服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Ping到IPv4工作,但IPv6不
Intereting Posts
Web 2.0在线networking图图像生成器 如何将客户端的CPU核心速度提高到最大的Citrix Xenserver主机 Apache:从http.conf移动到apache2.conf 使用带有SSL VPN的令牌 保护邮件从pipe理员 – Office 365 将所有stream量redirect到NAT后面的指定主机 什么是保护专有服务器到客户现场的最佳实践? HTTPS唯一的网站 删除多个configuration文件 在硬重启之后,解决过时的pidfile问题会杀死我的守护进程 Linux:将两个以太网连接桥接在一起,以允许第二个主机连接到第一个networking Web服务器显示IP地址而不是域名 Apachedynamic别名 负载平衡 – 会话的粘性 在INPUT链中使用检查conntrack状态

Ping到IPv4工作,但IPv6不

我有一个托pipe的VPS在arch linux上运行。 我正试图从这个服务器进行传出连接,但所有这些都失败了。 经过一些debugging,我发现连接失败的原因是我的服务器无法访问IPv6地址。 Ping到IPv4地址工作,但不到IPv6。 这里是一个例子。 

[root@li863-18 /]# nslookup google.com Server: 103.3.60.20 Address: 103.3.60.20#53 Non-authoritative answer: Name: google.com Address: 74.125.68.100 Name: google.com Address: 74.125.68.102 Name: google.com Address: 74.125.68.113 Name: google.com Address: 74.125.68.139 Name: google.com Address: 74.125.68.138 Name: google.com Address: 74.125.68.101 Name: google.com Address: 2404:6800:4003:c02::8a [root@li863-18 /]# ping 74.125.68.100 PING 74.125.68.100 (74.125.68.100) 56(84) bytes of data. 64 bytes from 74.125.68.100: icmp_seq=1 ttl=50 time=1.20 ms 64 bytes from 74.125.68.100: icmp_seq=2 ttl=50 time=1.32 ms 64 bytes from 74.125.68.100: icmp_seq=3 ttl=50 time=1.41 ms ^C --- 74.125.68.100 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 1.200/1.311/1.414/0.097 ms [root@li863-18 /]# [root@li863-18 /]# ping 2404:6800:4003:c02::8a PING 2404:6800:4003:c02::8a(2404:6800:4003:c02::8a) 56 data bytes ^C --- 2404:6800:4003:c02::8a ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 6070ms

我的networkingconfiguration。 我已经运行命令ip asip -6 rscat /etc/resolv.conf

 [root@li863-18 /]# ip as 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 link/ether ea:46:ac:25:5b:a3 brd ff:ff:ff:ff:ff:ff inet6 fe80::99c7:bfde:3127:700c/64 scope link valid_lft forever preferred_lft forever 3: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether f2:3c:91:e4:50:68 brd ff:ff:ff:ff:ff:ff inet 139.162.21.18/24 brd 139.162.21.255 scope global ens4 valid_lft forever preferred_lft forever inet6 2400:8901::f914:4433:e826:6f2a/64 scope global mngtmpaddr noprefixroute dynamic valid_lft 2592000sec preferred_lft 604800sec inet6 fe80::f03c:91ff:fee4:5068/64 scope link valid_lft forever preferred_lft forever 4: teql0: <NOARP> mtu 1500 qdisc noop state DOWN group default qlen 100 link/void 5: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1 link/ipip 0.0.0.0 brd 0.0.0.0 6: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1 link/gre 0.0.0.0 brd 0.0.0.0 7: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000 link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 8: ip_vti0@NONE: <NOARP> mtu 1428 qdisc noop state DOWN group default qlen 1 link/ipip 0.0.0.0 brd 0.0.0.0 9: ip6_vti0@NONE: <NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1 link/tunnel6 :: brd :: 10: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1 link/sit 0.0.0.0 brd 0.0.0.0 11: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN group default qlen 1 link/tunnel6 :: brd :: 12: ip6gre0@NONE: <NOARP> mtu 1448 qdisc noop state DOWN group default qlen 1 link/gre6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 [root@li863-18 /]# ip -6 rs 2400:8901::/64 dev ens4 proto kernel metric 203 mtu 1500 pref medium fe80::/64 dev ens4 proto kernel metric 256 pref medium fe80::/64 dev dummy0 proto kernel metric 256 pref medium default via fe80::1 dev ens4 metric 203 mtu 1500 pref medium [root@li863-18 /]# cat /etc/resolv.conf # Generated by resolvconf domain members.linode.com nameserver 103.3.60.20 nameserver 139.162.11.5 nameserver 139.162.13.5

添加traceroute信息。 

 [root@li863-18 /]# traceroute google.com traceroute to google.com (74.125.68.138), 30 hops max, 60 byte packets 1 103.3.60.3 (103.3.60.3) 0.711 ms 0.936 ms 1.085 ms 2 139.162.0.9 (139.162.0.9) 0.638 ms 0.654 ms 139.162.0.13 (139.162.0.13) 0.606 ms 3 15169.sgw.equinix.com (27.111.228.30) 0.827 ms 0.826 ms 0.820 ms 4 108.170.242.66 (108.170.242.66) 1.074 ms 108.170.243.19 (108.170.243.19) 1.122 ms 108.170.240.226 (108.170.240.226) 1.107 ms 5 209.85.243.215 (209.85.243.215) 1.440 ms 209.85.243.241 (209.85.243.241) 20.269 ms 108.170.240.173 (108.170.240.173) 1.702 ms 6 209.85.255.217 (209.85.255.217) 7.835 ms 216.239.51.61 (216.239.51.61) 1.884 ms 209.85.243.209 (209.85.243.209) 1.532 ms 7 216.239.48.73 (216.239.48.73) 4.784 ms 216.239.51.61 (216.239.51.61) 2.075 ms * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * sc-in-f138.1e100.net (74.125.68.138) 1.490 ms 1.653 ms [root@li863-18 /]# traceroute 74.125.68.138 traceroute to 74.125.68.138 (74.125.68.138), 30 hops max, 60 byte packets 1 103.3.60.3 (103.3.60.3) 0.889 ms 0.868 ms 1.311 ms 2 139.162.0.9 (139.162.0.9) 0.709 ms 139.162.0.13 (139.162.0.13) 0.650 ms 139.162.0.9 (139.162.0.9) 0.687 ms 3 139.162.0.18 (139.162.0.18) 0.658 ms 15169.sgw.equinix.com (27.111.228.30) 0.727 ms 139.162.0.18 (139.162.0.18) 0.625 ms 4 15169.sgw.equinix.com (27.111.228.30) 0.715 ms 108.170.240.226 (108.170.240.226) 1.488 ms 108.170.240.162 (108.170.240.162) 6.201 ms 5 108.170.240.236 (108.170.240.236) 1.202 ms 108.170.242.71 (108.170.242.71) 1.114 ms 216.239.42.47 (216.239.42.47) 1.688 ms 6 209.85.255.80 (209.85.255.80) 3.119 ms 209.85.243.241 (209.85.243.241) 2.212 ms 209.85.242.221 (209.85.242.221) 1.597 ms 7 209.85.255.80 (209.85.255.80) 7.597 ms 1.422 ms 72.14.236.130 (72.14.236.130) 10.235 ms 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * sc-in-f138.1e100.net (74.125.68.138) 1.869 ms 1.878 ms [root@li863-18 /]# traceroute 2404:6800:4003:c02::64 traceroute to 2404:6800:4003:c02::64 (2404:6800:4003:c02::64), 30 hops max, 80 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * *

任何指针,为什么这是这种情况。 除非绝对必要,否则我不想通过内核禁用IPv6地址。

看起来你正在尝试在Linode在多个客户间共享的/64上使用一个隐私地址(RFC 3972,RFC 4941或RFC 7217)。

默认情况下,Linode机器将根据数据中心内所有客户共享的链路/64内的MAC地址分配一个IPv6地址。 Linode已采取措施防止IP欺骗。 这意味着你甚至不会看到这个段中的其他IP地址的邻居发现数据包。

出于这个原因,隐私地址不起作用。 请尝试使用基于您的MAC地址的IPv6地址。 在你的情况下,IPv6地址将是2400:8901::f03c:91ff:fee4:5068

如果你需要一个以上的地址,你可以申请一个票据来请求路由/64这是不会被共享的。