LXC網路路由問題

LXC網路路由問題

我有一個在 Proxmox 上運行 Ubuntu 22.04 的 LXC,我正在嘗試將其遷移到運行 Debian 12 的新 LXC。

運行完全相同的 LXC 配置會導致與容器的初始 SSH 連線需要幾分鐘或更長時間才能成功:

$ ssh [email protected] -vvv 2>&1 | ts -s
00:00:00 OpenSSH_9.4p1, OpenSSL 3.1.2 1 Aug 2023
00:00:00 debug1: Reading configuration data /home/myuser/.ssh/config
00:00:00 debug3: /home/myuser/.ssh/config line 1: Including file /home/myuser/.ssh/config.d/hosts depth 0
00:00:00 debug1: Reading configuration data /home/myuser/.ssh/config.d/hosts
00:00:00 debug1: /home/myuser/.ssh/config line 9: Applying options for *
00:00:00 debug1: Reading configuration data /etc/ssh/ssh_config
00:00:00 debug1: /etc/ssh/ssh_config line 2: include /etc/ssh/ssh_config.d/*.conf matched no files
00:00:00 debug2: resolve_canonicalize: hostname 10.11.20.203 is address
00:00:00 debug3: ssh_connect_direct: entering
00:00:00 debug1: Connecting to 10.11.20.203 [10.11.20.203] port 22.
00:00:00 debug3: set_sock_tos: set socket 3 IP_TOS 0x48
00:00:00 debug1: Connection established.
00:00:00 debug1: identity file /home/myuser/.ssh/keys/id_ed25519 type 3
00:00:00 debug1: identity file /home/myuser/.ssh/keys/id_ed25519-cert type -1
00:00:00 debug1: Local version string SSH-2.0-OpenSSH_9.4
[... STUCK for 1:34 minutes ...]
00:01:34 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.2p1 Debian-2
[... CONTINUES SUCCESSFULLY...]

LXC 設定檔是相同的(vmid、mac 位址和主機名稱除外):

arch: amd64
cores: 2
features: fuse=1,mount=nfs,nesting=1
hostname: debian
memory: 4096
nameserver: 10.11.20.1
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=82:1A:03:83:29:E7,ip=dhcp,ip6=dhcp,tag=20,type=veth
onboot: 0
ostype: debian
rootfs: local-lvm:vm-130-disk-0,size=10G
swap: 0

經過一些調試,我注意到 Ubuntu LXC 和 Debian LXC 之間的 IP 配置和路由表有以下差異:

Ubuntu LXC:

root@ubuntu:~# ip a show eth0
2: eth0@if62: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 6a:e8:9f:55:d3:64 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.11.20.30/24 metric 1024 brd 10.11.20.255 scope global dynamic eth0
       valid_lft 4640sec preferred_lft 4640sec
    inet6 fe80::68e8:9fff:fe55:d364/64 scope link
       valid_lft forever preferred_lft forever

root@ubuntu:~# ip route
default via 10.11.20.1 dev eth0 proto dhcp src 10.11.20.30 metric 1024
10.11.20.0/24 dev eth0 proto kernel scope link src 10.11.20.30 metric 1024
10.11.20.1 dev eth0 proto dhcp scope link src 10.11.20.30 metric 1024

Debian LXC:

root@debian:/# ip a show eth0
2: eth0@if91: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 82:1a:03:83:29:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.11.20.203/24 brd 10.11.20.255 scope global dynamic eth0
       valid_lft 5020sec preferred_lft 5020sec
    inet6 fe80::801a:3ff:fe83:29e7/64 scope link
       valid_lft forever preferred_lft forever

root@debian:/# ip route
default via 10.11.20.1 dev eth0
10.11.20.0/24 dev eth0 proto kernel scope link src 10.11.20.203

將相同的路由應用到 Debian 容器後,一切似乎都有效:

$ ip route del default via 10.11.20.1 dev eth0
$ ip route del 10.11.20.0/24 dev eth0 proto kernel scope link src 10.11.20.203

$ ip route add default via 10.11.20.1 dev eth0 proto dhcp src 10.11.20.203 metric 1024
$ ip route add 10.11.20.0/24 dev eth0 proto kernel scope link src 10.11.20.203 metric 1024
$ ip route add 10.11.20.1 dev eth0 proto dhcp scope link src 10.11.20.203 metric 1024

由於我有限的網路知識,有人可以解釋一下出了什麼問題嗎?

我是否應該採取任何其他步驟來設定 Debian 容器,而無需手動修改網路配置?

相關內容