这是一个Xen 桥问题。我有一个 Web 服务器客户。当人们点击网页时,Apache 日志会显示网桥的 IP,而不是点击该页面的人的 IP。网桥应该是透明的(并且在我的旧 Debian 配置中是透明的)
我的设置非常简单,至少我认为是这样。有人知道为什么我的访客网络服务器日志看不到用户 IP 吗?通常原因是什么?
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo xenbr0 xenbr1
iface lo inet loopback
# The primary network interface
iface xenbr0 inet static
bridge_ports p6p1
address 74.xxx.xxx.5
netmask 255.255.255.240
gateway 74.xxx.xxx.14
bridge_stp off
dns-nameservers 68.xxx.xxx.146 68.xxx.xxx.98
iface xenbr1 inet static
bridge_ports eth1
bridge_stp off
address 192.168.1.1
netmask 255.255.255.0
post-up ethtool --offload p6p1 gso off tso off sg off gro off
post-up ethtool --offload eth1 gso off tso off sg off gro off
# This is an autoconfigured IPv6 interface
#iface p6p1 inet6 auto
bridge name bridge id STP enabled interfaces
xenbr0 8000.00a0244d1fbe no p6p1
vif2.0
vif7.0
vif8.0
xenbr1 8000.feffffffffff no vif1.0
vif2.1
vif7.1
vif8.1
vif9.0
答案1
我通过将这些添加到解决了这个问题sysctl
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.xenbr0.arp_filter = 0