jju*_*per 3 networking linux debian arp 802.1
我有通过 5 个不同 vlan 上的中继端口连接的 debian 主机。但是该主机响应所有不同 IP 的 arp“who-has”请求。我想明白为什么...
这里是网络/接口文件(eth0.1 句柄 172.16.1.145/16)
auto lo
iface lo inet loopback
allow-hotplug eth0
iface eth0 inet manual
auto eth0.1
iface eth0.1 inet dhcp
auto eth0.10
iface eth0.10 inet static
address 192.168.10.254
netmask 255.255.255.0
auto eth0.6
iface eth0.6 inet static
address 192.168.6.254
netmask 255.255.255.0
auto eth0.7
iface eth0.7 inet static
address 192.168.7.254
netmask 255.255.255.0
auto eth0.2
iface eth0.2 inet static
address 0.0.0.0
netmask 0.0.0.0
这是ldc(172.16.1.50/16)对vlan1广播域的不同arp who-has请求的输出
ldc:~# arping 172.16.1.145
ARPING 172.16.1.145
60 bytes from ab:cd:ef:01:23:45 (172.16.1.145): index=0 time=193.119 usec
^C
--- 172.16.1.145 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
ldc:~# arping 192.168.10.254
ARPING 192.168.10.254
60 bytes from ab:cd:ef:01:23:45 (192.168.10.254): index=0 time=221.014 usec
^C
--- 192.168.10.254 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
ldc:~# arping 192.168.6.254
ARPING 192.168.6.254
60 bytes from ab:cd:ef:01:23:45 (192.168.6.254): index=0 time=256.062 usec
^C
--- 192.168.6.254 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
ldc:~# arping 192.168.7.254
ARPING 192.168.7.254
60 bytes from ab:cd:ef:01:23:45 (192.168.7.254): index=0 time=211.954 usec
^C
--- 192.168.7.254 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
确定 l3 没有被转发,但我还是想解决这个问题......有人可以帮我吗?
默认情况下,Linux 安装将实现称为“弱端主机”模型的东西,在任何接口上接受到其所有地址的数据包。如果只是 ARP 困扰您,您应该使用
net.ipv4.conf.<interface>.arp_filter
可调。对于其他类型的 IP 流量,考虑为入口过滤和/或启用设置适当的 netfilter 规则net.ipv4.conf.<interface>.rp_filter(不知道 Debian 是否默认不这样做)
进一步阅读:http : //linux-ip.net/html/ether-arp.html#ether-arp-flux-arpfilter
| 归档时间: |
|
| 查看次数: |
3556 次 |
| 最近记录: |