使用 19.10 (eoan)。以下是该设置的鸟瞰图:
- netplan 设置为将
wlan0,eth0,eth1置于桥接中,br0 - netplan 使用 DNS 服务器(以及 IP4 地址、网关 4 等)静态设置 br0
- systemd-resolved(以下简称“SR”)处于默认配置(我认为),使主机使用 SR 的存根解析器,绕过 dnsmasq
- dnsmasq 为本地网络提供 DHCP、DNS
br0 - 硬件是 raspberry pi 3B+ - wlan0 和 eth0 是内置的,eth1 是 Apple USB 以太网适配器,由
asix驱动程序支持 - 除此之外,netplan 还设置了 6in4 隧道(隧道和桥接接口上均分配静态 IP6;启用 v6 转发并设置默认路由)
我今天刚刚添加了 USB NIC 进行测试。没有它,一切都正常。当我连接 eth1 时,SR 的DNS范围从链接中丢失br0,因此系统没有链接来解析 DNS,因此通过主机名的连接中断。
resolvectl status前:
...
Link 4 (br0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 208.67.222.222
DNS Servers: 208.67.222.222
208.67.220.220
8.8.8.8
8.8.4.4
2001:4860:4860::8888
2001:4860:4860::8844
DNS Domain: lan
...
后:
...
Link 5 (br0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 208.67.222.222
208.67.220.220
8.8.8.8
8.8.4.4
2001:4860:4860::8888
2001:4860:4860::8844
DNS Domain: lan
Link 3 (eth1)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (eth0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
...
尽管 SR 如此声称,但路由表确实不是插入 USB NIC 后发生变化(从输出中删除 GUA 前缀):
ubuntu@rpi3:~$ ip -4 route
default via 192.168.2.1 dev br0 proto static
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.4
ubuntu@rpi3:~$ ip -6 route
::1 dev lo proto kernel metric 256 pref medium
<external prefix> dev he-ipv6 proto kernel metric 256 pref medium
<internal prefix> dev br0 proto kernel metric 256 pref medium
fe80::/64 dev he-ipv6 proto kernel metric 256 pref medium
fe80::/64 dev br0 proto kernel metric 256 pref medium
default dev he-ipv6 proto static metric 1024 pref medium
Netplan 配置- 2个部分:
network:
ethernets:
eth0:
dhcp4: no
optional: true
wlan0:
dhcp4: no
optional: true
eth1:
dhcp4: no
optional: true
bridges:
br0:
dhcp4: no
dhcp6: no
accept-ra: no
addresses:
- 192.168.2.4/24
gateway4: 192.168.2.1
interfaces:
- eth0
- eth1
# - wlan0
optional: true
nameservers:
search: [lan]
addresses: [208.67.222.222, 208.67.220.220, 8.8.8.8, 8.8.4.4]
network:
version: 2
bridges:
br0:
addresses:
- "<internal IP6>/64"
nameservers:
addresses: ["2001:4860:4860::8888", "2001:4860:4860::8844"]
tunnels:
he-ipv6:
mode: sit
remote: 216.66.86.122
local: 192.168.2.4
addresses:
- "<external IP6/64"
routes:
- to: "::/0"
on-link: false
scope: link
networkctl status也没有显示出任何区别:
● State: routable
Address: 192.168.2.4 on br0
<internal IP6> on br0
<external IP6> on he-ipv6
fe80::<EUI-64> on br0
fe80::c0a8:204 on he-ipv6
Gateway: 192.168.2.1 (HUAWEI TECHNOLOGIES CO.,LTD) on br0
DNS: 208.67.222.222
208.67.220.220
8.8.8.8
8.8.4.4
2001:4860:4860::8888
2001:4860:4860::8844
Search Domains: lan
没有 IPv6 网关可能会引起怀疑,因为路由引用的是链接(6in4 隧道)而不是下一跳:
ip -6 route:
::1 dev lo proto kernel metric 256 pref medium
<external prefix>/64 dev he-ipv6 proto kernel metric 256 pref medium
<internal prefix>/64 dev br0 proto kernel metric 256 pref medium
fe80::/64 dev he-ipv6 proto kernel metric 256 pref medium
fe80::/64 dev br0 proto kernel metric 256 pref medium
default dev he-ipv6 proto static metric 1024 pref medium
networkctl前:
IDX LINK TYPE OPERATIONAL SETUP
1 lo loopback carrier unmanaged
2 eth0 ether enslaved configured
3 wlan0 wlan carrier failed
4 br0 bridge routable configured
5 sit0 sit off unmanaged
6 he-ipv6 sit routable configured
... 之后:
IDX LINK TYPE OPERATIONAL SETUP
1 lo loopback carrier unmanaged
2 eth0 ether no-carrier configured
3 wlan0 wlan no-carrier configuring
4 br0 bridge degraded-carrier configured
5 sit0 sit off unmanaged
6 he-ipv6 sit routable configured
7 eth1 ether enslaved configured