- 论坛徽章:
- 6
|
(原创)由安装两块网卡的linux系统中引起网络不通想到的。
由安装两块网卡的linux系统中引起网络不通想到的--通过四个案例来讲述系统中存在多接口卡的问题。
一天,小王突然急匆匆的来找我,他说:“我在机子上刚装的redhat怎么老也ping不通服务器,我网卡的驱动都安装了,ping 自己的两块网卡的IP都能通,可就时访问不了服务器。我输入http://172.31.0.101就提示‘当试图与172.31.0.101联系时,连接被拒绝’”
我来到小王的机器前查看了一下网络配置。
[root@rhas root]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 000:B7:C6:8F:1D
inet addr:172.31.0.200 Bcast:172.31.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1306 (1.2 Kb) TX bytes:210 (210.0 b)
Interrupt:10 Base address:0xe800 Memory:d9100000-d9100038
eth1 Link encap:Ethernet HWaddr 00:01:03:40:A4:15
inet addr:172.31.0.201 Bcast:172.31.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:32 errors:0 dropped:0 overruns:0 carrier:32
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:1920 (1.8 Kb)
Interrupt:11 Base address:0xec00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1430 errors:0 dropped:0 overruns:0 frame:0
TX packets:1430 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:143776 (140.4 Kb) TX bytes:143776 (140.4 Kb)
[root@rhas root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.31.0.254 0.0.0.0 UG 0 0 0 eth1
到这一步我猜想网线可能没有插到默认网关对应的网卡上即eth1(嗨!小王的机器被镶在桌子里不太好挪动。连他自己把网线插在那块卡上都不知道了。)
接着我在一机子上ping 172.31.0.200和172.31.0.201,在小王的机器监听
[root@rhas root]# tcpdump
tcpdump: listening on eth0
19:32:29.109283 172.31.0.101 >; 172.31.0.200: icmp: echo request (DF)
19:32:30.109337 172.31.0.101 >; 172.31.0.200: icmp: echo request (DF)
19:32:31.109418 172.31.0.101 >; 172.31.0.200: icmp: echo request (DF)
19:32:42.670162 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:32:43.670218 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:32:44.670291 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
........................
........................
19:32:56.671040 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:32:57.671064 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:32:58.671133 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:32:59.671187 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:33:00.671257 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:33:01.671349 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:33:02.671377 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
19:33:03.671441 172.31.0.101 >; 172.31.0.201: icmp: echo request (DF)
36 packets received by filter
0 packets dropped by kernel
没有回应,看一下Firewall的设置。
[root@rhas3 123]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
又不是防火墙的问题,想了一下,我越发肯定刚才的想法是正确的。
[root@rhas root]# cat /etc/modules.conf
alias eth0 e100
alias eth1 3c59x
alias sound-slot-0 via82cxxx_audio
post-install sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -L >;/dev/null 2>;&1 || :
pre-remove sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -S >;/dev/null 2>;&1 || :
alias usb-controller usb-uhci
[root@rhas root]#mii-tool
eth0: negotiated 100baseTx-Fd flow-control, link ok
eth1: no linkk
找到原因了,果然是插反了。既然不方便换端口最简单的就把eth1即3Com网卡宕调就OK了
当然也可以把两块网卡分配在不同的网段。
[root@rhas root]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
# 3Com Corporation|3c905C-TX/TX-M [Tornado]
DEVICE=eth1
BOOTPROTO=static
BROADCAST=172.31.0.255
HWADDR=00:01:03:40:A4:15
IPADDR=172.31.0.201
NETMASK=255.255.255.0
NETWORK=172.31.0.0
ONBOOT=no
TYPE=Ethernet~
~
~
"/etc/sysconfig/network-scripts/ifcfg-eth1" [已转换] 10L, 207C 9,1 全部
或者在启动哦时根本不要加载3Com网卡的驱动哦。
从启动我们的网络
[root@rhas root]# service network restart
正在关闭接口 eth0: [ 确定 ]
关闭环回接口: [ 确定 ]
设置网络参数: [ 确定 ]
弹出环回接口: [ 确定 ]
弹出界面 eth0:
[ 确定 ]
[root@rhas root]#
[root@rhas root]#
[root@rhas root]#
[root@rhas root]# ifconfig
eth0 Link encap:Ethernet HWaddr 000:B7:C6:8F:1D
inet addr:172.31.0.200 Bcast:172.31.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:68 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5560 (5.4 Kb) TX bytes:504 (504.0 b)
Interrupt:10 Base address:0xe800 Memory:d9100000-d9100038
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2041 errors:0 dropped:0 overruns:0 frame:0
TX packets:2041 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:209184 (204.2 Kb) TX bytes:209184 (204.2 Kb)
[root@rhas root]# ping 172.31.0.101
PING 172.31.0.101 (172.31.0.101) 56(84) bytes of data.
64 bytes from 172.31.0.101: icmp_seq=0 ttl=64 time=0.542 ms
64 bytes from 172.31.0.101: icmp_seq=1 ttl=64 time=0.270 ms
--- 172.31.0.101 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.270/0.406/0.542/0.136 ms, pipe 2
[root@rhas root]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.31.0.254 0.0.0.0 UG 0 0 0 eth0
[root@rhas root]#
此时访问网络没有问题,故障排除。
案例二
由此我又想相类似的案例,一win98用户错将”TCP/IP-->;拨号适配器”设置了IP,结果造成他ping不通其他机器。
e.g.将拨号适配器设置ip=172.31.0.1
C:\>;ipconfig/all
Windows 98 IP Configuration
Host Name . . . . . . . . . : R4U2L8
DNS Servers . . . . . . . . :
Node Type . . . . . . . . . : Broadcast
NetBIOS Scope ID. . . . . . :
IP Routing Enabled. . . . . : No
WINS Proxy Enabled. . . . . : No
NetBIOS Resolution Uses DNS : No
0 Ethernet adapter :
Description . . . . . . . . : PPP Adapter.
Physical Address. . . . . . : 44-45-53-54-00-00
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 172.31.0.1
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . :
Primary WINS Server . . . . :
Secondary WINS Server . . . :
Lease Obtained. . . . . . . :
Lease Expires . . . . . . . :
1 Ethernet adapter :
Description . . . . . . . . : Intel(R) PRO PCI Adapter
Physical Address. . . . . . : 00-D0-B7-C6-8F-1D
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 172.31.0.200
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . :
Primary WINS Server . . . . :
Secondary WINS Server . . . :
Lease Obtained. . . . . . . :
Lease Expires . . . . . . . :
c:\>;route print
Active Routes:
Network Address Netmask Gateway Address Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.31.0.0 255.255.255.0 172.31.0.200 172.31.0.200 1
172.31.0.0 255.255.255.0 172.31.0.1 172.31.0.1 1
172.31.0.1 255.255.255.255 127.0.0.1 127.0.0.1 1
172.31.0.200 255.255.255.255 127.0.0.1 127.0.0.1 1
172.31.255.255 255.255.255.255 172.31.0.1 172.31.0.1 1
224.0.0.0 224.0.0.0 172.31.0.200 172.31.0.200 1
224.0.0.0 224.0.0.0 172.31.0.1 172.31.0.1 1
255.255.255.255 255.255.255.255 172.31.0.1 172.31.0.1 1
解决方法:把TCP/IP-->;拨号适配器的设置改成动态获取
c:\>; ipconfig/all
Windows 98 IP Configuration
Host Name . . . . . . . . . : j
DNS Servers . . . . . . . . :
Node Type . . . . . . . . . : Broadcast
NetBIOS Scope ID. . . . . . :
IP Routing Enabled. . . . . : No
WINS Proxy Enabled. . . . . : No
NetBIOS Resolution Uses DNS : No
0 Ethernet adapter :
Description . . . . . . . . : PPP Adapter.
Physical Address. . . . . . : 44-45-53-54-00-00
DHCP Enabled. . . . . . . . : Yes
IP Address. . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . :
DHCP Server . . . . . . . . : 255.255.255.255
Primary WINS Server . . . . :
Secondary WINS Server . . . :
Lease Obtained. . . . . . . :
Lease Expires . . . . . . . :
1 Ethernet adapter :
Description . . . . . . . . : Intel(R) PRO PCI Adapter
Physical Address. . . . . . : 00-D0-B7-C6-8F-1D
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 172.31.0.200
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . :
Primary WINS Server . . . . :
Secondary WINS Server . . . :
Lease Obtained. . . . . . . :
Lease Expires . . . . . . . :
我们在看一下路由表
c:\>;route print
Active Routes:
Network Address Netmask Gateway Address Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.31.0.0 255.255.255.0 172.31.0.200 172.31.0.200 1
172.31.0.200 255.255.255.255 127.0.0.1 127.0.0.1 1
172.31.255.255 255.255.255.255 172.31.0.200 172.31.0.200 1
224.0.0.0 224.0.0.0 172.31.0.200 172.31.0.200 1
255.255.255.255 255.255.255.255 172.31.0.200 0.0.0.0 1
安装win98机器的网络立即恢复正常。
其实系统把本网段数据包都送到了环路地址( 127.0.0.1 )上把不属于本网段的统统送到172.31.0.1即拨号适配器的接口卡上。没有传到Intel(R) PRO PCI Adapter当然也就不通了。
案例三
小王的redat 8在安装时候按照提示配置了IP,DNS GATEWAY,结果进入系统用KPPP拨号能成功可就是上不了网(internet)
我们看一下他拨号前的网络配置情况
[root@rhas3 ipv4]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=172.31.0.101
NETMASK=255.255.255.0
GATEWAY=172.31.0.254
[root@rhas3 ipv4]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.31.0.254 0.0.0.0 UG 0 0 0 eth0
拨号后
[root@rhas3 ipv4]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0D:60:78:C6:A3
inet addr:172.31.0.101 Bcast:172.31.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5574 errors:0 dropped:0 overruns:0 frame:0
TX packets:1844 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:681356 (665.3 Kb) TX bytes:1342735 (1.2 Mb)
Interrupt:11 Base address:0x8000 Memory:c0220000-c0240000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3952 errors:0 dropped:0 overruns:0 frame:0
TX packets:3952 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:252759 (246.8 Kb) TX bytes:252759 (246.8 Kb)
ppp0 Link encapoint-to-Point Protocol
inet addr:202.106.26.72 P-t-P:202.106.2.99 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:5 errors:1 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:86 (86.0 b) TX bytes:82 (82.0 b)
[root@rhas3 ipv4]# cat /etc/resolv.conf
nameserver 172.31.0.1
nameserver 202.106.46.151 #kppp temp entry
nameserver 202.106.0.20 #kppp temp entry
这时我们先ping一下
[root@rhas3 ipv4]# ping 202.197.120.12
PING 202.197.120.12 (202.197.120.12) 56(84) bytes of data.
From 172.31.0.101 icmp_seq=0 Destination Host Unreachable
From 172.31.0.101 icmp_seq=1 Destination Host Unreachable
From 172.31.0.101 icmp_seq=2 Destination Host Unreachable
From 172.31.0.101 icmp_seq=3 Destination Host Unreachable
From 172.31.0.101 icmp_seq=4 Destination Host Unreachable
From 172.31.0.101 icmp_seq=5 Destination Host Unreachable
From 172.31.0.101 icmp_seq=6 Destination Host Unreachable
From 172.31.0.101 icmp_seq=7 Destination Host Unreachable
也许对方把ping功能关闭了
再试一下
#lynx www.chinaunix.com
looking up host
停在那里不动了。
这下我们 traceroute一下
[root@rhas3 ipv4]# traceroute www.ibm.com
traceroute: unknown host www.ibm.com
接着我们再看看KPPP统计数据流量为0.0(不秒呀!)
刚才一拨号上去后我就打开了tcpdump,它最有说服力。
[root@rhas3 root]# tcpdump -i ppp0
tcpdump: listening on ppp0
10:59:36.267989 202.73.162.165.1049 >; 202.106.26.72.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
11:00:57.487988 69.10.97.235.22002 >; 202.106.26.72.3127: S 13122:13122(0) win 20770
11:00:57.577993 69.10.97.235.22002 >; 202.106.26.72.socks: S 27390:27390(0) win 4947
11:00:57.687994 69.10.97.235.22002 >; 202.106.26.72.amanda: S 8889:8889(0) win 21892
11:00:57.797991 69.10.97.235.22002 >; 202.106.26.72.squid: S 23156:23156(0) win 6069
11:01:35.067992 211.104.228.204.2233 >; 202.106.26.72.socks: S 3499167798:3499167798(0) win 65535 <mss 1452,nop,nop,sackOK>; (DF)
11:04:33.138000 61.49.167.194.5188 >; 202.106.26.72.135: udp 832
细心的人一定想到看一下route table
[root@rhas3 ipv4]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
202.106.2.99 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.31.0.254 0.0.0.0 UG 0 0 0 eth0
哦! 原来系统把不属于本网段(172.31.0.0)的数据包都送到了eht0接口,光发出去结果回不来,当然上不了网了。此故障同样也出现在ADSL的上网过程中。
既然找到了故障原因,排除就简单了
a.[root@rhas3 ipv4]# route del -net 0.0.0.0
或者去掉/etc/sysconfig/network-scripts/ifcfg-eth0中的GATEWAY=172.31.0.254
再从启网络也行。
b.kppp 拨号
c.[root@rhas3 ipv4]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
202.106.2.105 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
172.31.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0202.106.2.105 0.0.0.0 UG 0 0 0 ppp0
d.[root@rhas3 ipv4]# tcpdump -i ppp0
tcpdump: listening on ppp0
11:23:05.996542 202.106.27.196.34934 >; 61.135.136.122.http: S 64870344:64870344(0) win 5840 <mss 1460,sackOK,timestamp 971099 0,nop,wscale 0>; (DF)
11:23:06.117987 61.135.136.122.http >; 202.106.27.196.34934: S 3015477394:3015477394(0) ack 64870345 win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 74575731 971099>; (DF)
11:23:06.118065 202.106.27.196.34934 >; 61.135.136.122.http: . ack 1 win 5840 <nop,nop,timestamp 971112 74575731>; (DF)
11:23:06.118423 202.106.27.196.34934 >; 61.135.136.122.http: P 1:1116(1115) ack 1 win 5840 <nop,nop,timestamp 971112 74575731>; (DF)
11:23:06.508016 202.106.27.196.34934 >; 61.135.136.122.http: P 1:1116(1115) ack 1 win 5840 <nop,nop,timestamp 971151 74575731>; (DF)
11:23:06.818049 61.135.136.122.http >; 202.106.27.196.34934: . 1:1449(144 ack 1116 win 33304 <nop,nop,timestamp 74575774 971112>; (DF)
11:23:06.818115 202.106.27.196.34934 >; 61.135.136.122.http: . ack 1449 win 8688 <nop,nop,timestamp 971182 74575774>; (DF)
11:23:07.088013 61.135.136.122.http >; 202.106.27.196.34934: . 1449:2897(144 ack 1116 win 33304 <nop,nop,timestamp 74575774 971112>; (DF)
11:23:07.088077 202.106.27.196.34934 >; 61.135.136.122.http: . ack 2897 win 11584 <nop,nop,timestamp 971209 74575774>; (DF)
11:23:07.097987 61.135.136.122.http >; 202.106.27.196.34934: . ack 1116 win 33304 <nop,nop,timestamp 74575805 971151>; (DF)
11:23:07.358012 61.135.136.122.http >; 202.106.27.196.34934: . 2897:4345(144 ack 1116 win 33304 <nop,nop,timestamp 74575813 971182>; (DF)
11:23:07.358076 202.106.27.196.34934 >; 61.135.136.122.http: . ack 4345 win 14480 <nop,nop,timestamp 971236 74575813>; (DF)
11:23:07.618014 61.135.136.122.http >; 202.106.27.196.34934: . 4345:5793(144 ack 1116 win 33304 <nop,nop,timestamp 74575813 971182>; (DF)
11:23:07.618080 202.106.27.196.34934 >; 61.135.136.122.http: . ack 5793 win 17376 <nop,nop,timestamp 971262 74575813>; (DF)
11:23:07.878012 61.135.136.122.http >; 202.106.27.196.34934: . 5793:7241(144 ack 1116 win 33304 <nop,nop,timestamp 74575839 971209>; (DF)
11:23:07.878073 202.106.27.196.34934 >; 61.135.136.122.http: . ack 7241 win 20272 <nop,nop,timestamp 971288 74575839>; (DF)
11:23:08.138005 61.135.136.122.http >; 202.106.27.196.34934: . 7241:8689(144 ack 1116 win 33304 <nop,nop,timestamp 74575839 971209>; (DF)
11:23:08.138061 202.106.27.196.34934 >; 61.135.136.122.http: . ack 8689 win 23168 <nop,nop,timestamp 971314 74575839>; (DF)
11:23:08.398010 61.135.136.122.http >; 202.106.27.196.34934: . 8689:10137(144 ack 1116 win 33304 <nop,nop,timestamp 74575867 971236>; (DF)
11:23:08.398070 202.106.27.196.34934 >; 61.135.136.122.http: . ack 10137 win 26064 <nop,nop,timestamp 971340 74575867>; (DF)
11:23:08.668005 61.135.136.122.http >; 202.106.27.196.34934: . 10137:11585(144 ack 1116 win 33304 <nop,nop,timestamp 7457
去掉了原来的默认GATEWAY,正常了。哈哈!!
案例四
在配置好
有的人安装vmware后,产生了几块虚拟网卡(vnet0 ,vnet1 vnet配置不当也造成网络不通的现象。
其实解决方法都类似,最后大家在多网络接口卡的系统里,当网络发生不通的情况一定要主意路由表的设置,以及网线是否连结正确。
总结:
其实这四类故障都是一个系统上存在个网络接口卡的情况,系统有多个接口卡就存在路由其实搞清楚数据包的流向和路由表的配置就基本没问题了。最好选用不同的网卡,不要将两块网卡的IP地址分配在同一网段上。
至于ifconfig,route ,tcpdump谁都会没什么好讲的只要运用的当。 |
|