Posted on 2012-11-27 17:16
Milo的海域 閱讀(666)
評(píng)論(0) 編輯 收藏 所屬分類:
Linux
今天有同事反應(yīng)一個(gè)網(wǎng)絡(luò)現(xiàn)象,一個(gè)多網(wǎng)卡環(huán)境,發(fā)給eth1的數(shù)據(jù)包都被eth0接收了。
第一印象是arp的問題。Google了下得到了確認(rèn),有個(gè)相關(guān)的kernal參數(shù):
arp_ignore - INTEGER
Define different modes for sending replies in response to
received ARP requests that resolve local target IP addresses:
0 - (default): reply for any local target IP address, configured
on any interface
1 - reply only if the target IP address is local address
configured on the incoming interface
2 - reply only if the target IP address is local address
configured on the incoming interface and both with the
sender's IP address are part from same subnet on this interface
3 - do not reply for local addresses configured with scope host,
only resolutions for global and link addresses are replied
4-7 - reserved
8 - do not reply for all local addresses
默認(rèn)是0,解決這個(gè)問題需要配置為1
臨時(shí)配置下
sysctl -w net.ipv4.conf.all.arp_ignore=1
持久配置
sysctl -w net.ipv4.conf.all.arp_ignore=1
echo 'net.ipv4.conf.all.arp_ignore=1' >> /etc/sysctl.conf
這個(gè)弄好可以重啟network服務(wù)來確保其他機(jī)器更新arp cache,如果不方便重啟network,自己手動(dòng)敲arping命令,比如
arping -q -A -c 1 -I eth1 10.197.24.177
這個(gè)命令是在 /etc/sysconfig/network-scripts/ifup-eth里看到的
如果機(jī)器比較少,也可以直接用arp -d 來刪除相關(guān)的cache,建議上面的那種發(fā)廣播的方式。