我有一个包含两个虚拟主机的网络设置,具有以下指定的网络配置。
主持人A
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:62:2f:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.115/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s17
valid_lft 508sec preferred_lft 508sec
inet6 fe80::a00:27ff:fe62:2f06/64 scope link noprefixroute
valid_lft forever preferred_lft forever
主持人B
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s17: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:64:82:bc brd ff:ff:ff:ff:ff:ff
inet 192.168.56.116/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s17
valid_lft 521sec preferred_lft 521sec
inet6 fe80::a00:27ff:fe64:82bc/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: virtual0@enp0s17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:11:11:11:11:11 brd ff:ff:ff:ff:ff:ff
inet6 fe80::211:11ff:fe11:1111/64 scope link
valid_lft forever preferred_lft forever
在主机 A 上,我映射了一个永久 ARP 条目,例如:
arp -a
? (192.168.56.200) at 00:11:11:11:11:11 [ether] PERM on enp0s17
? (192.168.56.2) at 08:00:27:05:25:54 [ether] on enp0s17
ip route
169.254.0.0/16 dev enp0s17 scope link metric 1000
192.168.56.0/24 dev enp0s17 proto kernel scope link src 192.168.56.115 metric 100
现在,当我尝试从主机 A PING 地址 192.168.56.200 时,主机 B 上的任何接口都没有收到 ICMP 请求,即使 ICMP 请求数据包是从主机 A 正确发送的,我不明白为什么?
Frame 1189: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on interface enp0s17, id 0
Ethernet II, Src: PcsCompu_62:2f:06 (08:00:27:62:2f:06), Dst: Intel_11:11:11 (00:11:11:11:11:11)
Destination: Intel_11:11:11 (00:11:11:11:11:11)
Source: PcsCompu_62:2f:06 (08:00:27:62:2f:06)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.56.115, Dst: 192.168.56.200
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 84
Identification: 0x273e (10046)
010. .... = Flags: 0x2, Don't fragment
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 64
Protocol: ICMP (1)
Header Checksum: 0x20df [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.56.115
Destination Address: 192.168.56.200
Internet Control Message Protocol
由于 IPv4 地址不匹配,数据包不应该被虚拟接口接收并且没有返回回复吗?
这里供参考的是操作系统:
uname -a
Linux user 6.1.0-1parrot1-amd64 #1 SMP PREEMPT_DYNAMIC Parrot 6.1.15-1parrot1 (2023-04-25) x86_64 GNU/Linux
VirtualBox.
预期结果是主机 B 的网络接口上出现 ICMP Ping 请求数据包,但主机 A 没有收到回复。
解决方案:
VirtualBox 计算机具有允许或禁止网络接口上的混杂模式的设置。
在这种情况下,网络适配器被设置为禁止,即使 Linux 内核/操作系统设置了混杂模式,也没有任何效果。