Коммутация межту vlan'ами

ne-vlezay80

Опубликовано 6 октября, 2017 (изменено) · Жалоба

Имеется гипервайзер, на котором нужно свести на одну машину трафик от всех машин. Я сделал следующее:
1. Соединил две машины при помоши openvswitch
2. Добавил интерфейсы с 8021q тегом
3. Настроил на одной машине vlan,ы
4. Добавил эти vlan'ы в сетевой мост
Проблема в том, что трафик между машинами ходить отказывается. Вот tcpdump с головной машины:

root@ne-vlezay80:~# tcpdump -i eth11 -ne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth11, link-type EN10MB (Ethernet), capture size 262144 bytes
21:46:51.770891 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 10, p 0, ethertype ARP, Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:46:51.770918 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 11, p 0, ethertype ARP, Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:46:51.771360 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 46: vlan 11, p 0, ethertype ARP, Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
21:46:51.771369 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 46: vlan 10, p 0, ethertype ARP, Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
21:46:52.352545 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 102: vlan 11, p 0, ethertype IPv4, 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 277, length 64
21:46:52.391212 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype 802.1Q (0x8100), length 102: vlan 10, p 0, ethertype IPv4, 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 277, length 64
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel

root@ne-vlezay80:~# tcpdump -i port0 -ne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on port0, link-type EN10MB (Ethernet), capture size 262144 bytes
21:53:03.978918 52:54:8b:c8:88:08 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: 2a01:d0:c353:180:c0ed:5ec3:4fcb:5a44 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a01:d0:c353:180::1, length 32
21:53:03.979302 52:54:00:00:00:20 > 52:54:8b:c8:88:08, ethertype IPv6 (0x86dd), length 86: 2a01:d0:c353:180::1 > 2a01:d0:c353:180:c0ed:5ec3:4fcb:5a44: ICMP6, neighbor advertisement, tgt is 2a01:d0:c353:180::1, length 32
21:53:03.994868 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:53:03.995138 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
21:53:04.091982 52:54:00:00:00:20 > 52:54:8b:c8:88:08, ethertype IPv6 (0x86dd), length 86: fe80::5054:ff:fe00:20 > fe80::5054:8bff:fec8:8808: ICMP6, neighbor solicitation, who has fe80::5054:8bff:fec8:8808, length 32
21:53:04.412561 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 649, length 64
21:53:04.994872 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:53:04.995132 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
^C
8 packets captured
8 packets received by filter
0 packets dropped by kernel

[code]

[code]
root@ne-vlezay80:~# tcpdump -i port1 -ne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on port1, link-type EN10MB (Ethernet), capture size 262144 bytes
21:54:00.145097 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:54:00.145332 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
21:54:00.404150 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 705, length 64
21:54:00.701694 52:54:4c:77:89:88 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 52:54:4c:77:89:88, length 300
21:54:00.703003 00:74:79:05:45:54 > 52:54:4c:77:89:88, ethertype IPv4 (0x0800), length 342: 198.18.25.2.67 > 198.18.25.18.68: BOOTP/DHCP, Reply, length 300
21:54:01.142900 52:54:8b:c8:88:08 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 198.18.25.141 tell 198.18.25.144, length 28
21:54:01.143681 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype ARP (0x0806), length 42: Reply 198.18.25.141 is-at 52:54:4c:77:89:88, length 28
21:54:01.371166 08:00:97:6b:db:74 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.194.0.1 tell 10.194.0.105, length 28
21:54:01.404227 52:54:4c:77:89:88 > 52:54:8b:c8:88:08, ethertype IPv4 (0x0800), length 98: 198.18.25.141 > 198.18.25.144: ICMP echo request, id 58120, seq 706, length 64
^C
9 packets captured
9 packets received by filter
0 packets dropped by kernel

Вот вывод ovs-vsctl:

096f988f-331c-4dd6-8932-74a919d87834
    Bridge "sw0"
        Port "sw0"
            Interface "sw0"
                type: internal
        Port "ovsbr1"
            Interface "ovsbr1"
        Port "mint0"
            tag: 10
            Interface "mint0"
        Port "tinycore0"
            tag: 11
            Interface "tinycore0"
    ovs_version: "2.3.0"

На машине куде сведины vlan'ы brctl:

root@ne-vlezay80:~# brctl show
bridge name    bridge id        STP enabled    interfaces
beth0        8000.5254003c60bc    no        vlan4092
br0        8000.001600000001    no        eth1
                            eth10
                            eth2
                            eth3
                            eth4
                            eth5
                            eth6
                            eth7
                            eth8
                            eth9
                            port0
                            port1
                            veth0
                            vlan10
br1        8000.52540038b90b    yes        vlan12
                            vlan888

23: port0@eth11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000
    bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x800e port_no 0xe designated_port 32782 designated_cost 0 designated_bridge 8000.0:16:0:0:0:1 designated_root 8000.0:16:0:0:0:1 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
24: port1@eth11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000
    bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x800c port_no 0xc designated_port 32780 designated_cost 0 designated_bridge 8000.0:16:0:0:0:1 designated_root 8000.0:16:0:0:0:1 hold_timer    0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

Как соединить два vlan'а в один сетевой мост?

Изменено 6 октября, 2017 пользователем ne-vlezay80
Правка

Войти

ne-vlezay80

Поделиться сообщением

Ссылка на сообщение

Поделиться на других сайтах

h3ll1

Поделиться сообщением

Ссылка на сообщение

Поделиться на других сайтах

Join the conversation