Linux가 VxLAN의 ICMP 요청에 응답하지 않는 이유는 무엇입니까?

tag-icon tag-icon networking network-interface networkmanager ethernet internet
Linux가 VxLAN의 ICMP 요청에 응답하지 않는 이유는 무엇입니까?

두 컴퓨터 모두에 대해 다음 명령을 실행했습니다. 호스트 B에서 ping 명령을 실행하고 호스트 A에서 tcpdump 명령을 사용하면 ICMP 요청을 성공적으로 캡처합니다. 호스트가 요청에 응답하지 않는 이유 어떻게 해결할 수 있나요? 나는이 문제로 하루 동안 어려움을 겪었습니다. 도와주셔서 감사합니다!

호스트 B -> 호스트 A

[hostB]# ping 10.244.1.0
PING 10.244.1.0 (10.244.1.0) 56(84) bytes of data.

[hostA]# tcpdump -nvei vxlan
tcpdump: listening on vxlan, link-type EN10MB (Ethernet), capture size 262144 bytes
00:18:52.610590 c2:86:3c:fc:ed:9e > 16:89:e7:3a:2e:f7, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 13199, offset 0, flags [DF], proto ICMP (1), length 84)
    10.244.2.0 > 10.244.1.0: ICMP echo request, id 5181, seq 11, length 64

호스트 A->호스트 B

[hostA]# ping 10.244.2.0

[HostB]# tcpdump -nevi vxlan
tcpdump: listening on vxlan, link-type EN10MB (Ethernet), capture size 262144 bytes
00:32:21.828135 16:89:e7:3a:2e:f7 > c2:86:3c:fc:ed:9e, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 57470, offset 0, flags [DF], proto ICMP (1), length 84)
    10.244.1.0 > 10.244.2.0: ICMP echo request, id 5300, seq 1, length 64

subnet=$1
ip netns add n1
ip netns add n2
# Init bridge
ip link add br0 type bridge
ip addr add 10.244.$subnet.1/24 dev br0
ip link set br0 up
# Init netns v1
ip link add v1 type veth peer name b1
ip link set v1 netns n1
ip netns exec n1 ip addr add 10.244.$subnet.2/24 dev v1
ip netns exec n1 ip link set lo up
ip netns exec n1 ip link set v1 up
ip link set b1 up
# Init netns v2
ip link add v2 type veth peer name b2
ip link set v2 netns n2
ip netns exec n2 ip addr add 10.244.$subnet.3/24 dev v2
ip netns exec n2 ip link set lo up
ip netns exec n2 ip link set v2 up
ip link set b2 up
# Binding Bridge
ip link set b1 master br0
ip link set b2 master br0
# Add vxlan 
ip link add vxlan type vxlan id 1 dstport 4789 dev eth0 nolearning proxy
ip addr add 10.244.$subnet.0/32 dev vxlan
ip link set vxlan up
ip link set vxlan master br0

# Add the following(route, arp, fdb) for each of the two machines
# ip route add 10.244.2.0/24 via 10.244.2.0 dev vxlan onlink
# ip neigh add 10.244.2.0 lladdr c2:86:3c:fc:ed:9e dev vxlan
# bridge fdb append c2:86:3c:fc:ed:9e dev vxlan dst 11x.40.167.227

# ip route add 10.244.1.0/24 via 10.244.1.0 dev vxlan onlink
# ip neigh add 10.244.1.0 lladdr 16:89:e7:3a:2e:f7 dev vxlan
# bridge fdb append 16:89:e7:3a:2e:f7 dev vxlan dst 15x.75.71.186

[HostA]# sudo iptables -L -nv
Chain INPUT (policy ACCEPT 52 packets, 3764 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 43 packets, 6446 bytes)
 pkts bytes target     prot opt in     out     source               destination

[HostB]# sudo iptables -L -nv
Chain INPUT (policy ACCEPT 119 packets, 8184 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 34 packets, 45258 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 113 packets, 15056 bytes)
 pkts bytes target     prot opt in     out     source               destination

[HostB]# ip -br link; ip -br address; ip route
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
eth0             UP             52:54:00:5c:9f:0d <BROADCAST,MULTICAST,UP,LOWER_UP> 
br0              UP             16:87:ae:7a:4e:ca <BROADCAST,MULTICAST,UP,LOWER_UP> 
b1@if17          UP             22:6d:f3:fd:60:2c <BROADCAST,MULTICAST,UP,LOWER_UP> 
b2@if19          UP             8e:10:94:39:98:b1 <BROADCAST,MULTICAST,UP,LOWER_UP> 
vxlan            UNKNOWN        16:87:ae:7a:4e:ca <BROADCAST,MULTICAST,UP,LOWER_UP> 
lo               UNKNOWN        127.0.0.1/8 ::1/128 
eth0             UP             10.0.4.11/22 fe80::5054:ff:fe5c:9f0d/64 
br0              UP             10.244.2.2/24 fe80::1452:1dff:fe60:d59d/64 
b1@if17          UP             fe80::206d:f3ff:fefd:602c/64 
b2@if19          UP             fe80::8c10:94ff:fe39:98b1/64 
vxlan            UNKNOWN        10.244.2.1/32 fe80::1487:aeff:fe7a:4eca/64 
default via 10.0.4.1 dev eth0 
10.0.4.0/22 dev eth0 proto kernel scope link src 10.0.4.11 
10.244.1.0/24 via 10.244.1.1 dev vxlan onlink 
10.244.2.0/24 dev br0 proto kernel scope link src 10.244.2.2 
169.254.0.0/16 dev eth0 scope link metric 1002 

[HostA]# ip -br link; ip -br address; ip route
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
eth0             UP             52:54:00:b8:dd:65 <BROADCAST,MULTICAST,UP,LOWER_UP> 
br0              UP             1e:6e:4f:d0:f7:fe <BROADCAST,MULTICAST,UP,LOWER_UP> 
b1@if6           UP             1e:6e:4f:d0:f7:fe <BROADCAST,MULTICAST,UP,LOWER_UP> 
b2@if8           UP             fe:9e:59:c5:cf:3a <BROADCAST,MULTICAST,UP,LOWER_UP> 
vxlan            UNKNOWN        9e:ae:72:28:b1:93 <BROADCAST,MULTICAST,UP,LOWER_UP> 
lo               UNKNOWN        127.0.0.1/8 ::1/128 
eth0             UP             10.0.12.6/22 fe80::5054:ff:feb8:dd65/64 
br0              UP             10.244.1.2/24 fe80::78d6:97ff:fe4e:13b9/64 
b1@if6           UP             fe80::1c6e:4fff:fed0:f7fe/64 
b2@if8           UP             fe80::fc9e:59ff:fec5:cf3a/64 
vxlan            UNKNOWN        10.244.1.1/32 fe80::9cae:72ff:fe28:b193/64 
default via 10.0.12.1 dev eth0 
10.0.12.0/22 dev eth0 proto kernel scope link src 10.0.12.6 
10.244.1.0/24 dev br0 proto kernel scope link src 10.244.1.2 
10.244.2.0/24 via 10.244.2.1 dev vxlan onlink 
169.254.0.0/16 dev eth0 scope link metric 1002

관련 정보