(已连接到 Wifi)共享给目标设备。我可以从主机 ping 目标,反之亦然。但无法从目标连接到互联网。 Target 的命令输出
# route
kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq qlen 1000
link/ether 34:03:de:92:f1:27 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.2/24 scope global eth0
valid_lft forever preferred_lft forever
3: sit0@NONE: <NOARP> mtu 1480 qdisc noop qlen 1000
link/sit 0.0.0.0 brd 0.0.0.0
# cat /etc/network/interfaces
# interface file auto-generated by buildroot
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.2.2
netmask 255.255.255.0
gateway 192.168.2.1
dns-nameservers 8.8.8.8 8.8.4.4
主机命令输出
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 600 0 0 wlp2s0
default atf-Latitude-E6 0.0.0.0 UG 20100 0 0 eno1
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 docker0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eno1
192.168.43.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp2s0
192.168.186.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
192.168.234.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 5c:26:0a:85:68:ed brd ff:ff:ff:ff:ff:ff
altname enp0s25
inet 192.168.2.1/24 brd 192.168.2.255 scope global noprefixroute eno1
valid_lft forever preferred_lft forever
inet6 fe80::5e26:aff:fe85:68ed/64 scope link
valid_lft forever preferred_lft forever
3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 08:11:96:f0:6a:8c brd ff:ff:ff:ff:ff:ff
inet 192.168.43.246/24 brd 192.168.43.255 scope global dynamic noprefixroute wlp2s0
valid_lft 2303sec preferred_lft 2303sec
inet6 2409:408c:8d09:225a:47b5:ad9a:e876:20a8/64 scope global temporary dynamic
valid_lft 3506sec preferred_lft 3506sec
inet6 2409:408c:8d09:225a:89b5:1ef1:95fc:ffbb/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 3506sec preferred_lft 3506sec
inet6 fe80::16e0:e90c:3910:62ca/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: vmnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000
link/ether 00:50:56:c0:00:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.186.1/24 brd 192.168.186.255 scope global vmnet1
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fec0:1/64 scope link
valid_lft forever preferred_lft forever
5: vmnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000
link/ether 00:50:56:c0:00:08 brd ff:ff:ff:ff:ff:ff
inet 192.168.234.1/24 brd 192.168.234.255 scope global vmnet8
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fec0:8/64 scope link
valid_lft forever preferred_lft forever
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:1d:6c:ab:84 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
$cat /etc/netplan/01-network-manager-all.yaml
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: NetworkManager
ethernets:
eno1:
dhcp4: no
addresses:
- 192.168.2.1/24
routes:
- to: default
via: 192.168.2.1
nameservers:
addresses: [8.8.8.8,8.8.4.4]
ping 8.8.8.8目标挂起。另外,如何向目标添加名称服务器?
答案1
正如所描述的,您的设置缺少两个关键功能,即 IP 转发和网络地址转换。
您已经正确设置了地址和路由,但是当一个数据包从“目标”到达“主机”,并且该数据包的目的地是其他机器时,默认行为是简单地丢弃该数据包,您需要使用 启用转发(正如 Riley 指出的那样)sysctl net.ipv4.ip_forward=1。
下一个问题是,当该数据包到达 LAN 上的路由器时,路由器不知道如何处理源地址为 的数据包192.168.2.2。数据包可能会在此阶段被丢弃,或者在响应返回时被丢弃,但它不会返回到您的“目标”计算机。您可以通过告诉“主机”计算机重写传出数据包的源地址来解决此问题,以便线路下游的路由器知道将响应发送到何处。您可以在 Linux 中使用 轻松完成此操作iptables -t nat -A POSTROUTING -i eno1 -o wlp2s0 -j MASQUERADE。