Sziasztok!
Van itt valami, amit nagyon nem értek.
Van egy virtuális gépem, a hoston vnet0 a hozzá tartozó interfész. A vm
belülről a 10.5.5.3 ip címet birtokolja.
Van egy br-int nevű interfészem, amelynek a 10.5.5.1 ip címet adományoztam.
A vm-ből pingelem a 10.5.5.1-et, és kapok is válaszokat.
A vnet0 interfészen szépen látszik a request és a reply is (tcpdump-al)
A vnet0 a qbrd6610d3a-33 nevezetű linux bridge-ben van, a qvbd6610d3a-33
nevezetű porttal egyetemben.
A qbrd6610d3a-33 interfészen szintén látszik a teljes forgalom.
A qvbd6610d3a-33 interfészen csak az echo reply látszik a pingből, de
előtte az arp kérés és válasz is, amit a vm indít.
Na ez az egyik amit nem értek. Miért csak az egyik irányt látom?
A másik amit nem értek, az az hogy tulajdonképpen miért van egyáltalán
forgalom :)
A vnet0 ugyanis teljesen másik bridge-ben van mint a br-int.
A kettőt valahogyan a qvbd6610d3a-33 és qvod6610d3a-33 interfészek kötik
össze, de nem értem hogy hogyan.
Nem látszanak tun/tap interfésznek:
# ip tuntap
vnet0: tap vnet_hdr
Nem tudok élő gre tunnelekről, az 'ip tunnel' nem ad vissza semmit.
A teljes képhez hozzátartozik még a tapbba13168-7d, amely a 10.5.5.2 ip
címet kapta a keresztségben.
Ha azt pingelem a vm-ből, látom a requestet meg a replyt is mind a
vnet0, mind a qvbd6610d3a-33, mind a tapbba13168-7d és a qvod6610d3a-33
interfészeken.
A setup:
# brctl show
bridge name bridge id STP enabled interfaces
br-ex 0000.9e5efab29a44 no
br-int 0000.06cbb7af1b4d no qvod6610d3a-33
tapbba13168-7d
br-tun 0000.92750fdef846 no
qbrd6610d3a-33 8000.f2448cb75d1e no qvbd6610d3a-33
vnet0
# brctl showmacs br-int
read of forward table failed: Operation not supported
# brctl showmacs qbrd6610d3a-33
port no mac addr is local? ageing timer
1 6e:d8:4e:32:85:c5 no 0.05
1 f2:44:8c:b7:5d:1e yes 0.00
2 fa:16:3e:d7:2d:92 no 0.05
2 fe:16:3e:d7:2d:92 yes 0.00
# ovs-vsctl show
220ed79f-235f-4be1-bc1a-c8619065cc1d
Bridge br-int
Port br-int
Interface br-int
type: internal
Port "qvo5d7cc3f9-c3"
tag: 1
Interface "qvo5d7cc3f9-c3"
Port "tapbba13168-7d"
tag: 1
Interface "tapbba13168-7d"
type: internal
Port "qvod6610d3a-33"
tag: 1
Interface "qvod6610d3a-33"
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Bridge br-tun
Port br-tun
Interface br-tun
type: internal
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
ovs_version: "1.4.0+build0"
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
qlen 1000
link/ether 00:9c:02:aa:65:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
inet6 fe80::29c:2ff:feaa:6575/64 scope link
valid_lft forever preferred_lft forever
3: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 92:75:0f:de:f8:46 brd ff:ff:ff:ff:ff:ff
4: br-int: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
link/ether 06:cb:b7:af:1b:4d brd ff:ff:ff:ff:ff:ff
inet 10.5.5.1/24 brd 10.5.5.255 scope global br-int
inet6 fe80::4cb:b7ff:feaf:1b4d/64 scope link
valid_lft forever preferred_lft forever
5: br-ex: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 9e:5e:fa:b2:9a:44 brd ff:ff:ff:ff:ff:ff
6: tapbba13168-7d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN
link/ether 6e:d8:4e:32:85:c5 brd ff:ff:ff:ff:ff:ff
inet 10.5.5.2/24 brd 10.5.5.255 scope global tapbba13168-7d
inet6 fe80::6cd8:4eff:fe32:85c5/64 scope link
valid_lft forever preferred_lft forever
8: qbrd6610d3a-33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP
link/ether f2:44:8c:b7:5d:1e brd ff:ff:ff:ff:ff:ff
inet6 fe80::4c63:7cff:fe87:d1ec/64 scope link
valid_lft forever preferred_lft forever
9: qvod6610d3a-33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
qdisc pfifo_fast state UP qlen 1000
link/ether f6:e1:2b:50:22:ee brd ff:ff:ff:ff:ff:ff
inet6 fe80::f4e1:2bff:fe50:22ee/64 scope link
valid_lft forever preferred_lft forever
10: qvbd6610d3a-33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
qdisc pfifo_fast master qbrd6610d3a-33 state UP qlen 1000
link/ether f2:44:8c:b7:5d:1e brd ff:ff:ff:ff:ff:ff
inet6 fe80::f044:8cff:feb7:5d1e/64 scope link
valid_lft forever preferred_lft forever
11: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
master qbrd6610d3a-33 state UNKNOWN qlen 500
link/ether fe:16:3e:d7:2d:92 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc16:3eff:fed7:2d92/64 scope link
valid_lft forever preferred_lft forever
# ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
# ip route show table all
default via 192.168.1.1 dev eth0 metric 100
10.5.5.0/24 dev tapbba13168-7d proto kernel scope link src 10.5.5.2
10.5.5.0/24 dev br-int proto kernel scope link src 10.5.5.1
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.10
broadcast 10.5.5.0 dev tapbba13168-7d table local proto kernel scope
link src 10.5.5.2
broadcast 10.5.5.0 dev br-int table local proto kernel scope link
src 10.5.5.1
local 10.5.5.1 dev br-int table local proto kernel scope host src
10.5.5.1
local 10.5.5.2 dev tapbba13168-7d table local proto kernel scope
host src 10.5.5.2
broadcast 10.5.5.255 dev tapbba13168-7d table local proto kernel
scope link src 10.5.5.2
broadcast 10.5.5.255 dev br-int table local proto kernel scope link
src 10.5.5.1
broadcast 127.0.0.0 dev lo table local proto kernel scope link src
127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src
127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src
127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link
src 127.0.0.1
broadcast 192.168.1.0 dev eth0 table local proto kernel scope link
src 192.168.1.10
local 192.168.1.10 dev eth0 table local proto kernel scope host src
192.168.1.10
broadcast 192.168.1.255 dev eth0 table local proto kernel scope link
src 192.168.1.10
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev qvod6610d3a-33 proto kernel metric 256
fe80::/64 dev qvbd6610d3a-33 proto kernel metric 256
fe80::/64 dev qbrd6610d3a-33 proto kernel metric 256
fe80::/64 dev vnet0 proto kernel metric 256
fe80::/64 dev tapbba13168-7d proto kernel metric 256
fe80::/64 dev br-int proto kernel metric 256
unreachable default dev lo table unspec proto kernel metric -1 error
-101
local ::1 via :: dev lo table local proto none metric 0
local fe80::29c:2ff:feaa:6575 via :: dev lo table local proto none
metric 0
local fe80::4cb:b7ff:feaf:1b4d via :: dev lo table local proto none
metric 0
local fe80::4c63:7cff:fe87:d1ec via :: dev lo table local proto none
metric 0
local fe80::6cd8:4eff:fe32:85c5 via :: dev lo table local proto none
metric 0
local fe80::f044:8cff:feb7:5d1e via :: dev lo table local proto none
metric 0
local fe80::f4e1:2bff:fe50:22ee via :: dev lo table local proto none
metric 0
local fe80::fc16:3eff:fed7:2d92 via :: dev lo table local proto none
metric 0
ff00::/8 dev eth0 table local metric 256
ff00::/8 dev qvod6610d3a-33 table local metric 256
ff00::/8 dev qvbd6610d3a-33 table local metric 256
ff00::/8 dev qbrd6610d3a-33 table local metric 256
ff00::/8 dev vnet0 table local metric 256
ff00::/8 dev tapbba13168-7d table local metric 256
ff00::/8 dev br-int table local metric 256
unreachable default dev lo table unspec proto kernel metric -1 error
-101
# ovs-ofctl show br-int
OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:000006cbb7af1b4d
n_tables:255, n_buffers:256
features: capabilities:0xc7, actions:0xfff
1(tapbba13168-7d): addr:6e:d8:4e:32:85:c5
config: 0
state: 0
2(patch-tun): addr:86:d2:ac:7b:23:3f
config: 0
state: 0
3(qvod6610d3a-33): addr:f6:e1:2b:50:22:ee
config: 0
state: 0
current: 10GB-FD COPPER
LOCAL(br-int): addr:06:cb:b7:af:1b:4d
config: 0
state: 0
OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
# ovs-dpctl show
system@br-tun:
lookups: hit:266 missed:180 lost:0
flows: 0
port 0: br-tun (internal)
port 1: patch-int (patch: peer=patch-tun)
system@br-int:
lookups: hit:6121 missed:999 lost:0
flows: 1
port 0: br-int (internal)
port 1: tapbba13168-7d (internal)
port 2: patch-tun (patch: peer=patch-int)
port 3: qvod6610d3a-33
system@br-ex:
lookups: hit:0 missed:0 lost:0
flows: 0
port 0: br-ex (internal)
_________________________________________________
linux lista - linux@mlf.linux.rulez.org
http://mlf2.linux.rulez.org/mailman/listinfo/linux
