主页 / user-372967

Doug Smythies's questions

Martin Hope
Doug Smythies
Asked: 2021-04-24 08:40:05 +0800 CST
  • 3

摘要:在桥接 KVM/QEMU 配置中,发往来宾 VM 的网络数据包无法到达那里。

配置:主机是最新的 Ubuntu 20.04.2 LTS 服务器;来宾是 3 个虚拟机中的任何一个,一个非常旧的 16.04 Ubuntu 服务器,一个旧的 Ubuntu 20.04 桌面和一个全新的 Ubuntu 21.04 桌面。前 2 个 VM 正在从非桥接、NAT'd 转换,第 3 个 VM 是指定桥接网络创建的。最终,VM 将通过 DHCP 从主 LAN 获取其 IP 地址,但目前为了获得更好的调试信息,它们使用静态 IP 地址。

主机桥定义 , /etc/netplan/01-netcfg.yaml(这是众多尝试之一):

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    enp3s0:
      dhcp4: no
  bridges:
    br0:
#      interfaces: [ enp3s0 ]
      dhcp4: yes
#      dhcp6: no
#      link-local: [ ]
      interfaces:
        - enp3s0
#      parameters:
#        stp: true
#        forward-delay: 4

虚拟的东西,/etc/libvirt/qemu/networks/br0.xml

<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
  virsh net-edit br0
or other application using the libvirt API.
-->

<network>
  <name>br0</name>
  <uuid>40a8752c-d074-4802-bae8-b0aef95d9c99</uuid>
  <forward mode='bridge'/>
  <bridge name='br0'/>
</network>

注意:已经尝试了许多版本的桥接 .xml 文件,包括不同的名称,不同的引用使用不同的技术。Ubuntu Serverguide 引用了这个,它说名称和网桥名称必须相同,但其他参考文献中的名称和网桥名称不同。使用 nano 创建裸文件后,这些命令:

virsh net-define br0.xml
virsh net-autostart br0
virsh net-start br0

用于添加和配置它。默认的 NAT 方式是从自动启动目录中取消链接的,以免取消链接。最终,它是未定义的。结果:

$ virsh net-list --all
 Name      State      Autostart   Persistent
----------------------------------------------
 br0       active     yes         yes

此时重启后完全没有iptables规则。但是,VM 没有网络访问权限。请注意,一些参考文献提到了 br_netfilter 模块的特殊 iptables 规则和特殊属性,所有这些都已尝试过。这个问题已经够长了,没有详细介绍这里尝试的变化的所有细节。

调试详细信息:无论配置变体如何,基本问题始终相同,VM 目标数据包似乎没有到达主机,至少在 tcpdump 中看到。但是,广播类型的数据包确实会到达并确实到达客户端 VM。

此示例将在 LAN 上使用 192.168.111.59 (MAC: 52:54:00:60:ea:0e)、16.04 服务器 VM 和 192.168.111.132(树莓派)。20.04 主机服务器位于 192.168.111.136。网络掩码为 24 位,255.255.255.0。网关和 DHCP 服务器是 Debian 服务器(顺便说一下,桥接来宾 VM 在其上工作正常)。

在 ping 期间从 raspberry-pi 看到的第一个 tpcudmp:

doug@rpi2:~ $ sudo tcpdump -n -tttt -i eth0 ether host 52:54:00:60:ea:0e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
2021-04-23 08:33:19.363553 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 08:33:19.487239 IP 192.168.111.132 > 192.168.111.59: ICMP echo request, id 27848, seq 14, length 64
2021-04-23 08:33:20.363542 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 08:33:20.527250 IP 192.168.111.132 > 192.168.111.59: ICMP echo request, id 27848, seq 15, length 64
2021-04-23 08:33:21.567215 IP 192.168.111.132 > 192.168.111.59: ICMP echo request, id 27848, seq 16, length 64
2021-04-23 08:33:22.607228 IP 192.168.111.132 > 192.168.111.59: ICMP echo request, id 27848, seq 17, length 64
2021-04-23 08:33:23.372351 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 08:33:23.647228 IP 192.168.111.132 > 192.168.111.59: ICMP echo request, id 27848, seq 18, length 64
2021-04-23 08:33:24.371431 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 46

从所有 ARP 活动中可以看出,VM 正在正常发送数据包。但是,它从不回复任何内容。现在让我们观察来自主机的相同活动,注意 tcpdump 输出对于任何接口 br0 或 enp3s0 或 vnet0 都是相同的。

$ sudo tcpdump -n -tttt -i br0 ether host 52:54:00:60:ea:0e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
2021-04-23 08:40:38.837608 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:39.837159 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:40.837122 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:43.842985 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:44.840895 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:45.840991 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:48.848508 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:49.848895 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:50.848871 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:51.514011 ARP, Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28
2021-04-23 08:40:52.928400 ARP, Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28
2021-04-23 08:40:53.853881 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-23 08:40:54.852472 ARP, Request who-has 192.168.111.1 tell 192.168.111.59, length 28

每隔一段时间观察一下 VM 是否响应,但稍后我们会看到它是针对广播数据包的。似乎还有一个问题是 192.168.111.1 没有响应。无论出于何种原因,在 tcpdump 级别都看不到数据包。还要注意没有来自树莓派的 ICMP 数据包。现在,显示网关响应(这是另一台计算机上的“br0”。编辑:替换为更好的捕获示例,因此时间戳不同):

$ sudo tcpdump -n -tttt -e -i br0 ether host 52:54:00:60:ea:0e
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
2021-04-23 22:25:17.434415 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:17.434432 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28
2021-04-23 22:25:20.440843 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:20.440859 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28
2021-04-23 22:25:21.438316 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:21.438332 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28
2021-04-23 22:25:22.438266 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:22.438283 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28
2021-04-23 22:25:25.446312 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:25.446329 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28
2021-04-23 22:25:26.446195 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-23 22:25:26.446211 xx:xx:xx:xx:xx:xx > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at xx:xx:xx:xx:xx:xx, length 28

观察虚拟机传出数据包,ARP 完成。我不知道如何从我通过 VNC 与之通信的 VM 复制和粘贴,但它显示了一些已完成但陈旧的 ARP 条目以响应ip neigh命令,并且 tcpdump 显示来自 LAN 的一些 ARP 和广播数据包。

其他信息(与此问题无关的 MAC 已隐藏):

$ brctl show br0
bridge name     bridge id               STP enabled     interfaces
br0             8000.3c7c3f0d9983       no              enp3s0
                                                        vnet0
$ brctl showmacs br0
port no mac addr                is local?       ageing timer
  1     xx:xx:xx:xx:xx:xx       no                 0.00
  1     3c:7c:3f:0d:99:83       yes                0.00
  1     3c:7c:3f:0d:99:83       yes                0.00
  2     52:54:00:60:ea:0e       no                 1.68
  1     xx:xx:xx:xx:xx:xx       no                 2.14
  1     xx:xx:xx:xx:xx:xx       no                36.84
  1     xx:xx:xx:xx:xx:xx       no                89.57
  1     xx:xx:xx:xx:xx:xx       no               226.51
  1     xx:xx:xx:xx:xx:xx       no                13.28
  1     xx:xx:xx:xx:xx:xx       no               165.68
  1     xx:xx:xx:xx:xx:xx       no               165.68
  1     xx:xx:xx:xx:xx:xx       no               265.02
  1     xx:xx:xx:xx:xx:xx       no                27.62
  2     fe:54:00:60:ea:0e       yes                0.00
  2     fe:54:00:60:ea:0e       yes                0.00

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
    link/ether 3c:7c:3f:0d:99:83 brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 3c:7c:3f:0d:99:83 brd ff:ff:ff:ff:ff:ff
    inet 192.168.111.136/24 brd 192.168.111.255 scope global dynamic br0
       valid_lft 51547sec preferred_lft 51547sec
7: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN group default qlen 1000
    link/ether fe:54:00:60:ea:0e brd ff:ff:ff:ff:ff:ff

编辑:有趣的是,来自配置为交换机的 D-Link AC2600 Wi-Fi 千兆路由器的所有 ARP 数据包总是出现在主机上并到达虚拟机并回复:

$ sudo tcpdump -n -tttt -e -i br0 ether host aa:aa:aa:aa:aa:aa
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
2021-04-23 22:45:51.463524 aa:aa:aa:aa:aa:aa > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.59 (ff:ff:ff:ff:ff:ff) tell 192.168.111.58, length 46
2021-04-23 22:45:51.463631 52:54:00:60:ea:0e > aa:aa:aa:aa:aa:aa, ethertype ARP (0x0806), length 42: Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28
2021-04-23 22:46:51.466955 aa:aa:aa:aa:aa:aa > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.59 (ff:ff:ff:ff:ff:ff) tell 192.168.111.58, length 46
2021-04-23 22:46:51.467030 52:54:00:60:ea:0e > aa:aa:aa:aa:aa:aa, ethertype ARP (0x0806), length 42: Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28
2021-04-23 22:47:51.466889 aa:aa:aa:aa:aa:aa > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.59 (ff:ff:ff:ff:ff:ff) tell 192.168.111.58, length 46
2021-04-23 22:47:51.466965 52:54:00:60:ea:0e > aa:aa:aa:aa:aa:aa, ethertype ARP (0x0806), length 42: Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28
2021-04-23 22:48:51.479096 aa:aa:aa:aa:aa:aa > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.59 (ff:ff:ff:ff:ff:ff) tell 192.168.111.58, length 46
2021-04-23 22:48:51.479178 52:54:00:60:ea:0e > aa:aa:aa:aa:aa:aa, ethertype ARP (0x0806), length 42: Reply 192.168.111.59 is-at 52:54:00:60:ea:0e, length 28

编辑 3 - 新配置测试:为了减少变量的数量,完成了以下操作:

  • 一台即将退役的 Ubuntu 16.04 服务器启动,提供了一个新的隔离 LAN。
  • 主机 Ubuntu 20.04 服务器直接连接到 16.04 服务器的 LAN 端 NIC。根本不涉及任何交换机,只有一根长以太网电缆。
  • 事情经过测试,似乎工作正常。通过 ssh 从我的主 LAN 访问所有内容,通过我的主静态 WAN IP 并通过我的测试 WAN 静态 IP 回到旧的 16.04 服务器。然后从那里到 20.04 主机服务器的链式 ssh 会话。
  • Ubuntu 16.04 VM 客户端已在主机上启动。
  • 尝试从旧的 16.04 网关服务器到客户端的“ping”。
  • 结果与原始配置相同。

网关旧 16.04 服务器上的 tcpdump:

doug@DOUG-64:~$ sudo tcpdump -n -tttt -e -i enp2s0 ether host 52:54:00:60:ea:0e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes
2021-04-26 15:10:00.701941 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:00.701965 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28
2021-04-26 15:10:01.699156 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:01.699169 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28
2021-04-26 15:10:02.699141 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:02.699154 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28
2021-04-26 15:10:05.707404 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:05.707417 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28
2021-04-26 15:10:06.707097 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:06.707110 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28
2021-04-26 15:10:07.707094 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.111.1 tell 192.168.111.59, length 46
2021-04-26 15:10:07.707107 00:19:b9:0d:af:fa > 52:54:00:60:ea:0e, ethertype ARP (0x0806), length 42: Reply 192.168.111.1 is-at 00:19:b9:0d:af:fa, length 28

20.04 主机服务器上的 tcpdump:

doug@s19:~$ sudo tcpdump -n -tttt -e -i br0 ether host 52:54:00:60:ea:0e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 262144 bytes
2021-04-26 15:11:35.801771 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:36.800497 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:37.800491 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:40.807062 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:41.804469 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:42.804444 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:45.812553 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:46.812405 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28
2021-04-26 15:11:47.812398 52:54:00:60:ea:0e > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.111.1 tell 192.168.111.59, length 28

附带说明:从我的链接 ssh 会话到 20.04 主机服务器,我可以再次链接并 ssh 到 VM 客户端就好了。

结论: Ubuntu 20.04 服务器上的链路层出了点问题,因此 tcpdump 甚至无法“看到”传入的数据包,也无法到达 VM 来宾。

编辑 4:与 Christian Ehrhardt 提供的信息相比,我的系统上的潜在差异是 br0 MAC 列表可能不正确,替换了第一个字节。注意:不相关的 MAC 已删除,3 个 VM 正在运行:

doug@s19:~$ brctl showmacs br0
port no mac addr                is local?       ageing timer
  1     3c:7c:3f:0d:99:83       yes                0.00  <<< enp3s0, br0
  1     3c:7c:3f:0d:99:83       yes                0.00  <<< enp3s0, br0
  4     52:54:00:22:2f:dc       no                 5.15  <<< VM 3
  2     52:54:00:60:ea:0e       no                 3.29  <<< VM 1
  3     52:54:00:60:ea:3e       no                12.67  <<< VM 2
  4     fe:54:00:22:2f:dc       yes                0.00  <<< vnet2
  4     fe:54:00:22:2f:dc       yes                0.00  <<< vnet2
  2     fe:54:00:60:ea:0e       yes                0.00  <<< vnet0
  2     fe:54:00:60:ea:0e       yes                0.00  <<< vnet0
  3     fe:54:00:60:ea:3e       yes                0.00  <<< vnet1
  3     fe:54:00:60:ea:3e       yes                0.00  <<< vnet1

出于某种原因,Christian 没有显示 vnet,或者在他的系统上调用的任何内容,连接到网桥(我不知道它是否相关):

$ brctl showmacs br0
port no mac addr        is local?   ageing timer
  2 52:54:00:48:40:69   no         2.36   <- Guest
  1 52:54:00:95:e4:2a   no         0.00   <- outside system
  1 52:54:00:9b:9b:0e   yes        0.00   <- Host
  1 52:54:00:9b:9b:0e   yes        0.00   <- Host

编辑 5:与编辑 4 类似的数据,但来自运行 2 个虚拟机的 Debian 服务器,运行正常:

doug@s15:~$ sudo brctl showmacs br0
port no mac addr                is local?       ageing timer
  1     52:54:00:22:2f:dc       no                17.85
  2     52:54:00:27:1b:5e       no                18.48  <<< VM 1
  3     52:54:00:27:1b:ae       no                 2.14  <<< VM 2
  1     f4:8c:eb:c8:08:a0       no                18.48
  2     fe:71:fa:75:16:93       yes                0.00  <<< tap0 (VM1)
  2     fe:71:fa:75:16:93       yes                0.00  <<< tap0
  3     fe:e1:c5:2a:c7:e3       yes                0.00  <<< tap1 (VM2)
  3     fe:e1:c5:2a:c7:e3       yes                0.00  <<< tap1

编辑 6:来自 的信息networkctl,需要注意的是 Debian 服务器显示“Master: br0”,而 Ubuntu 服务器没有:

Ubuntu:

doug@s19:~$ networkctl
IDX LINK   TYPE     OPERATIONAL SETUP
  1 lo     loopback carrier     unmanaged
  2 enp3s0 ether    enslaved    configured
  3 br0    bridge   routable    configured
  4 vnet0  ether    carrier     unmanaged

4 links listed.
doug@s19:~$ man networkctl
doug@s19:~$ networkctl^Cnetworkctl
doug@s19:~$ networkctl status vnet0
● 4: vnet0
             Link File: /usr/lib/systemd/network/99-default.link
          Network File: n/a
                  Type: ether
                 State: carrier (unmanaged)
                Driver: tun
            HW Address: fe:54:00:60:ea:0e
                   MTU: 1500 (min: 68, max: 65521)
  Queue Length (Tx/Rx): 1/1
      Auto negotiation: no
                 Speed: 10Mbps
                Duplex: full
                  Port: tp

Apr 30 07:40:51 s19 systemd-networkd[530]: vnet0: Link UP
Apr 30 07:40:51 s19 systemd-networkd[530]: vnet0: Gained carrier

德比安:

doug@s15:~$ networkctl
IDX LINK   TYPE     OPERATIONAL SETUP
  1 lo     loopback carrier     unmanaged
  2 enp3s0 ether    enslaved    configured
  3 enp1s0 ether    routable    configured
  4 br0    bridge   routable    configured
 10 tap0   ether    carrier     unmanaged

5 links listed.
doug@s15:~$ networkctl status tap0
● 10: tap0
             Link File: /usr/lib/systemd/network/99-default.link
          Network File: n/a
                  Type: ether
                 State: carrier (unmanaged)
                Driver: tun
            HW Address: fe:8a:6a:ce:18:9c
                   MTU: 1500 (min: 68, max: 65521)
                 QDisc: pfifo_fast
                Master: br0   <<<<< Different than Ubuntu
  Queue Length (Tx/Rx): 1/1
      Auto negotiation: no
                 Speed: 10Mbps
                Duplex: full
                  Port: tp

问题:出了什么问题,如何让桥接的 VM 正常工作?

networking
Martin Hope
Doug Smythies
Asked: 2020-04-24 06:53:30 +0800 CST
  • 1

对于 20.04,Ubuntu 服务器指南已移至新位置。重定向已添加到 .htaccess 文件中。但是,它们不适用于所有 URL。

请注意,help.ubuntu.com 的相关部分每天仅从主启动板分支发布一次。目标是做到这一点,因为我昨天显然没有做到这一点。

工作示例:

https://help.ubuntu.com/20.04/serverguide/remote-administration.html.fr

去:

https://ubuntu.com/server/docs

不工作的例子:

https://help.ubuntu.com/20.04/serverguide/remote-administration.html

返回 404 未找到。

.htaccess 文件的相关部分:

# For 20.04, and likely onwards, the serveguide has moved.
# Don't try to be too clever, just force the base page and drop the rest.
#
RedirectMatch permanent ^/(stable|lts|20\.04)/(serverguide/.+\.html)\..* https://ubuntu.com/server/docs
RedirectMatch permanent ^/(stable|lts|20\.04)/(serverguide/.+\.pdf)\..* https://assets.ubuntu.com/ubuntu-server-guide

它似乎需要语言扩展才能工作。这行得通吗?

RedirectMatch permanent ^/(stable|lts|20\.04)/(serverguide/.+\.html) https://ubuntu.com/server/docs
RedirectMatch permanent ^/(stable|lts|20\.04)/(serverguide/.+\.pdf) https://assets.ubuntu.com/ubuntu-server-guide

我没有办法在我的测试服务器上对此进行测试,并希望在下一个出版物中正确使用它。

编辑:通过删除表达式的“行首”部分,事实证明我可以在我的测试服务器上调试它,该位置是几个子目录。通过 Muru 的答案测试和我自己的测试,有是对解决方案的信心。

参考资料:
https ://help.ubuntu.com/
https://code.launchpad.net/~ubuntu-core-doc/help.ubuntu.com/help.ubuntu.com
https://bazaar.launchpad.net/ ~ubuntu-core-doc/help.ubuntu.com/help.ubuntu.com/view/head:/.htaccess
Apache Web 服务器 - 如何去除语言扩展

apache2
Martin Hope
Doug Smythies
Asked: 2019-06-21 13:39:52 +0800 CST
  • 2

这个问题与在 help.ubuntu.com 上发布 Ubuntu Serverguide 有关。对于 20.04 LTS 周期,Ubuntu Serverguide 的源代码工作流程(好吧可能)会有重大变化。目前,此迁移不考虑翻译。我们最好的反馈是服务器管理员类型更喜欢英语,即使它不是他们的第一语言。在决定变得不可逆之前,我们希望通过仅用美国英语发布 18.04 Ubuntu Serverguide 的下一个版本来测试它。一切准备就绪,除了一个问题:

我们肯定知道,语言扩展名中存在许多链接、书签等。例子:

https://help.ubuntu.com/lts/serverguide/networking.html.en-CA

我们希望该场景返回此页面:

https://help.ubuntu.com/lts/serverguide/networking.html

因为特定语言版本将不再存在,但返回 404 Not Found 错误是不可取的。

.htaccess 文件的当前版本(已注释掉以前的尝试)是:

# unable to make below method work.
#RedirectMatch permanent ^(*\.html)\.*$ $1
#
# enable rewriting
RewriteEngine on
#RewriteRule ^(*\.html)\.*$ $1 [R=301, L]
#RewriteRule ^(*\.html)\.*$ $1
RewriteRule ^(*\.html)\.*$ $1 [PT]
#RewriteRule ^(*.html).*$ $1

导致:

500 Internal Server Error

到客户端,这在测试服务器日志中:

[Thu Jun 20 11:57:07.647838 2019] [core:alert] [pid 16079] [client 192.168.111.101:62992] /home/doug/public_html/linux/ubuntu-docs/help.ubuntu.com/dev/lts/serverguide/.htaccess: RewriteRule: cannot compile regular expression '^(*\\.html)\\.*$', referer: http://my-test-website/~doug/linux/ubuntu-docs/help.ubuntu.com/dev/index.html
[Thu Jun 20 14:19:27.360334 2019] [core:alert] [pid 16079] [client 192.168.111.101:63908] /home/doug/public_html/linux/ubuntu-docs/help.ubuntu.com/dev/lts/serverguide/.htaccess: RewriteRule: cannot compile regular expression '^(*\\.html)\\.*$', referer: http://my-test-website/~doug/linux/ubuntu-docs/help.ubuntu.com/dev/index.html

请注意,当前尝试使用语言扩展的通配符。如果这是不可能的,那么语言列表是:

ace ar ast be bg bn bs ca cs da de el en en_AU en_CA en_GB eo es et eu fa fi fr gl gu he hr hu id is it ja km ko ku lo lt lv mk ms nb nl oc pl ps pt_BR pt ro ru sk sl sq sr sv th tl tr ug uk ur vi zh_CN zh_TW

有人可以帮忙吗?

server apache2 language .htaccess mod-rewrite
Martin Hope
Doug Smythies
Asked: 2017-03-15 10:03:38 +0800 CST
  • 1

Ubuntu 桌面帮助文档和 Ubuntu Serverguide 以大约 60 种语言发布在help.ubuntu.com网站上(尽管许多翻译非常不完整)。文档编译工作流程有点浪费,因为它为每个文件制作特定的语言版本,即使它们对于所有语言都是相同的。例如:

doug@s15:~/docs-trunk/z/html/ubuntu-docs$ ls -l *yelp-note-warning*
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.am
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.ar
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.ast
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.az
...
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.ur
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.uz
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.zh-CN
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.zh-HK
-rw-r--r-- 1 doug doug 1088 Mar 13 23:55 yelp-note-warning.png.zh-TW

对于这样的文件,只需一个名为的文件就足够了yelp-note-warning.png

为了完整起见,我们无法只制作一个文件的示例:

doug@s15:~/docs-trunk/z/html/ubuntu-docs$ ls -l figures/unity-workspace-intro*
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.am
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.ar
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.ast
...
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.da
-rw-r--r-- 1 doug doug 64335 Mar 13 23:55 figures/unity-workspace-intro.png.de
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.el
...
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.id
-rw-r--r-- 1 doug doug 47152 Mar 13 23:55 figures/unity-workspace-intro.png.it
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.ja
...
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.zh-HK
-rw-r--r-- 1 doug doug 48077 Mar 13 23:55 figures/unity-workspace-intro.png.zh-TW

我的问题是:我们如何确定所有文件都是相同的,如果是,则用一个没有特定语言后缀的文件替换它们?

伪代码:

For all files, including sub-folders{
   If all language specific versions of the file are identical{
      Replace the language specific versions with one non-language specific version.
   }
}

目前,我们只关心桌面帮助文档,但如果解决了问题,我们也会为 Serverguide 做。

如果可能(并且首选),这可以在 Makefile 中完成。或者作为一个独立的脚本(我想可以从 Makefile 中调用)。我担心为它编写 ac 程序,并不是所有的 Ubuntu 文档团队成员也是 c 程序员,这会导致潜在的维护问题。
可以设想,但不是要求,按照上面的伪代码,新代码将被添加到 Makefile 安装部分的最后:

# Installs all HTML files to a single multilingual directory for subsequent copying to
# the web server document structure (e.g. to run with Apache and MultiViews enabled)
install:
        rm -Rf "$(INSTALLDIR)"/*; \
        mkdir -p "$(INSTALLDIR)"; \
        cp -R "$(HTMLDESTDIR)/"* "$(INSTALLDIR)"; \
        for lc in C $(help_linguas); do \
                lang=`echo $$lc | $(SED) -e 's/[@_]/-/'`; \
                if test "$$lang" = "C"; then lang=en; fi; \
                if test "$$lang" = "gl"; then lang=gl-GL; fi; \
                if test "$$lang" = "ms"; then lang=ms-MS; fi; \
                if test "$$lang" = "pl"; then lang=pl-PL; fi; \
                cp -af "$(INSTALLDIR)/$$lang"/*.css "$(INSTALLDIR)"; \
                rm -Rf "$(INSTALLDIR)/$$lang"/*.css ; \
                find "$(INSTALLDIR)/$$lang" -type f -exec mv {} {}.$$lang \; ; \
                cp -af "$(INSTALLDIR)/$$lang"/* "$(INSTALLDIR)"; \
                rm -Rf "$(INSTALLDIR)/$$lang" ; \
        done
        ... new code, per this question, goes here ...

编辑:Gunnar 的解决方案很棒,但仍有其他文件是多余的。例如所有 .js 文件,以及主目录中的一些 .png 文件。

编辑:Gunnar 修改后的解决方案解决了所有问题,仅 17.04 桌面文档网页就可以节省 3326 个文件。

参考资料:
html 编译 Makefile。(见最后的install部分。)
整个项目代码
构建过程
网站 .htaccess 文件。Gunnar 的回答依赖于语言回退。

compiling
Martin Hope
Doug Smythies
Asked: 2016-02-07 13:54:19 +0800 CST
  • 5

对于源英文文件位于 docbook xml 中的官方 Ubuntu 文档,要求仅使用 ASCII 字符。我们使用“检查器”命令行(参见此处)。

grep --color='auto' -P -n "[\x80-\xFF]" *.xml

但是,该命令有一个缺陷,显然不是在所有计算机上,它都会遗漏一些带有非 ASCII 字符的行,从而可能导致错误的 OK 结果。

有人对 ASCII 检查器命令行有更好的建议吗?

有兴趣的人可以考虑使用这个文件(文本文件,而不是 docbook xml 文件)作为测试用例。非 ASCII 字符的前三行是第 9、14 和 18 行。检查中遗漏了第 14 和 18 行:

$ grep --color='auto' -P -n "[\x80-\xFF]" install.en.txt | head -13
9:Appendix F, GNU General Public License.
330:when things go wrong. The Installation Howto can be found in Appendix A,
337:Chapter 1. Welcome to Ubuntu
359:1.1. What is Ubuntu?
394:1.1.1. Sponsorship by Canonical
402:1.2. What is Debian?
456:1.2.1. Ubuntu and Debian
461:1.2.1.1. Package selection
475:1.2.1.2. Releases
501:1.2.1.3. Development community
520:1.2.1.4. Freedom and Philosophy
534:1.2.1.5. Ubuntu and other Debian derivatives
555:1.3. What is GNU/Linux?
command-line
Martin Hope
Doug Smythies
Asked: 2015-05-26 15:56:11 +0800 CST
  • 16

我几乎经常使用Ubuntu 内核 PPA中的内核,或者我自己编译的内核,使用 Ubuntu 内核配置。

问题是,当我使用标准内核时,它似乎默认使用可预测的网络接口名称(即“p4p1”),但当我使用任何备用内核时,它似乎默认使用旧方法(即“eth0”)。

虽然与这个问题并不相关,但我的测试计算机出现硬盘故障,正在重新安装 Ubuntu Server 14.04.2。

我无法确定内核之间的区别。我怀疑是内核配置参数,但无法确定是哪一个。

我的问题:如何使可预测的网络接口名称在所有内核中一致地工作?

附加说明:我在某处看到禁用可预测的网络接口名称以将其添加到 grub:

GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 biosdevname=0"

所以,我认为相反的做法可能会有所帮助:

GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=1 biosdevname=1"

但这没有什么区别。实际上,无论设置如何,我都无法让非库存内核使用 biosdevname。而且/etc/udev/rules.d/70-persistent-net.rules无论net.ifnames. 如果我有net.ifnames=1,那么至少非库存内核不会生成不正确的/etc/udev/rules.d/70-persistent-net.rules文件。

摘录自/var/log/udev
库存内核:

KERNEL[9.216730] add      /devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/p4p1 (net)
ACTION=add
DEVPATH=/devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/p4p1
IFINDEX=2
INTERFACE=p4p1
SEQNUM=1945
SUBSYSTEM=net
...
UDEV  [9.241073] add      /devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/p4p1 (net)
ACTION=add
DEVPATH=/devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/p4p1
ID_BUS=pci
ID_MODEL_FROM_DATABASE=P8P67 and other motherboards
ID_MODEL_ID=0x8168
ID_NET_NAME_MAC=enxf46d04652d8e
ID_NET_NAME_PATH=enp3s0
ID_OUI_FROM_DATABASE=ASUSTek COMPUTER INC.
ID_PCI_CLASS_FROM_DATABASE=Network controller
ID_PCI_SUBCLASS_FROM_DATABASE=Ethernet controller
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Co., Ltd.
ID_VENDOR_ID=0x10ec
IFINDEX=2
INTERFACE=p4p1

来自 Ubuntu PPA 内核 4.1RC5:

KERNEL[10.772566] add      /devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/eth0 (net)
ACTION=add
DEVPATH=/devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/eth0
IFINDEX=2
INTERFACE=eth0
SEQNUM=1962
SUBSYSTEM=net
...
UDEV  [11.185866] add      /devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/eth0 (net)
ACTION=add
DEVPATH=/devices/pci0000:00/0000:00:1c.4/0000:03:00.0/net/eth0
ID_BUS=pci
ID_MODEL_FROM_DATABASE=P8P67 and other motherboards
ID_MODEL_ID=0x8168
ID_NET_NAME_MAC=enxf46d04652d8e
ID_NET_NAME_PATH=enp3s0
ID_OUI_FROM_DATABASE=ASUSTek COMPUTER INC.
ID_PCI_CLASS_FROM_DATABASE=Network controller
ID_PCI_SUBCLASS_FROM_DATABASE=Ethernet controller
ID_VENDOR_FROM_DATABASE=Realtek Semiconductor Co., Ltd.
ID_VENDOR_ID=0x10ec
IFINDEX=2
INTERFACE=eth0
SEQNUM=1962
SUBSYSTEM=net
USEC_INITIALIZED=3227

/etc/udev/rules.d/70-persistent-net.rules注意:我通过允许创建一个文件,然后编辑它以获得正确的设备名称,暂时解决了这个问题。最终,我想摆脱该文件。

14.04