我试图在我的桌面ubuntu机器上试验一个vlan接口.桌面只有一个连接到公司LAN的单一接口(eth0).使用vconfig创建vlan接口后,在接口上运行wireshark并不会将传出的数据包显示为vlan标记.这是我做的:
$ifconfig
eth0 Link encap:Ethernet HWaddr 84:2b:2b:87:2c:87
inet addr:192.168.0.126 Bcast:192.168.0.255 Mask:255.255.255.0
etc...
然后我添加了vlan界面:
$sudo vconfig add eth0 55
$sudo ifconfig eth0.55 192.168.10.100 netmask 255.255.255.0 up
$sudo ifconfig eth0.55 mtu 1412
$ifconfig -a
eth0 Link encap:Ethernet HWaddr 84:2b:2b:87:2c:87
inet addr:192.168.0.126 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::862b:2bff:fe87:2c87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12195 errors:0 dropped:0 overruns:0 frame:0
TX packets:7435 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6831057 (6.8 MB) TX bytes:1138706 (1.1 MB)
Interrupt:18
eth0.55 Link encap:Ethernet HWaddr 84:2b:2b:87:2c:87
inet addr:192.168.10.100 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::862b:2bff:fe87:2c87/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1412 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:168 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:23515 (23.5 KB)
到目前为止一直很好..这是其他相关信息:
$sudo cat /proc/net/vlan/eth0.55
eth0.55 VID: 55 REORDER_HDR: 1 dev->priv_flags: 1
total frames received 0
total bytes received 0
Broadcast/Multicast Rcvd 0
total frames transmitted 170
total bytes transmitted 23697
Device: eth0
INGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
EGRESS priority mappings:
$sudo iptables -L -v
Chain INPUT (policy ACCEPT 3317 packets,2230K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets,0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1528 packets,189K bytes)
pkts bytes target prot opt in out source destination
$route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.55
现在我尝试ping 192.168.10.xx范围内的一些不存在的机器:
$ping -I eth0.55 192.168.10.101
但是,当使用wireshark或tcpdump捕获此接口时,我看到正在发送的正常arp消息.它们不是vlan标记的. (我的兴趣在于首先看看我是否可以从我的机器中获取vlan数据包.稍后将使用实际的vlans进行处理).我也可以从同一台机器上的vBox VM ping eth0.55接口.
$sudo /usr/sbin/tcpdump -vv -i eth0.55 tcpdump: listening on eth0.55,link-type EN10MB (Ethernet),capture size 65535 bytes 11:55:52.625984 ARP,Ethernet (len 6),IPv4 (len 4),Request who-has 192.168.10.101 tell 192.168.10.100,length 28 11:55:53.625983 ARP,length 28
我甚至尝试过set_flag命令,但仍然是禁止的:
$sudo vconfig set_flag eth0.55 0
我错过了什么?
解决方法
这是一个类似的问题:
VLAN tags not shown in packet capture (Linux) via tcpdump
实际上你所看到的是在使用tcpdump时由内核过滤的数据包,其中vlan层被删除所以它总是看起来像无标记.
你已经看到通过/proc/net/vlan/eth0.55转移了帧,所以效果很好.
根据您的情况,使用此命令查看VLAN标记:
tcpdump -Uw - | tcpdump -i eth0 -en -r - vlan 55
