Re: Сетевуха работает только в promisc режиме
22.05.2012 12:58, Eugene Berdnikov пишет:
> Итак, можно предположить, что есть некий клинический случай асимметричного
> роутинга, когда пакеты почему-то идут не через eth, а иным путём...
> Какие ещё сетевые интерфейсы есть на машине? Выключите все виртуалки,
> приведите машину к проблемному состоянию и покажите результат работы
> такого скрипта:
>
> ip addr list
> ip route list
> ip link set dev eth0 promisc off
> ip route flush cache
> ip route get 192.168.1.1
> tcpdump -nlUevvp -i any arp or icmp &
> ping -n -c2 192.168.1.1
> killall tcpdump
> ip link set dev eth0 promisc on
> ip route flush cache
> ip route get 192.168.1.1
> tcpdump -nlUevvp -i any arp or icmp &
> ping -n -c2 192.168.1.1
> killall tcpdump
> ip link set dev eth0 promisc off
Логи приложил. Первый (log0), когда сеть не поднялась после hibernation.
Второй (log1), я перезагрузился (nm был включен, networking выключен),
сеть не работала. Установил адаптер в promisc и запустил networking.
Без этого:
"~# sh ss.sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether aa:00:04:00:0a:04 brd ff:ff:ff:ff:ff:ff
inet6 fe80::a800:4ff:fe00:a04/64 scope link
valid_lft forever preferred_lft forever
RTNETLINK answers: Network is unreachable
connect: Network is unreachable
RTNETLINK answers: Network is unreachable
connect: Network is unreachable"
Затем, убрал promisc. Пинга не было.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether aa:00:04:00:0a:04 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.3/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.4/24 brd 192.168.1.255 scope global secondary eth0
inet6 fe80::a800:4ff:fe00:a04/64 scope link
valid_lft forever preferred_lft forever
3: vmnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:50:56:c0:00:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.62.1/24 brd 192.168.62.255 scope global vmnet0
inet6 fe80::250:56ff:fec0:0/64 scope link
valid_lft forever preferred_lft forever
default via 192.168.1.1 dev eth0 proto static
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.3
192.168.62.0/24 dev vmnet0 proto kernel scope link src 192.168.62.1
192.168.1.1 dev eth0 src 192.168.1.3
cache ipid 0xaa1c rtt 17ms rttvar 20ms cwnd 10
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
19:29:50.631596 Out aa:00:04:00:0a:04 ethertype ARP (0x0806), length 44: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.1.3, length 28
19:29:51.634945 Out aa:00:04:00:0a:04 ethertype ARP (0x0806), length 44: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.1.3, length 28
>From 192.168.1.3 icmp_seq=1 Destination Host Unreachable
>From 192.168.1.3 icmp_seq=2 Destination Host Unreachable
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1007ms
pipe 2
19:29:52.638311 In 00:00:00:00:00:00 ethertype IPv4 (0x0800), length 128: (tos 0xc0, ttl 64, id 21585, offset 0, flags [none], proto ICMP (1), length 112)
192.168.1.3 > 192.168.1.3: ICMP host 192.168.1.1 unreachable, length 92
(tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.3 > 192.168.1.1: ICMP echo request, id 15456, seq 1, length 64
19:29:52.638320 In 00:00:00:00:00:00 ethertype IPv4 (0x0800), length 128: (tos 0xc0, ttl 64, id 21586, offset 0, flags [none], proto ICMP (1), length 112)
192.168.1.3 > 192.168.1.3: ICMP host 192.168.1.1 unreachable, length 92
(tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.3 > 192.168.1.1: ICMP echo request, id 15456, seq 2, length 64
4 packets captured
6 packets received by filter
0 packets dropped by kernel
192.168.1.1 dev eth0 src 192.168.1.3
cache ipid 0xaa1c rtt 17ms rttvar 20ms cwnd 10
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=1.41 ms
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
19:29:53.656411 Out aa:00:04:00:0a:04 ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.3 > 192.168.1.1: ICMP echo request, id 15462, seq 2, length 64
64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=0.919 ms
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.919/1.164/1.410/0.247 ms
19:29:53.657310 In 00:22:b0:be:bf:e3 ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 23648, offset 0, flags [none], proto ICMP (1), length 84)
192.168.1.1 > 192.168.1.3: ICMP echo reply, id 15462, seq 2, length 64
2 packets captured
3 packets received by filter
0 packets dropped by kernel
root@dana:~# sh ss.sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether aa:00:04:00:0a:04 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.3/24 brd 192.168.1.255 scope global eth0
inet6 fe80::a800:4ff:fe00:a04/64 scope link
valid_lft forever preferred_lft forever
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.3
192.168.1.1 dev eth0 src 192.168.1.3
cache
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
19:42:08.009824 Out aa:00:04:00:0a:04 ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.3 > 192.168.1.1: ICMP echo request, id 4855, seq 2, length 64
19:42:12.023038 Out aa:00:04:00:0a:04 ethertype ARP (0x0806), length 44: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.1.3, length 28
19:42:13.026376 Out aa:00:04:00:0a:04 ethertype ARP (0x0806), length 44: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.1.3, length 28
19:42:14.029702 Out aa:00:04:00:0a:04 ethertype ARP (0x0806), length 44: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.1 tell 192.168.1.3, length 28
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms
4 packets captured
4 packets received by filter
0 packets dropped by kernel
192.168.1.1 dev eth0 src 192.168.1.3
cache
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=1.28 ms
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
19:42:19.017921 Out aa:00:04:00:0a:04 ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.3 > 192.168.1.1: ICMP echo request, id 4861, seq 2, length 64
64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=0.913 ms
19:42:19.018810 In 00:22:b0:be:bf:e3 ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 23663, offset 0, flags [none], proto ICMP (1), length 84)
--- 192.168.1.1 ping statistics ---
192.168.1.1 > 192.168.1.3: ICMP echo reply, id 4861, seq 2, length 64
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.913/1.098/1.283/0.185 ms
2 packets captured
2 packets received by filter
0 packets dropped by kernel
Reply to: