环境
eth0需要连接外网,eth1连接内网。实际测试时,发现通过eth0无法ping通外网。
配置文件信息,cat /etc/network/interfaces
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 172.32.11.60
netmask 255.255.255.0
network 172.32.11.1
gateway 172.32.11.1
auto eth1
iface eth1 inet static
address 192.168.254.241
netmask 255.255.255.240
network 192.168.254.241
gateway 192.168.254.241
调试
查看路由表,发现有两个默认网关,eth1的mx6qsabresd.lo(192.168.254.241)和eth0的172.32.11.1
root@imx6qsabresd:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default imx6qsabresd.lo 0.0.0.0 UG 0 0 0 eth1
default 172.32.11.1 0.0.0.0 UG 0 0 0 eth0
172.32.11.0 * 255.255.255.0 U 0 0 0 eth0
192.168.254.240 * 255.255.255.240 U 0 0 0 eth1
路由跟踪外网ip(国内通用DNS地址:114.114.114.114),发现报文没有通过eth0的网关,而是跳到了eth1的网关,然后就停止了
root@imx6qsabresd:~# traceroute 114.114.114.114
traceroute to 114.114.114.114 (114.114.114.114), 30 hops max, 38 byte packets
1 imx6qsabresd.lo.local (192.168.254.241) 2999.070 ms !H 2995.744 ms !H 2999.838 ms !H
解决
1.屏蔽掉eth1
2.删除路由表中eth1的默认网关
3.调整路由表中eth1的默认网关优先级
现在按照方法3解决,在启动脚本中添加
# modify priority of eth1 gateway
gw_eth1=`route -n | grep 'UG' | grep 'eth1' | awk '{print $2}'`
if [ ! $gw_eth1 ]; then
echo "There is not found default gateway on eth1."
else
route del default gw $gw_eth1 dev eth1
route add default gw $gw_eth1 dev eth1 metric 100
fi
脚本解释
route命令是按域名显示网关的,route -n命令会解析对应的域名,按ip数字形式显示。这里需要加上参数-n,因为route del或者route add不能识别eth1的网关域名“imx6qsabresd.lo”,只能识别“192.168.254.241”
root@imx6qsabresd:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.254.241 0.0.0.0 UG 0 0 0 eth1
0.0.0.0 172.32.11.1 0.0.0.0 UG 0 0 0 eth0
172.32.11.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.254.240 0.0.0.0 255.255.255.240 U 0 0 0 eth1
root@imx6qsabresd:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default imx6qsabresd.lo 0.0.0.0 UG 0 0 0 eth1
default 172.32.11.1 0.0.0.0 UG 0 0 0 eth0
172.32.11.0 * 255.255.255.0 U 0 0 0 eth0
192.168.254.240 * 255.255.255.240 U 0 0 0 eth1
root@imx6qsabresd:~# route -n | grep 'UG' | grep 'eth1' | awk '{print $2}'
192.168.254.241
root@imx6qsabresd:~# route | grep 'default' | grep 'eth1' | awk '{print $2}'
imx6qsabresd.lo
路由表中的metric下的数字为路由指定所需跃点数的整数值(范围是1~9999),它用来在路由表里的多个路由中选择与转发包中的目标地址最为匹配的路由。所选的路由具有最少的跃点数。简单来说,metric 值越小,优先级越高。
验证结果
上面修改eth1的默认网关优先级后,metric修改为100
root@imx6qsabresd:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.32.11.1 0.0.0.0 UG 0 0 0 eth0
default imx6qsabresd.lo 0.0.0.0 UG 100 0 0 eth1
172.32.11.0 * 255.255.255.0 U 0 0 0 eth0
192.168.254.240 * 255.255.255.240 U 0 0 0 eth1
路由跟踪外网(www.baidu.com)。注:本机DNS已经验证OK,若DNS没有添加好,则要改成外网的某个ip地址。
root@imx6qsabresd:~# traceroute www.baidu.com
traceroute to www.baidu.com (14.215.177.38), 30 hops max, 38 byte packets
1 172.32.11.1 (172.32.11.1) 2.976 ms 3.899 ms 2.977 ms
2 * * *
3 119.139.196.1 (119.139.196.1) 30.250 ms 2.636 ms 2.032 ms
4 121.34.247.69 (121.34.247.69) 2.013 ms 202.105.153.225 (202.105.153.225) 1.684 ms 2.350 ms
5 202.105.158.34 (202.105.158.34) 5.207 ms 202.105.158.54 (202.105.158.54) 6.393 ms 202.105.158.58 (202.105.158.58) 3.519 ms
6 113.96.4.78 (113.96.4.78) 12.373 ms 113.96.4.118 (113.96.4.118) 5.366 ms 113.96.4.46 (113.96.4.46) 7.555 ms
7 106.96.135.219.broad.fs.gd.dynamic.163data.com.cn (219.135.96.106) 5.493 ms 5.118 ms 5.378 ms
8 14.29.121.190 (14.29.121.190) 4.511 ms 14.215.32.94 (14.215.32.94) 6.072 ms 14.29.121.186 (14.29.121.186) 38.263 ms
9 * * *
10 * * *
上面的报文是从eth0的网关出去的,可以ping通外网了
root@imx6qsabresd:~# ping www.baidu.com
PING www.baidu.com (14.215.177.39): 56 data bytes
64 bytes from 14.215.177.39: seq=0 ttl=55 time=6.247 ms
64 bytes from 14.215.177.39: seq=1 ttl=55 time=5.916 ms
64 bytes from 14.215.177.39: seq=2 ttl=55 time=5.989 ms