如何配置linux路由以将数据包从一个接口发送出去，通过网桥发送到同一盒中的另一个接口 [英] How can configure linux routing to send packets out one interface, over a bridge and into another interface on the same box

问题描述

我正在尝试测试以太网桥接设备.我在Linux机器上有多个以太网端口.我想将数据包从一个接口(例如，IP0为192.168.1.1的eth0)发送到同一子网中的另一个接口(例如，IP1为192.168.1.2的eth1).

I'm trying to test a ethernet bridging device. I have multiple ethernet ports on a linux box. I would like to send packets out one interface, say eth0 with IP 192.168.1.1, to another interface, say eth1 with IP 192.168.1.2, on the same subnet.

我意识到通常您不会在同一子网中配置两个接口，并且如果您这样做，内核将直接路由至每个接口，而不是通过有线方式.我该如何改写此行为，以使到192.168.1.2的流量从192.168.1.1接口发出，反之亦然?

I realize that normally you don't configure two interfaces on the same subnet, and if you do the kernel routes directly to each interface, rather than over the wire. How can I override this behavior, so that traffic to 192.168.1.2 goes out the 192.168.1.1 interface, and visa-versa?

提前谢谢！

推荐答案

这是一个猜测，但我希望它朝着正确的方向发展.

This is a guess, but I hope it is in the right direction.

根据以下内容制作更具体的路由表条目:

Make more-specific routing table entries, along the lines of:

route add -host 192.168.1.2 dev eth0
route add -host 192.168.1.1 dev eth1

对于两个界面，您可能还需要摆弄accept_local配置- -或all设置. (启用此功能可能会使您的计算机更容易受到IP源欺骗攻击；请确保在其他地方具有良好的入口防火墙规则以防止故障.)(有关我在说什么，请参阅sysctl -a | grep accept_local.)

You may also need to fiddle with the accept_local configuration for both interfaces -- or the all setting. (Turning this on may make your machine more susceptible to IP source spoofing attacks; be sure you have good ingress firewall rules elsewhere to prevent trouble.) (See sysctl -a | grep accept_local for what I'm talking about.)

这篇关于如何配置linux路由以将数据包从一个接口发送出去，通过网桥发送到同一盒中的另一个接口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！