使用keepalived设置vip的时候,发现vip无法连接,经查是出现了ip地址冲突,使用了一个在用的ip作为了vip,但是这个ip其实ping不通,因为目标机禁用了ping,也即是丢弃了ICMP包。
一、那么怎么检测IP地址是否已经被占用呢?
1、ping
如果ip未占用,ping的返回如下:
ping 10.10.10.225
PING 10.10.10.225 (10.10.10.225) 56(84) bytes of data.
From 10.10.10.125 icmp_seq=1 Destination Host Unreachable
From 10.10.10.125 icmp_seq=2 Destination Host Unreachable
From 10.10.10.125 icmp_seq=3 Destination Host Unreachable
From 10.10.10.125 icmp_seq=4 Destination Host Unreachable
如果ip地址被占用,但对方禁用了ping包:
ping 10.10.10.215
PING 10.10.10.215 (10.10.10.215) 56(84) bytes of data.
^C
--- 10.10.10.215 ping statistics ---
35 packets transmitted, 0 received, 100% packet loss, time 33998ms
2、arping
如果ip地址未被占用,返回:
arping -I eth0 -f 10.10.10.225
ARPING 10.10.10.225 from 10.10.10.125 wlp2s0
^CSent 16 probes (16 broadcast(s))
Received 0 response(s)
如果ip地址被占用,返回:
arping -I eth0 -f 10.10.10.215
ARPING 10.10.10.215 from 10.10.10.125 eth0
Unicast reply from 10.10.10.215 [80:A3:21:36:25:C0] 3.542ms
Sent 1 probes (1 broadcast(s))
Received 1 response(s)
3、arp-scan
Releases · royhills/arp-scan · GitHub
可以扫描出局域网内所有的ip地址和对应的mac,从中也可以查出局域网内重复的ip地址。
arp-scan -I eth0 10.10.10.0/24
Interface: eth0, type: EN10MB, MAC: 22:7d:57:e1:2f:6f, IPv4: 10.10.10.125
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
10.10.10.1 03:74:9c:d1:62:65 Ruijie Networks Co.,LTD
10.10.10.2 44:0b:35:e0:e5:70 Xilinx
10.10.10.3 86:a3:b6:2a:5d:cf (Unknown: locally administered)
10.10.10.4 70:f3:f4:17:b5:34 (Unknown)
10.10.10.5 e1:ca:57:66:74:7b Apple, Inc.
10.10.10.6 b4:22:e2:6c:6a:5e Bull Group Co., Ltd
二、手动添加新vip
ip addr add 10.10.10.225 dev eth0
删除:
ip addr del 10.10.10.225/32 dev eth0
三、本机arp缓存
查看arp缓存:arp -n | grep $ip
清空arp缓存:arp -d $ip