装有docker的虚拟机环境ping宿主机失败

当我用docker network create 创建了一个网络后

[root@localhost ~]# docker network create kong-net
5c035564f9b4649b318b61697dad164f390d8b6a9a82e1819fdd5fe1d15481da
[root@localhost ~]# docker network ls 
NETWORK ID          NAME                DRIVER              SCOPE
9f8bb630299c        bridge              bridge              local
eca5735d38ce        host                host                local
5c035564f9b4        kong-net            bridge              local
3c00ca555c18        none                null                local

发现我的VM Ware虚拟机无法ping通宿主机的网络了,而且报出的错误也很奇怪

[root@localhost ~]# ping 172.17.68.9
PING 172.17.68.9 (172.17.68.9) 56(84) bytes of data.
From 172.17.0.1 icmp_seq=1 Destination Host Unreachable
From 172.17.0.1 icmp_seq=2 Destination Host Unreachable
From 172.17.0.1 icmp_seq=3 Destination Host Unreachable
From 172.17.0.1 icmp_seq=4 Destination Host Unreachable
^C
--- 172.17.68.9 ping statistics ---
7 packets transmitted, 0 received, +4 errors, 100% packet loss, time 6002ms
pipe 4

经过网上查询找到了表面的原因和解决办法。
原因是,路由中多了一个错误的路由,如下:

[root@localhost ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    100    0        0 ens33
10.0.233.0      0.0.0.0         255.255.255.0   U     0      0        0 docker0
10.199.38.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 br-5c035564f9b4
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

其中172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-5c035564f9b4 不应该存在。删除该路由后网络正常

[root@localhost ~]# route del -net 172.17.0.0 netmask 255.255.0.0
[root@localhost ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    100    0        0 ens33
10.0.233.0      0.0.0.0         255.255.255.0   U     0      0        0 docker0
10.199.38.0     0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
[root@localhost ~]# ping 172.17.68.9
PING 172.17.68.9 (172.17.68.9) 56(84) bytes of data.
64 bytes from 172.17.68.9: icmp_seq=1 ttl=61 time=1.38 ms
64 bytes from 172.17.68.9: icmp_seq=2 ttl=61 time=1.40 ms
64 bytes from 172.17.68.9: icmp_seq=3 ttl=61 time=1.40 ms
^C
--- 172.17.68.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 1.388/1.397/1.402/0.006 ms

但是再次创建docker network时依然会出现此问题,到底是什么原因呢?

原因分析

在使用docker network 创建网络时,默认使用了网段为172.17.0.0中的ip地址,该网段与区域网中的网段重复了,导致了网络访问不通。

解决办法

在创建network时指定其他网段,如:

docker network create --subnet=10.199.0.0/16 kong-net
posted @ 2022-10-28 17:21  挎木剑的游侠儿  阅读(281)  评论(0编辑  收藏  举报