echo 0 > /proc/sys/net/ipv4/conf/ethx/rp_filter
net.ipv4.netfilter.ip_conntrack_max
或者
/etc/sysctl.conf 中添加或者修改如下项
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
/sbin/sysctl -p
如果交换机不支持igmp v3,那设置如下配置
echo 2 > /proc/sys/net/ipv4/conf/ethx/force_igmp_version // 强制使用IGMP v2
可能需要的配置命令:
ifup eth2
ifdown eth2
ifconfig em2 192.168.103.117 netmask 255.255.0.0
route add -net 192.168.103.0 netmask 255.255.255.0 gw 192.168.103.254
route del -net 192.168.103.0 netmask 255.255.255.0
route add default gw 192.168.1.1
查看IGMP协议交互:
tcpdump -i eth0 igmp
tcpdump -s 0 dst port 1156
23:36:14.113877 IP 172.18.0.1 > 224.0.0.1: igmp query v2
23:36:14.230570 IP 192.168.103.117 > 239.0.0.39: igmp v2 report 239.0.0.39
23:36:17.008630 IP 192.168.103.117 > 224.0.0.251: igmp v2 report 224.0.0.251
如果发现没有发送加入组播IGMP,而是以下这种,说明服务器在查找支持IGMP V3的交换机,
这时可以强制使用IGMP v2
23:36:14.113877 IP 172.18.0.1 > 224.0.0.1: igmp query v2
23:36:17.008630 IP 192.168.103.117 > 224.0.0.22: igmp v2 report 224.0.0.22
23:36:17.008630 IP 192.168.103.117 > 224.0.0.22: igmp v2 report 224.0.0.22