ne-vlezay80 Опубликовано 6 октября, 2017 (изменено) · Жалоба Имеется гипервайзер, на котором нужно свести на одну машину трафик от всех машин. Я сделал следующее: 1. Соединил две машины при помоши openvswitch 2. Добавил интерфейсы с 8021q тегом 3. Настроил на одной машине vlan,ы 4. Добавил эти vlan'ы в сетевой мост Проблема в том, что трафик между машинами ходить отказывается. Вот tcpdump с головной машины: root@ne-vlezay80:~# tcpdump -i eth11 -ne tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth11, link-type EN10MB (Ethernet), capture size 262144 bytes 21:46:51.770891 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 10, p 0, ethertype ARP, Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:46:51.770918 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 11, p 0, ethertype ARP, Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:46:51.771360 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 46: vlan 11, p 0, ethertype ARP, Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 21:46:51.771369 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 46: vlan 10, p 0, ethertype ARP, Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 21:46:52.352545 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 102: vlan 11, p 0, ethertype IPv4, 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 277, length 64 21:46:52.391212 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 102: vlan 10, p 0, ethertype IPv4, 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 277, length 64 ^C 6 packets captured 6 packets received by filter 0 packets dropped by kernel root@ne-vlezay80:~# tcpdump -i port0 -ne tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on port0, link-type EN10MB (Ethernet), capture size 262144 bytes 21:53:03.978918 52:54:8b:c8:88:08 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: 2a01:d0:c353:180:c0ed:5ec3:4fcb:5a44 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a01:d0:c353:180::1, length 32 21:53:03.979302 52:54:00:00:00:20 > 52:54:8b:c8:88:08, ethertype IPv6 (0x86dd), length 86: 2a01:d0:c353:180::1 > 2a01:d0:c353:180:c0ed:5ec3:4fcb:5a44: ICMP6, neighbor advertisement, tgt is 2a01:d0:c353:180::1, length 32 21:53:03.994868 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:53:03.995138 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 21:53:04.091982 52:54:00:00:00:20 > 52:54:8b:c8:88:08, ethertype IPv6 (0x86dd), length 86: fe80::5054:ff:fe00:20 > fe80::5054:8bff:fec8:8808: ICMP6, neighbor solicitation, who has fe80::5054:8bff:fec8:8808, length 32 21:53:04.412561 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 649, length 64 21:53:04.994872 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:53:04.995132 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 ^C 8 packets captured 8 packets received by filter 0 packets dropped by kernel [code] [code] root@ne-vlezay80:~# tcpdump -i port1 -ne tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on port1, link-type EN10MB (Ethernet), capture size 262144 bytes 21:54:00.145097 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:54:00.145332 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 21:54:00.404150 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 705, length 64 21:54:00.701694 52:54:4c:77:89:88 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 52:54:4c:77:89:88, length 300 21:54:00.703003 00:74:79:05:45:54 > 52:54:4c:77:89:88, ethertype IPv4 (0x0800), length 342: 198.18.25.2.67 > 198.18.25.18.68: BOOTP/DHCP, Reply, length 300 21:54:01.142900 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28 21:54:01.143681 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28 21:54:01.371166 08:00:97:6b:db:74 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.194.0.1 tell 10.194.0.105, length 28 21:54:01.404227 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 706, length 64 ^C 9 packets captured 9 packets received by filter 0 packets dropped by kernel Вот вывод ovs-vsctl: 096f988f-331c-4dd6-8932-74a919d87834 Bridge "sw0" Port "sw0" Interface "sw0" type: internal Port "ovsbr1" Interface "ovsbr1" Port "mint0" tag: 10 Interface "mint0" Port "tinycore0" tag: 11 Interface "tinycore0" ovs_version: "2.3.0" На машине куде сведины vlan'ы brctl: root@ne-vlezay80:~# brctl show bridge name bridge id STP enabled interfaces beth0 8000.5254003c60bc no vlan4092 br0 8000.001600000001 no eth1 eth10 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 port0 port1 veth0 vlan10 br1 8000.52540038b90b yes vlan12 vlan888 23: port0@eth11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000 bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x800e port_no 0xe designated_port 32782 designated_cost 0 designated_bridge 8000.0:16:0:0:0:1 designated_root 8000.0:16:0:0:0:1 hold_timer 0.00 message_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 24: port1@eth11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000 bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x800c port_no 0xc designated_port 32780 designated_cost 0 designated_bridge 8000.0:16:0:0:0:1 designated_root 8000.0:16:0:0:0:1 hold_timer 0.00 message_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 Как соединить два vlan'а в один сетевой мост? Изменено 6 октября, 2017 пользователем ne-vlezay80 Правка Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
h3ll1 Опубликовано 7 октября, 2017 · Жалоба brctl delbr br1 | brctl addif br0 vlan888 Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...