Podwójny adres IP, inny routing, ale brak połączenia z siecią (CentOS 7)


0

Skonfigurowałem serwer z 2 różnymi serwerami ips z indywidualną bramą domyślną.

grep / etc / * - release

/etc/centos-release:CentOS Linux release 7.5.1804 (Core) 
/etc/os-release:NAME="CentOS Linux"
/etc/os-release:VERSION="7 (Core)"
/etc/os-release:ID="centos"
/etc/os-release:ID_LIKE="rhel fedora"
/etc/os-release:VERSION_ID="7"
/etc/os-release:PRETTY_NAME="CentOS Linux 7 (Core)"
/etc/os-release:ANSI_COLOR="0;31"
/etc/os-release:CPE_NAME="cpe:/o:centos:centos:7"
/etc/os-release:HOME_URL="https://www.centos.org/"
/etc/os-release:BUG_REPORT_URL="https://bugs.centos.org/"
/etc/os-release:CENTOS_MANTISBT_PROJECT="CentOS-7"
/etc/os-release:CENTOS_MANTISBT_PROJECT_VERSION="7"
/etc/os-release:REDHAT_SUPPORT_PRODUCT="centos"
/etc/os-release:REDHAT_SUPPORT_PRODUCT_VERSION="7"
/etc/redhat-release:CentOS Linux release 7.5.1804 (Core) 
/etc/system-release:CentOS Linux release 7.5.1804 (Core)

wyniki ifconfig:

enp1s0f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 100.101.120.101  netmask 255.255.255.0  broadcast 100.101.120.255
    inet6 fe80::a49f:5c4a:622:5243  prefixlen 64  scopeid 0x20<link>
    ether 00:15:17:d3:d9:0c  txqueuelen 1000  (Ethernet)
    RX packets 45944101  bytes 3969596646 (3.6 GiB)
    RX errors 0  dropped 10  overruns 0  frame 0
    TX packets 116685  bytes 18129577 (17.2 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    device memory 0xb1920000-b193ffff  

enp1s0f1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 100.101.119.130  netmask 255.255.255.0  broadcast 100.101.128.255
    inet6 fe80::dc3a:674b:5ac:6fb7  prefixlen 64  scopeid 0x20<link>
    ether 00:15:17:d3:d9:0d  txqueuelen 1000  (Ethernet)
    RX packets 80456987  bytes 47040343747 (43.8 GiB)
    RX errors 0  dropped 9211  overruns 0  frame 0
    TX packets 21546392  bytes 24378621812 (22.7 GiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    device memory 0xb1900000-b191ffff  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
    inet 127.0.0.1  netmask 255.0.0.0
    inet6 ::1  prefixlen 128  scopeid 0x10<host>
    loop  txqueuelen 1000  (Local Loopback)
    RX packets 24762  bytes 4199685 (4.0 MiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 24762  bytes 4199685 (4.0 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
    inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
    ether 52:54:00:0a:e7:fc  txqueuelen 1000  (Ethernet)
    RX packets 0  bytes 0 (0.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 0  bytes 0 (0.0 B)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Ustawiam też pliki konfiguracyjne:

cat / etc / sysconfig / network-scripts / ifcfg-enp1s0f0

HWADDR="00:15:17:D3:D9:0C"
BOOTPROTO="static"
PROXY_METHOD="none"
BROWSER_ONLY="no"
TYPE="Ethernet"
DEFROUTE="no"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp1s0f0"
UUID="713ca094-0793-4a74-a56f-8267da6bb747"
ONBOOT="yes"

IPADDR=100.101.120.101
PREFIX=24
GATEWAY=100.101.120.99
DNS1=100.101.1.2
DNS2=100.101.7.51

cat / etc / sysconfig / network-scripts / ifcfg-enp1s0f1

HWADDR="00:15:17:D3:D9:0D"
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="no"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp1s0f1"
UUID="ad1383ae-539c-4a67-9a6f-061e44991732"
ONBOOT="yes"

IPADDR=100.101.119.130
PREFIX=24
GATEWAY=100.101.119.99
DNS1=100.101.1.2
DNS2=100.101.7.51

cat route-enp1s0f0

100.101.129.0/24 dev enp1s0f0 src 100.101.120.101 table tab_0
default via 100.101.120.99 dev enp1s0f0 table tab_0

cat route-enp1s0f1

100.101.128.0/24 dev enp1s0f1 src 100.101.119.130 table tab_1
default via 100.101.119.99 dev enp1s0f1 table tab_1

cat rule-enp1s0f0

from 100.101.120.101/32 table tab_0
to 100.101.120.101 table tab_0

cat rule-enp1s0f1

from 100.101.119.130/32 table tab_1
to 100.101.119.130 table tab_1

cat / etc / iproute2 / rt_tables

#
# reserved values
#
255 local
254 main
253 default
0   unspec
#
# local
#
#1  inr.ruhep

# dual nic-gateway below
10  tab_1
11  tab_0

trasa -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
100.101.119.0   0.0.0.0         255.255.255.0   U     101    0        0 enp1s0f1
100.101.119.99  0.0.0.0         255.255.255.255 UH    0      0        0 enp1s0f1
100.101.120.0   0.0.0.0         255.255.255.0   U     100    0        0 enp1s0f0
100.101.120.99  0.0.0.0         255.255.255.255 UH    0      0        0 enp1s0f0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

Jeśli jednak spróbuję wykonać polecenie ping, sieć nie działa poprawnie

ping -I 100.101.119.130 8.8.8.8

PING 8.8.8.8 (8.8.8.8) from 100.101.119.130 : 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=118 time=41.5 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=118 time=40.9 ms

ping -I 100.101.120.101 8.8.8.8

PING 8.8.8.8 (8.8.8.8) from 100.101.120.101 : 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=39.1 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=117 time=39.3 ms

ping 8.8.8.8

connect: Network is unreachable

Sprawdziłem tę sytuację, gdy okazało się, że serwer nie może wysłać poczty. Dlaczego tak się dzieje i jak mogę to naprawić?


Przepraszamy, aktualizuję inne informacje o serwerze

adres IP

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
        valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:17:d3:d9:0c brd ff:ff:ff:ff:ff:ff
    inet 100.101.120.101/24 brd 100.101.120.255 scope global noprefixroute enp1s0f0
       valid_lft forever preferred_lft forever
    inet6 fe80::a49f:5c4a:622:5243/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp1s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:17:d3:d9:0d brd ff:ff:ff:ff:ff:ff
    inet 100.101.119.130/24 brd 100.101.119.255 scope global noprefixroute enp1s0f1
       valid_lft forever preferred_lft forever
    inet6 fe80::dc3a:674b:5ac:6fb7/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:0a:e7:fc brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:0a:e7:fc brd ff:ff:ff:ff:ff:ff

reguła ip -4

0:  from all lookup local 
32753:  from 100.101.120.101 lookup tab_0 
32754:  from 100.101.119.130 lookup tab_1 
32755:  from 100.101.120.101 lookup tab_0 
32756:  from 100.101.119.130 lookup tab_1 
32757:  from 100.101.120.101 lookup tab_0 
32758:  from 100.101.119.130 lookup tab_1 
32759:  from all to 100.101.119.130 lookup tab_1 
32760:  from 100.101.119.130 lookup tab_1 
32761:  from all to 100.101.120.101 lookup tab_0 
32762:  from 100.101.120.101 lookup tab_0 
32763:  from 100.101.119.130 lookup tab_1 
32765:  from 100.101.120.101 lookup tab_0 
32766:  from all lookup main 
32767:  from all lookup default

ip -4 route pokaż wszystkie tabele

default via 100.101.119.99 dev enp1s0f1 table tab_1 
default via 100.101.120.99 dev enp1s0f0 table tab_0 
100.101.119.0/24 dev enp1s0f1 proto kernel scope link src 100.101.119.130 vmetric 101 
100.101.119.99 dev enp1s0f1 scope link 
100.101.120.0/24 dev enp1s0f0 proto kernel scope link src 100.101.120.101     metric 100 
100.101.120.99 dev enp1s0f0 scope link 
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1 
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1 
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1 
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1 
broadcast 100.101.119.0 dev enp1s0f1 table local proto kernel scope link src 100.101.119.130 
local 100.101.119.130 dev enp1s0f1 table local proto kernel scope host src 100.101.119.130 
broadcast 100.101.119.255 dev enp1s0f1 table local proto kernel scope link src 100.101.119.130 
broadcast 100.101.120.0 dev enp1s0f0 table local proto kernel scope link src 100.101.120.101 
local 100.101.120.101 dev enp1s0f0 table local proto kernel scope host src 100.101.120.101 
broadcast 100.101.120.255 dev enp1s0f0 table local proto kernel scope link src 100.101.120.101 
broadcast 192.168.122.0 dev virbr0 table local proto kernel scope link src 192.168.122.1 
local 192.168.122.1 dev virbr0 table local proto kernel scope host src 192.168.122.1 
broadcast 192.168.122.255 dev virbr0 table local proto kernel scope link src 192.168.122.1

Jakie są ip addr, ip -4 rulei ip -4 route show table allwyniki? Pracujesz z wieloma tabelami, więc stary route -njest zdecydowanie niewystarczający - wszystko, co pokazuje, jest główne.
grawity

@grawity dziękuję za komentarz, zredagowałem moje pytanie
OpeNEr

Odpowiedzi:


0

Znalazłem rozwiązanie.

Właśnie ustawiłem domyślną bramę w ifcfg-enp1s0f1, DEFROUTE="yes" a następnie ustawiłem inną domyślną bramę tylko dla enp1s0f0.

ip route add 100.101.120.99 scope link dev enp1s0f0
ip rule add from 100.101.120.101 table tab_0
ip route add default via 100.101.120.99 dev enp1s0f0 table tab_0

W ten sposób mogę ustawić moją domyślną bramę enp1s0f1 i wysłać sygnał z enp1s0f0 do innej bramy.

Korzystając z naszej strony potwierdzasz, że przeczytałeś(-aś) i rozumiesz nasze zasady używania plików cookie i zasady ochrony prywatności.
Licensed under cc by-sa 3.0 with attribution required.