KVM 게스트는 서로 ping할 수 없습니다.

KVM 게스트는 서로 ping할 수 없습니다.

안녕 친구들. 현재 저는 Cockpit과 조종석 가상 머신을 사용하여 Fedora 30 호스트를 실행하고 있습니다. 네트워크 인터페이스 enp35s0, vlan 하위 인터페이스 enp35s0.220 및 enp35s0, bridge200에 생성된 브리지가 있습니다. 모든 손님은 "직접 연결"로 bridge200에 연결되어 있으며 인터넷 접속은 잘 작동합니다. 불행하게도 이들 게스트 중 누구도 서로 ping하거나 액세스할 수 없습니다. DNS를 통해서만 IP를 검색할 수 있지만 서로 핑할 수는 없습니다. 이 상황에서 가장 좋은 접근 방식은 무엇입니까? 모든 게스트는 192.168.200.0/24 서브넷에 있습니다. 여기서 무엇이 잘못되었을 수 있습니까? 미리 감사드립니다!

PING freenas.lan (192.168.200.79) 56(84) bytes of data.
From 192.168.200.60 (192.168.200.60) icmp_seq=1 Destination Host Unreachable
From 192.168.200.60 (192.168.200.60) icmp_seq=2 Destination Host Unreachable
From 192.168.200.60 (192.168.200.60) icmp_seq=3 Destination Host Unreachable

네트워크 요약, 기밀 정보는 생략되었습니다.

bridge200: connected to bridge200
        "bridge200"
        bridge, 02:68:9F:C2:CC:89, sw, mtu 1500
        ip4 default
        inet4 192.168.200.65/24
        route4 0.0.0.0/0
        route4 192.168.200.0/24
        inet6 fdfb:9584:eb33:2:68:9fff:fec2:cc89/64
        inet6 fe80::68:9fff:fec2:cc89/64
        route6 fdfb:9584:eb33:2::/64
        route6 fe80::/64
        route6 ::/0
        route6 ff00::/8

bridge3: connected to bridge3
        "bridge3"
        bridge, 5E:63:93:76:B0:89, sw, mtu 1500
        ip6 default
        inet4 192.168.3.98/24
        route4 0.0.0.0/0
        route4 192.168.3.0/24
        inet6 2001:4dd0:5033:3:2c25:758:1d92:5bd3/64
        inet6 2002:5c32:5c86:3:559:ec8c:9497:978e/64
        inet6 fdfb:9584:eb33:3:fb6a:32ab:5c91:d30a/64
        inet6 fe80::a85f:26b1:11d6:903c/64
        route6 2002:5c32:5c86:3::/64
        route6 fdfb:9584:eb33:3::/64
        route6 2001:4dd0:5033:3::/64
        route6 ::/0
        route6 2001:4dd0:5033:3::fed/128
        route6 2002:b0c7:bc86:83::fed/128
        route6 fdfb:9584:eb33:3::fed/128
        route6 fe80::/64
        route6 ff00::/8

bridge110: connected to bridge110
        "bridge110"
        bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
        inet4 172.20.32.15/24
        route4 172.20.32.0/24
        route4 0.0.0.0/0

virbr0: connected (externally) to virbr0
        "virbr0"
        bridge, 52:54:00:72:A1:8F, sw, mtu 1500
        inet4 192.168.122.1/24
        route4 192.168.122.0/24

enp43s0: connected to Wired connection 3
        "Mellanox MT26448"
        ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
        inet4 192.168.2.1/31
        route4 192.168.2.0/31

enp35s0: connected to Wired connection 1
        "Intel I210"
        ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
        master bridge3

vnet0: connected (externally) to vnet0
        "vnet0"
        tun, FE:54:00:23:76:BE, sw, mtu 1500
        master virbr0

enp35s0.110: connected to enp35s0.110
        "enp35s0.110"
        vlan, D0:50:99:D6:ED:53, sw, mtu 1500
        master bridge110

enp35s0.200: connected to enp35s0.200
        "enp35s0.200"
        vlan, D0:50:99:D6:ED:53, sw, mtu 1500
        master bridge200

enp36s0: unavailable
        "Intel I210"
        ethernet (igb), D0:50:99:D6:ED:54, hw, mtu 1500

lo: unmanaged
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536

macvtap0: unmanaged
        "macvtap0"
        macvlan (macvtap), 52:54:00:F1:D0:30, sw, mtu 1500

macvtap1: unmanaged
        "macvtap1"
        macvlan (macvtap), 52:54:00:C5:8B:10, sw, mtu 1500

macvtap10: unmanaged
        route6 fe80::/64
        route6 ff00::/8

bridge110: connected to bridge110
        "bridge110"
        bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
        inet4 172.20.32.15/24
        route4 172.20.32.0/24
        route4 0.0.0.0/0

virbr0: connected (externally) to virbr0
        "virbr0"
        bridge, 52:54:00:72:A1:8F, sw, mtu 1500
        inet4 192.168.122.1/24
        route4 192.168.122.0/24

enp43s0: connected to Wired connection 3
        "Mellanox MT26448"
        ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
        inet4 192.168.2.1/31
        route4 192.168.2.0/31

enp35s0: connected to Wired connection 1
        "Intel I210"
        ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
        master bridge3

vnet0: connected (externally) to vnet0
        "vnet0"
        tun, FE:54:00:23:76:BE, sw, mtu 1500
        master virbr0

enp35s0.110: connected to enp35s0.110
        "enp35s0.110"
        vlan, D0:50:99:D6:ED:53, sw, mtu 1500
        master bridge110

enp35s0.200: connected to enp35s0.200
        "enp35s0.200"
        vlan, D0:50:99:D6:ED:53, sw, mtu 1500
        master bridge200

enp36s0: unavailable
        "Intel I210"
        ethernet (igb), D0:50:99:D6:ED:54, hw, mtu 1500

lo: unmanaged
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536

macvtap0: unmanaged
        "macvtap0"
        macvlan (macvtap), 52:54:00:F1:D0:30, sw, mtu 1500

macvtap1: unmanaged
        "macvtap1"
        macvlan (macvtap), 52:54:00:C5:8B:10, sw, mtu 1500

macvtap10: unmanaged
bridge200: connected to bridge200
        "bridge200"
        bridge, 02:68:9F:C2:CC:89, sw, mtu 1500
        ip4 default
        inet4 192.168.200.65/24
        route4 0.0.0.0/0
        route4 192.168.200.0/24
        inet6 fdfb:9584:eb33:2:68:9fff:fec2:cc89/64
        inet6 fe80::68:9fff:fec2:cc89/64
        route6 fdfb:9584:eb33:2::/64
        route6 fe80::/64
        route6 ::/0
        route6 ff00::/8

bridge3: connected to bridge3
        "bridge3"
        bridge, 5E:63:93:76:B0:89, sw, mtu 1500
        ip6 default
        inet4 192.168.3.98/24
        route4 0.0.0.0/0
        route4 192.168.3.0/24
        inet6 2001:4dd0:5033:3:2c25:758:1d92:5bd3/64
        inet6 2002:5c32:5c86:3:559:ec8c:9497:978e/64
        inet6 fdfb:9584:eb33:3:fb6a:32ab:5c91:d30a/64
        inet6 fe80::a85f:26b1:11d6:903c/64
        route6 2002:5c32:5c86:3::/64
        route6 fdfb:9584:eb33:3::/64
        route6 2001:4dd0:5033:3::/64
        route6 ::/0
        route6 2001:4dd0:5033:3::fed/128
        route6 2002:b0c7:bc86:83::fed/128
        route6 fdfb:9584:eb33:3::fed/128
        route6 fe80::/64
        route6 ff00::/8

bridge110: connected to bridge110
        "bridge110"
        bridge, B6:79:0D:6A:21:E0, sw, mtu 1500
        inet4 172.20.32.15/24
        route4 172.20.32.0/24
        route4 0.0.0.0/0

virbr0: connected (externally) to virbr0
        "virbr0"
        bridge, 52:54:00:72:A1:8F, sw, mtu 1500
        inet4 192.168.122.1/24
        route4 192.168.122.0/24

enp43s0: connected to Wired connection 3
        "Mellanox MT26448"
        ethernet (mlx4_core), 00:02:C9:56:D6:DC, hw, port 0002c9030056d6dc, mtu 1500
        inet4 192.168.2.1/31
        route4 192.168.2.0/31

enp35s0: connected to Wired connection 1
        "Intel I210"
        ethernet (igb), D0:50:99:D6:ED:53, hw, mtu 1500
        master bridge3

~에서virsh dumpxml

 <interface type='direct'>
      <mac address='52:54:00:04:c4:e3'/>
      <source dev='bridge200' mode='vepa'/>
      <target dev='macvtap5'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
    </interface>

nmcli device status

DEVICE       TYPE      STATE                   CONNECTION         
bridge200    bridge    connected               bridge200          
bridge3      bridge    connected               bridge3            
bridge110    bridge    connected               bridge110          
virbr0       bridge    connected (externally)  virbr0             
enp43s0      ethernet  connected               Wired connection 3 
enp35s0      ethernet  connected               Wired connection 1 
vnet0        tun       connected (externally)  vnet0              
enp35s0.110  vlan      connected               enp35s0.110        
enp35s0.200  vlan      connected               enp35s0.200        
enp36s0      ethernet  unavailable             --                 
lo           loopback  unmanaged               --                 
macvtap0     macvlan   unmanaged               --                 
macvtap1     macvlan   unmanaged               --                 
macvtap10    macvlan   unmanaged               --                 
macvtap11    macvlan   unmanaged               --                 
macvtap2     macvlan   unmanaged               --                 
macvtap3     macvlan   unmanaged               --                 
macvtap4     macvlan   unmanaged               --                 
macvtap5     macvlan   unmanaged               --                 
macvtap6     macvlan   unmanaged               --                 
macvtap7     macvlan   unmanaged               --                 
macvtap8     macvlan   unmanaged               --                 
macvtap9     macvlan   unmanaged               --                 
virbr0-nic   tun       unmanaged               --     

답변1

나는 몇 가지 다른 소스를 확인하여 이것을 알아낼 수 있었습니다. 첫 번째 단계는 다음을 기반으로 합니다.https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt.html다음 규칙을 추가해야했습니다

/etc/sysctl.conf


net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

여기에 참조된 솔루션에 따르면,로컬 네트워크(브리지) Fedora 31 서버에 대한 가상 머신 통과bridge200 인터페이스를 연결하려면 "directattachment" 대신 "lanbridge"를 선택해야 합니다. 이것이 나를 구하고 내 문제를 해결한 것입니다! 그래도 정말 고마워요!

관련 정보