0

我最近设置了 proxmox VE 6.2

我有两个网络适配器,一个是 LAN 网络,另一个是 WAN 网络(USB RNDIS)

我已经将 pfSense 设置为 VM,就像在 netgate 文档中一样,我使用这两个物理网卡为 WAN 和 LAN 创建了两个网桥。

一切正常,pfSense 按预期工作,所有局域网客户端都可以通过 pfSense VM 完美访问互联网。

但问题是,proxmox 无法发出 HTTP 请求,我知道这很奇怪。它可以成功访问互联网,就像我可以对 1.1.1.1 或任何公共可用 IP 进行 ping 操作一样。

我试过这样

curl -vvv google.com

这是我得到的输出,这是卡住的地方,所有 HTTP 连接的行为方式都相同

* Trying 216.58.197.46...
* TCP_NODELAY set
* Expire in 149896 ms for 3 (transfer 0x55772a88ddc0)
* Expire in 200 ms for 4 (transfer 0x55772a88ddc0)
* Connected to google.com (216.58.197.46) port 80 (#0)
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.64.0
> Accept: */*

它卡在那里并在一段时间后超时。也无法进行apt更新。它似乎已连接,但无法收到回复。

这是 ping 响应

平 1.1.1.1

PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=75.4 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=74.7 ms

那里没有问题。

这是一个非常奇怪的问题,我以前从未遇到过。

ip路由列表

default via 192.168.0.1 dev vmbr0 onlink
192.168.0.0/24 dev vmbr0 proto kernel scope link src 192.168.0.114
192.168.1.0/24 dev vmbr2 proto kernel scope link src 192.168.1.102

ipa

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp14s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UP group default qlen 1000
link/ether 3c:07:71:55:54:6e brd ff:ff:ff:ff:ff:ff
3: enx0c5b8f279a64: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr2 state UNKNOWN group default qlen 1000
link/ether 0c:5b:8f:27:9a:64 brd ff:ff:ff:ff:ff:ff
4: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 3c:07:71:55:54:6e brd ff:ff:ff:ff:ff:ff
inet 192.168.0.114/24 brd 192.168.0.255 scope global vmbr0
valid_lft forever preferred_lft forever
inet6 fe80::3e07:71ff:fe55:546e/64 scope link
valid_lft forever preferred_lft forever
5: vmbr2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 0c:5b:8f:27:9a:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.102/24 brd 192.168.1.255 scope global dynamic vmbr2
valid_lft 84813sec preferred_lft 84813sec
inet6 fe80::e5b:8fff:fe27:9a64/64 scope link
valid_lft forever preferred_lft forever
6: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr0 state UNKNOWN group default qlen 1000
link/ether 5a:1e:56:2a:0d:fe brd ff:ff:ff:ff:ff:ff
7: tap100i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master vmbr2 state UNKNOWN group default qlen 1000
link/ether a2:fe:d5:1d:43:8f brd ff:ff:ff:ff:ff:ff

iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Proxmox IP - 192.168.0.114(静态配置)

pfSense 网关 IP - 192.168.0.1

WAN(内部 IP) - 192.168.1.101

vmbr0 - LAN 网桥 vmbr2 - WAN 网桥

4

1 回答 1

0

您可能应该禁用硬件校验和卸载。这在虚拟化硬件上对我有用。(HVM)。

看到这篇文章: https ://askubuntu.com/questions/597894/can-ping-but-cannot-wget-on-host-with-bridge-interface

于 2020-11-27T02:17:07.397 回答