无法使网络桥接正常工作

tag-icon tag-icon linux-networking debian-squeeze bridge qemu
无法使网络桥接正常工作

我正在尝试使网络桥接在 Debian squeeze 上运行(我正在尝试制作一个 QEMU/KVM 虚拟机,它将对外部网络可见,就像它是一台不同的机器一样)。问题是,当我输入 时,brctl addif br0 eth0我会失去与网络的连接,直到我输入brctl delif br0 eth0

更具体地说,在我执行任何操作之前,我的机器是这样的(基本上eth0是在监听 147.102.160.153):

root@laura:/home/anthony# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 8c:73:6e:db:1c:1b brd ff:ff:ff:ff:ff:ff
    inet 147.102.160.153/24 brd 147.102.160.255 scope global eth0
    inet6 2001:648:2000:a0:8e73:6eff:fedb:1c1b/64 scope global dynamic 
       valid_lft 2591848sec preferred_lft 604648sec
    inet6 fe80::8e73:6eff:fedb:1c1b/64 scope link 
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN qlen 1000
    link/ether 4c:ed:de:8e:44:d7 brd ff:ff:ff:ff:ff:ff
4: vboxnet0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
5: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 
    link/ether ee:7c:88:59:d0:e8 brd ff:ff:ff:ff:ff:ff

现在让我添加桥梁:

root@laura:/home/anthony# brctl addbr br0
root@laura:/home/anthony# ip tuntap add dev tap0 mode tap
root@laura:/home/anthony# ip link set tap0 up
root@laura:/home/anthony# brctl addif br0 tap0

到这里一切都继续正常工作。最后,我尝试添加eth0到桥中:

root@laura:/home/anthony# brctl addif br0 eth0

此时,我不再有网络连接。如果我尝试做某事ping,它会提示“目标主机无法访问”。输出ip addr show似乎正常:

root@laura:/home/anthony# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 8c:73:6e:db:1c:1b brd ff:ff:ff:ff:ff:ff
    inet 147.102.160.153/24 brd 147.102.160.255 scope global eth0
    inet6 2001:648:2000:a0:8e73:6eff:fedb:1c1b/64 scope global dynamic 
       valid_lft 2591908sec preferred_lft 604708sec
    inet6 fe80::8e73:6eff:fedb:1c1b/64 scope link 
       valid_lft forever preferred_lft forever
[snip wlan0, vboxnet0 and pan0, which are down and irrelevant]
8: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 16:30:f2:67:ab:75 brd ff:ff:ff:ff:ff:ff
9: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether 16:30:f2:67:ab:75 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::1430:f2ff:fe67:ab75/64 scope link
       valid_lft forever preferred_lft forever

还:

root@laura:/home/anthony# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
147.102.160.0   0.0.0.0         255.255.255.0   U     1      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         147.102.160.200 0.0.0.0         UG    0      0        0 eth0

我不明白我做错了什么。我希望机器继续在 上监听 147.102.160.153 eth0,此外,我还希望有一个tap0桥接到 的接口eth0,该接口可供客户机使用,以便后者在另一个 IP 地址(例如 147.102.160.205)上监听。(如果有其他方法可以实现我想要的,我也很感兴趣。)

答案1

在 Linux 上,可以在将接口添加到网桥之前为接口分配 IP 地址(但不应该),而是将其分配给网桥接口。

  1. 将接口添加到网桥。
  2. 将地址添加到桥接器。
  3. 将桥接器的所有桥接端口都设置为开启。

顺便说一句,route来自 net-tools 包,该包已弃用。请使用ip route(或简写ip r)代替。

相关内容