我正在学习Linux Bridge的基础知识,并且做了一个实验。
我的网络信息是这样的:
:)[00:32][root@openstack]~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:df:9e:b2 brd ff:ff:ff:ff:ff:ff
inet 10.140.28.35/24 brd 10.140.28.255 scope global dynamic enp0s8
valid_lft 80937sec preferred_lft 80937sec
inet6 2001:420:588c:1305:3c74:1500:63cd:fb4b/128 scope global dynamic
valid_lft 1203623sec preferred_lft 598823sec
inet6 fe80::a00:27ff:fedf:9eb2/64 scope link
valid_lft forever preferred_lft forever
我可以从外部 ping 通 10.140.28.35。然后我创建了一座桥:
:)[00:33][root@openstack]~ # brctl addbr br0; ip l set dev br0 up
:)[00:34][root@openstack]~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:df:9e:b2 brd ff:ff:ff:ff:ff:ff
inet 10.140.28.35/24 brd 10.140.28.255 scope global dynamic enp0s8
valid_lft 80854sec preferred_lft 80854sec
inet6 2001:420:588c:1305:3c74:1500:63cd:fb4b/128 scope global dynamic
valid_lft 1203540sec preferred_lft 598740sec
inet6 fe80::a00:27ff:fedf:9eb2/64 scope link
valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether b2:25:c0:ee:ad:d0 brd ff:ff:ff:ff:ff:ff
然后我将接口 enp0s8 添加到桥中:
:)[00:34][root@openstack]~ # brctl addif br0 enp0s8
:)[00:39][root@openstack]~ # brctl show
bridge name bridge id STP enabled interfaces
br0 8000.080027df9eb2 no enp0s8
此时,我无法再从外部 ping 通 10.140.28.35。
我不明白为什么会发生这种情况。当我为网桥设置相同的IP地址后,它又变得可以访问了。
ip a add 10.140.28.35/24 dev br0
我注意到 br0 的 MAC 与 enp0s8 相同:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc pfifo_fast master br0 state UP qlen 1000
link/ether 08:00:27:df:9e:b2 brd ff:ff:ff:ff:ff:ff
inet 10.140.28.35/24 brd 10.140.28.255 scope global dynamic enp0s8
valid_lft 80515sec preferred_lft 80515sec
inet6 2001:420:588c:1305:3c74:1500:63cd:fb4b/128 scope global dynamic
valid_lft 1203201sec preferred_lft 598401sec
inet6 fe80::a00:27ff:fedf:9eb2/64 scope link
valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UP
link/ether 08:00:27:df:9e:b2 brd ff:ff:ff:ff:ff:ff
inet 10.140.28.35/24 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fedf:9eb2/64 scope link
valid_lft forever preferred_lft forever
为什么一开始无法访问,为什么我必须将相同的IP地址设置为br0?
答案1
桥是第 2 层抽象,您不能在连接到它的接口上进行第 3 层寻址,实际上 enp0s8 和 br0 是相同的东西。尝试去掉enp0s8上的IP,并为br0设置一个IP。