Хост машина CentOS 5
Ядро и ПО обновлены
В одну сетевую заходит 2 vlan-а с номерами 11 (192.168.1.0/29) и 17 (192.168.2.128/28)
Причём у каждого vlan свой адрес маршрутизатора и использовать один default route не получается.
Когда настраивал пришлось сделать так:
1. Маршрут по-умолчанию завёл 192.168.1.1
2. А для второго vlan в
/etc/iproute2/rt_tables добавил
и в /etc/sysconfig/network-scripts/route-eth0.17 прописал вот это
192.168.1.2.128/28 dev eth0.17 table vlan17
default via 192.168.1.2.129 table vlan17
С таким конфигом хост машина по обоим адресам пингуется нормально
А вот виртуалки на 17-ом vlan при создании не пингуются из внешки. Однако начинают пинговаться если их ребутнуть и попинговать с хост машины. Но это не надолго. Через какое-то время снова отваливаются.
И ещё при каждом старте виртуалки вываливается такая ошибка
arpsend: 192.168.1.4 is detected on another computer : 00:11:20:f9:b7:01
vps-net_add WARNING: arpsend -c 1 -w 1 -D -e 192.168.1.4 eth0.17 FAILED
[root@server3 ~]# ip route list table all
192.168.2.128/28 dev eth0.17 table vlan17 scope link
default via 192.168.2.129 dev eth0.17 table vlan17
192.168.2.133 dev venet0 scope link
192.168.2.132 dev venet0 scope link
192.168.2.131 dev venet0 scope link
192.168.1.4 dev venet0 scope link
192.168.1.5 dev venet0 scope link
192.168.1.6 dev venet0 scope link
192.168.1.0/29 dev eth0.11 proto kernel scope link src 192.168.1.3
192.168.2.128/28 dev eth0.17 proto kernel scope link src 192.168.2.130
169.254.0.0/16 dev eth0.17 scope link
default via 192.168.1.1 dev eth0.11
broadcast 192.168.1.0 dev eth0.11 table 255 proto kernel scope link src 192.168.1.3
broadcast 127.255.255.255 dev lo table 255 proto kernel scope link src 127.0.0.1
local 192.168.1.3 dev eth0.11 table 255 proto kernel scope host src 192.168.1.3
local 192.168.2.130 dev eth0.17 table 255 proto kernel scope host src 192.168.2.130
broadcast 192.168.2.128 dev eth0.17 table 255 proto kernel scope link src 192.168.2.130
broadcast 192.168.1.7 dev eth0.11 table 255 proto kernel scope link src 192.168.1.3
broadcast 192.168.2.143 dev eth0.17 table 255 proto kernel scope link src 192.168.2.130
broadcast 127.0.0.0 dev lo table 255 proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo table 255 proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table 255 proto kernel scope host src 127.0.0.1
unreachable ::/96 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo metric 1024 expires 21333952sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0 metric 256 expires 21333946sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0.11 metric 256 expires 21333946sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0.17 metric 256 expires 21333948sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255
local ::1 via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::215:17ff:fe4e:e004 via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::215:17ff:fe4e:e004 via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::215:17ff:fe4e:e004 via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
ff00::/8 dev eth0 table 255 metric 256 expires 21333946sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth0.11 table 255 metric 256 expires 21333946sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth0.17 table 255 metric 256 expires 21333948sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255
[root@server3 ~]# iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
не доступный ip
[root@server3 ~]# tcpdump -i eth0 -e host 192.168.2.134
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:09:34.358979 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 66: 192.168.2.134.54250 > 85.175.46.130.domain: 64095+ AAAA? bitrix. (24)
10:09:39.359224 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 66: 192.168.2.134.54277 > 85.175.46.122.domain: 64095+ AAAA? bitrix. (24)
10:09:42.359912 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 66: 192.168.2.134.53972 > google-public-dns-a.google.com.domain: 64095+ AAAA? bitrix. (24)
доступный ip
[root@server3 ~]# tcpdump -i eth0 -e host 192.168.2.133
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:11:01.719433 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 66: 192.168.2.133.57559 > 85.175.46.130.domain: 38799+ AAAA? bitrix. (24)
10:11:01.778087 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 66: 192.168.2.133.58662 > 85.175.46.130.domain: 4630+ AAAA? bitrix. (24)
10:11:01.971840 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 74: 192.168.2.133 > 178.34.189.14: ICMP echo reply, id 1024, seq 54528, length 40
10:11:02.971196 00:15:17:4e:e0:04 (oui Unknown) > 00:11:20:f9:b7:01 (oui Unknown), ethertype IPv4 (0x0800), length 74: 192.168.2.133 > 178.34.189.14: ICMP echo reply, id 1024, seq 54784, length 40