dhcp – 通过tcpdump在数据包捕获(Linux)中未显示VLAN标记

我在eth0上添加了一个标记的VLAN:
#ip link add link eth0 name eth0.20 type vlan id 20

这导致:

#ip link
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
 link/ether 9c:c7:a6:95:65:1c brd ff:ff:ff:ff:ff:ff
....
12: eth0.20@eth0: <BROADCAST,LOWER_UP> mtu 1500 qdisc noqueue state UP
 link/ether 9c:c7:a6:95:65:1c brd ff:ff:ff:ff:ff:ff

#ip -d link show eth0.20
70: eth0.20@eth0: <BROADCAST,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether 9c:c7:a6:95:65:1c brd ff:ff:ff:ff:ff:ff
    vlan id 20 <REORDER_HDR>

#cat /proc/net/vlan/config
VLAN Dev name    | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.234       | 234  | eth0
eth0.20        | 20  | eth0

现在我开始dhclient:

#dhclient -d -v -1 eth0.20

我在tcpdump中看到的是一个未标记的DHCP发现帧:

#tcpdump -i eth0 -XX
0x0000:  ffff ffff ffff 9cc7 a695 651c 0800 4500 
                                       ^^^^

为什么没有标记?

似乎使用802.1q模块:

#lsmod | grep 8021q
8021q                  28324  0
garp                   14311  1 8021q

(OS:SLES11SP2内核3.0.13-0.27-默认)

BTW其他流量也没有标记(至少tcpdump没有显示)…

10月16日更新

# tcpdump -Uw - | tcpdump -i eth0 -en -r - &
[1] 7310
 # tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: listening on eth0,link-type EN10MB (Ethernet),capture size 96 bytes

 # dhclient -d -v -1 eth0.20
Internet Systems Consortium DHCP Client 4.2.3-P2
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info,please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0.20/9c:c7:a6:95:65:1c
Sending on   LPF/eth0.20/9c:c7:a6:95:65:1c
Sending on   Socket/fallback
DHCPDISCOVER on eth0.20 to 255.255.255.255 port 67 interval 3
reading from file -,link-type EN10MB (Ethernet)
18:49:14.437882 9c:c7:a6:95:65:1c > ff:ff:ff:ff:ff:ff,ethertype IPv4 (0x0800),length 347: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP,Request from 9c:c7:a6:95:65:1c,length 305
                                                                       ^^^^^^

所以,这里仍然没有显示标签.

但实际上,在运行dhclient时,/ proc / net / dev中eth0.20的传输计数器确实会增加…

解决方法

由于VLAN加速,您无法在i686 / x86_64体系结构上看到来自tcpdump -i eth0输出的VLAN标记. VLAN层将由内核过滤,因此它总是看起来没有标记.请参考 Bug 498981 – tcpdump cannot deal with 802.1q vlan tag

根据您的情况,您可以通过以下方式获取VLAN标记:

tcpdump -i eth0 -Uw - | tcpdump -en -r - vlan 20

您应该看到以下输出:

<timestamp> <mac-addr-of-eth0> > Broadcast,ethertype 802.1Q (0x8100),length 346: vlan 20,p 0,ethertype IPv4,0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP

相关文章

文章浏览阅读1.8k次,点赞63次,收藏54次。Linux下的目录权限...
文章浏览阅读1.6k次,点赞44次,收藏38次。关于Qt的安装、Wi...
本文介绍了使用shell脚本编写一个 Hello
文章浏览阅读1.5k次,点赞37次,收藏43次。【Linux】初识Lin...
文章浏览阅读3k次,点赞34次,收藏156次。Linux超详细笔记,...
文章浏览阅读6.8k次,点赞109次,收藏114次。【Linux】 Open...