IP 转发但收到 ARP 请求

IP 转发但收到 ARP 请求

我遇到了 IP 转发问题。基本上我有两个接口:

eth0 - 192.168.9.2 - 到内部网络的路由(192.168.20.0)

eth1 - 192.168.8.100 - 互联网路由

pi@raspberrypi:~ $ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.9.2  netmask 255.255.255.252  broadcast 192.168.9.3
        inet6 fe80::4864:3a07:de69:4cfe  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:9c:07:bd  txqueuelen 1000  (Ethernet)
        RX packets 14725  bytes 933855 (911.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 15977  bytes 8186253 (7.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.8.100  netmask 255.255.255.0  broadcast 192.168.8.255
        inet6 fe80::e5b:8fff:fe27:9a64  prefixlen 64  scopeid 0x20<link>
        ether 0c:5b:8f:27:9a:64  txqueuelen 1000  (Ethernet)
        RX packets 121  bytes 16517 (16.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 829  bytes 69496 (67.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


pi@raspberrypi:~ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.8.1     0.0.0.0         UG    204    0        0 eth1
192.168.8.0     0.0.0.0         255.255.255.0   U     204    0        0 eth1
192.168.9.0     0.0.0.0         255.255.255.252 U     202    0        0 eth0
192.168.20.0    192.168.9.1     255.255.255.0   UG    20     0        0 eth0
pi@raspberrypi:~ $ 

已启用 IP 转发

pi@raspberrypi:~ $ cat /proc/sys/net/ipv4/ip_forward
1

当我尝试从 eth1 ping 出时,没有得到任何响应。TCP 转储也没有显示任何数据包。

pi@raspberrypi:~ $ sudo ping -I 192.168.9.2 4.2.2.2
PING 4.2.2.2 (4.2.2.2) from 192.168.9.2 : 56(84) bytes of data.
^C
--- 4.2.2.2 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 340ms

从 eth0 执行 ping 操作没有问题。如果我从面向 eth0 的接口上的本地网络执行 ping 操作,则不会收到任何响应。

admin@er4:~$ sudo ping -I eth1 4.2.2.2
PING 4.2.2.2 (4.2.2.2) from 192.168.9.1 eth1: 56(84) bytes of data.
^C
--- 4.2.2.2 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6209ms

但它正在尝试获取该目的地的 ARP 条目。

pi@raspberrypi:~ $ sudo tcpdump host 4.2.2.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:16:14.894969 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:15.904174 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:16.944161 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:17.994377 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:19.024197 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:20.064207 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:21.104393 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:22.144260 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
19:16:23.184334 ARP, Request who-has b.resolvers.Level3.net tell 192.168.9.1, length 46
^C
9 packets captured
11 packets received by filter
0 packets dropped by kernel

我谷歌了一下,觉得必须添加 IP 策略规则,但似乎无法让它发挥作用。我试过了

sudo ip rule add oif eth0 lookup default

但这没什么区别。我不知道接下来该去哪里。

相关内容