我想使用笔记本上的读卡器,但是驱动只有 5.x 的支持,因此想安装 Ubuntu lts 设置设备直通,但是卡在第一步,虚拟机无法联网。全部默认配置,使用默认的 ‘default’: NAT,但是无法虚拟机内无法联网 
。
有遇到同样问题的吗? 我还试了 cachyos 上的 virt-manager 默认配置一样无法联网,但是能 ping bing.com 可以 ping 通。
cat /etc/resolv.conf 看看。
Ubuntu 上好像是被 systemd 管理的
ubuntu@ubuntu:~$ cat /etc/resolv.conf
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search .
虽然不能联网但是我可以 ping 通, 貌似是因为虚拟机总是会使用 ipv6
ubuntu@ubuntu:~$ ping bing.com
PING bing.com (150.171.28.10) 56(84) bytes of data.
64 bytes from 150.171.28.10 (150.171.28.10): icmp_seq=1 ttl=109 time=78.3 ms
64 bytes from 150.171.28.10 (150.171.28.10): icmp_seq=2 ttl=109 time=79.5 ms
64 bytes from 150.171.28.10 (150.171.28.10): icmp_seq=3 ttl=109 time=80.2 ms
64 bytes from 150.171.28.10 (150.171.28.10): icmp_seq=4 ttl=109 time=81.2 ms
^C
--- bing.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 78.288/79.785/81.159/1.045 ms
ubuntu@ubuntu:~$
这是 apt update 的情况,无法工作,我这里运营商并没有 ipv6
那你 resolvectl 看看。
ubuntu@ubuntu:~$ resolvectl status
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (enp1s0)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.122.1
DNS Servers: 192.168.122.1
ubuntu@ubuntu:~$
这个地址你 ping 得通吗?dig @192.168.122.1 www.baidu.com 能成功吗?
你的 nameserver 为什么是这个?这明显不对啊。
systemd-resolved 的监听地址就是这个
你试试跑一下命令 nslookup www.163.com
ubuntu@ubuntu-Standard-PC-Q35-ICH9-2009:~$ dig @192.168.122.1 www.baidu.com
; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> @192.168.122.1 www.baidu.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43723
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 803 IN CNAME www.a.shifen.com.
www.a.shifen.com. 83 IN A 39.156.70.46
www.a.shifen.com. 83 IN A 39.156.70.239
;; Query time: 10 msec
;; SERVER: 192.168.122.1#53(192.168.122.1) (UDP)
;; WHEN: Sun Aug 17 18:53:56 CST 2025
;; MSG SIZE rcvd: 101
返回的 ip 地址是对的
ubuntu@ubuntu-Standard-PC-Q35-ICH9-2009:~$ nslookup www.163.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.163.com canonical name = www.163.com.163jiasu.com.
www.163.com.163jiasu.com canonical name = www.163.com.w.kunluncan.com.
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.240
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.239
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.236
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.235
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.238
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.237
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.241
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.234
Name: www.163.com.w.kunluncan.com
Address: 2409:8c15:2811:100c:103::7fa
Name: www.163.com.w.kunluncan.com
Address: 2409:8c15:2811:100c:103::7fb
我这里根本没有 ipv6,但是会返回 ipv6,而且 ipv6 已经被我在设置里禁用掉了
宿主机器也是这样的
┬─[cattial@cachyos:~]─[19 时 01 分 37 秒]
╰─>$ nslookup www.163.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.163.com canonical name = www.163.com.163jiasu.com.
www.163.com.163jiasu.com canonical name = www.163.com.w.kunluncan.com.
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.235
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.240
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.239
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.236
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.237
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.234
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.241
Name: www.163.com.w.kunluncan.com
Address: 36.131.158.238
Name: www.163.com.w.kunluncan.com
Address: 2409:8c15:2811:100c:103::7fb
Name: www.163.com.w.kunluncan.com
Address: 2409:8c15:2811:100c:103::7fa
不知道为什么虚拟机里面会优先使用 ipv6,比如说在使用 apt 时
buntu@ubuntu-Standard-PC-Q35-ICH9-2009:~$ sudo apt update
[sudo] password for ubuntu:
0% [Connecting to cn.archive.ubuntu.com (2403:2c80:5::6)] [Connecting to security
它觉得你的 IPv6 是通的(而且确实通向某个地方了),看看 ip -6 a 和 ip -6 r。
可以修改 /etc/gai.conf 让 IPv4 优先。
应该是默认的安装脚本的问题,我在这里 archlinux bbs 找到了解决方法
tldr
echo firewall_backend=iptables >> /etc/libvirt/network.conf
本主题在最后一个回复创建后60分钟后自动锁定。不再允许添加新回复。