Linux
如何讓 IPv6 正常工作?
我的託管服務提供商向我提供了以下資訊:
子網:2a02:f99:0:64::/64
網關:2a02:f99:0:64::1
所以我做了(是
eth3的,是正確的界面)ip addr add 2a02:f99:0:64::2/64 dev eth3 ip -6 route add ::/0 via 2a02:f99:0:64::1 dev eth3但
$ ip -6 neigh show 2a02:f99:0:64::1 dev eth3 FAILED $ ping6 google.com PING google.com(ams16s30-in-x0e.1e100.net) 56 data bytes From 2a02:f99:0:64::2 icmp_seq=1 Destination unreachable: Address unreachable ...我也試過
ip -6 route del ::/0 via 2a02:f99:0:64::1 dev eth3 ip -6 route add ::/0 via fe80::1 dev eth3但這並沒有改變任何東西,仍然無法進入或退出。
我哪裡做錯了?如何讓 IPv6 執行?
2017-07-07 更新:
託管服務提供商堅稱基礎設施很好。
另一台可以訪問同一子網的機器可以綁定地址並通過我認為的路由器廣告 (RA) 建立 IPv6 連接,因為只有
fe80::20a:8bff:fe98:3400網關才能工作,而提供商指定的網關地址不能。然而,這篇文章所涉及的機器仍然無法找到任何鄰居。啟用 RA 似乎也沒有任何效果。
跨兩台機器的交叉連接(在它們的輔助 NIC 上)執行 IPv6 可以立即工作,因此 IPv6 基本上應該對它們都可用(所有粘貼都來自有問題的機器):
PING fe80::62eb:69ff:fed2:a122%eth2(fe80::62eb:69ff:fed2:a122) 56 data bytes 64 bytes from fe80::62eb:69ff:fed2:a122: icmp_seq=1 ttl=64 time=0.224 ms 64 bytes from fe80::62eb:69ff:fed2:a122: icmp_seq=2 ttl=64 time=0.171 ms --- fe80::62eb:69ff:fed2:a122%eth2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms PING fd00:32::3(fd00:32::3) 56 data bytes 64 bytes from fd00:32::3: icmp_seq=1 ttl=64 time=0.286 ms 64 bytes from fd00:32::3: icmp_seq=2 ttl=64 time=0.168 ms --- fd00:32::3 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000msIP 配置如下所示:
2: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state UP qlen 1000 link/ether f0:1f:af:df:c8:7b brd ff:ff:ff:ff:ff:ff inet 85.XX.XX.186/30 brd 85.XX.XX.187 scope global eth3 inet6 2a02:f99:0:64::2/64 scope global valid_lft forever preferred_lft forever inet6 fe80::f21f:afff:fedf:c87b/64 scope link valid_lft forever preferred_lft forever 2a02:f99:0:64::/64 dev eth3 proto kernel metric 256 fd00:32::/32 dev eth2 proto kernel metric 256 fe80::/64 dev eth2 proto kernel metric 256 fe80::/64 dev eth3-ifb proto kernel metric 256 fe80::/64 dev eth3 proto kernel metric 256 default via 2a02:f99:0:64::1 dev eth3 metric 1024鄰居發現只找到介面的鏈路本地地址:
PING ff02::1%eth3(ff02::1) 56 data bytes 64 bytes from fe80::f21f:afff:fedf:c87b: icmp_seq=1 ttl=64 time=0.055 ms 64 bytes from fe80::f21f:afff:fedf:c87b: icmp_seq=2 ttl=64 time=0.076 ms 64 bytes from fe80::f21f:afff:fedf:c87b: icmp_seq=3 ttl=64 time=0.060 ms --- ff02::1%eth3 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms嘗試 ping 網關也會導致:
PING 2a02:f99:0:64::1(2a02:f99:0:64::1) from 2a02:f99:0:64::2 eth3: 56 data bytes From 2a02:f99:0:64::2 icmp_seq=1 Destination unreachable: Address unreachable From 2a02:f99:0:64::2 icmp_seq=2 Destination unreachable: Address unreachable From 2a02:f99:0:64::2 icmp_seq=3 Destination unreachable: Address unreachable --- 2a02:f99:0:64::1 ping statistics --- 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3999ms這是
sysctl -A | grep ipv6吐出來的(我也看不出有什麼問題):net.ipv6.neigh.default.mcast_solicit = 3 net.ipv6.neigh.default.ucast_solicit = 3 net.ipv6.neigh.default.app_solicit = 0 net.ipv6.neigh.default.delay_first_probe_time = 5 net.ipv6.neigh.default.gc_stale_time = 60 net.ipv6.neigh.default.unres_qlen = 3 net.ipv6.neigh.default.proxy_qlen = 64 net.ipv6.neigh.default.anycast_delay = 100 net.ipv6.neigh.default.proxy_delay = 80 net.ipv6.neigh.default.locktime = 0 net.ipv6.neigh.default.retrans_time_ms = 1000 net.ipv6.neigh.default.base_reachable_time_ms = 30000 net.ipv6.neigh.default.gc_interval = 30 net.ipv6.neigh.default.gc_thresh1 = 128 net.ipv6.neigh.default.gc_thresh2 = 512 net.ipv6.neigh.default.gc_thresh3 = 1024 net.ipv6.neigh.lo.mcast_solicit = 3 net.ipv6.neigh.lo.ucast_solicit = 3 net.ipv6.neigh.lo.app_solicit = 0 net.ipv6.neigh.lo.delay_first_probe_time = 5 net.ipv6.neigh.lo.gc_stale_time = 60 net.ipv6.neigh.lo.unres_qlen = 3 net.ipv6.neigh.lo.proxy_qlen = 64 net.ipv6.neigh.lo.anycast_delay = 100 net.ipv6.neigh.lo.proxy_delay = 80 net.ipv6.neigh.lo.locktime = 0 net.ipv6.neigh.lo.retrans_time_ms = 1000 net.ipv6.neigh.lo.base_reachable_time_ms = 30000 net.ipv6.neigh.eth3.mcast_solicit = 3 net.ipv6.neigh.eth3.ucast_solicit = 3 net.ipv6.neigh.eth3.app_solicit = 0 net.ipv6.neigh.eth3.delay_first_probe_time = 5 net.ipv6.neigh.eth3.gc_stale_time = 60 net.ipv6.neigh.eth3.unres_qlen = 3 net.ipv6.neigh.eth3.proxy_qlen = 64 net.ipv6.neigh.eth3.anycast_delay = 100 net.ipv6.neigh.eth3.proxy_delay = 80 net.ipv6.neigh.eth3.locktime = 0 net.ipv6.neigh.eth3.retrans_time_ms = 1000 net.ipv6.neigh.eth3.base_reachable_time_ms = 30000 net.ipv6.neigh.eth2.mcast_solicit = 3 net.ipv6.neigh.eth2.ucast_solicit = 3 net.ipv6.neigh.eth2.app_solicit = 0 net.ipv6.neigh.eth2.delay_first_probe_time = 5 net.ipv6.neigh.eth2.gc_stale_time = 60 net.ipv6.neigh.eth2.unres_qlen = 3 net.ipv6.neigh.eth2.proxy_qlen = 64 net.ipv6.neigh.eth2.anycast_delay = 100 net.ipv6.neigh.eth2.proxy_delay = 80 net.ipv6.neigh.eth2.locktime = 0 net.ipv6.neigh.eth2.retrans_time_ms = 1000 net.ipv6.neigh.eth2.base_reachable_time_ms = 30000 net.ipv6.neigh.eth3-ifb.mcast_solicit = 3 net.ipv6.neigh.eth3-ifb.ucast_solicit = 3 net.ipv6.neigh.eth3-ifb.app_solicit = 0 net.ipv6.neigh.eth3-ifb.delay_first_probe_time = 5 net.ipv6.neigh.eth3-ifb.gc_stale_time = 60 net.ipv6.neigh.eth3-ifb.unres_qlen = 3 net.ipv6.neigh.eth3-ifb.proxy_qlen = 64 net.ipv6.neigh.eth3-ifb.anycast_delay = 100 net.ipv6.neigh.eth3-ifb.proxy_delay = 80 net.ipv6.neigh.eth3-ifb.locktime = 0 net.ipv6.neigh.eth3-ifb.retrans_time_ms = 1000 net.ipv6.neigh.eth3-ifb.base_reachable_time_ms = 30000 net.ipv6.xfrm6_gc_thresh = 2048 net.ipv6.conf.all.forwarding = 0 net.ipv6.conf.all.hop_limit = 64 net.ipv6.conf.all.mtu = 1280 net.ipv6.conf.all.accept_ra = 1 net.ipv6.conf.all.accept_redirects = 1 net.ipv6.conf.all.autoconf = 1 net.ipv6.conf.all.dad_transmits = 1 net.ipv6.conf.all.router_solicitations = 3 net.ipv6.conf.all.router_solicitation_interval = 4 net.ipv6.conf.all.router_solicitation_delay = 1 net.ipv6.conf.all.force_mld_version = 0 net.ipv6.conf.all.use_tempaddr = 0 net.ipv6.conf.all.temp_valid_lft = 604800 net.ipv6.conf.all.temp_prefered_lft = 86400 net.ipv6.conf.all.regen_max_retry = 3 net.ipv6.conf.all.max_desync_factor = 600 net.ipv6.conf.all.max_addresses = 16 net.ipv6.conf.all.accept_ra_defrtr = 1 net.ipv6.conf.all.accept_ra_pinfo = 1 net.ipv6.conf.all.accept_ra_rtr_pref = 1 net.ipv6.conf.all.router_probe_interval = 60 net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.all.proxy_ndp = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.all.optimistic_dad = 0 net.ipv6.conf.all.mc_forwarding = 0 net.ipv6.conf.all.disable_ipv6 = 0 net.ipv6.conf.all.accept_dad = 1 net.ipv6.conf.all.force_tllao = 0 net.ipv6.conf.default.forwarding = 0 net.ipv6.conf.default.hop_limit = 64 net.ipv6.conf.default.mtu = 1280 net.ipv6.conf.default.accept_ra = 1 net.ipv6.conf.default.accept_redirects = 1 net.ipv6.conf.default.autoconf = 1 net.ipv6.conf.default.dad_transmits = 1 net.ipv6.conf.default.router_solicitations = 3 net.ipv6.conf.default.router_solicitation_interval = 4 net.ipv6.conf.default.router_solicitation_delay = 1 net.ipv6.conf.default.force_mld_version = 0 net.ipv6.conf.default.use_tempaddr = 0 net.ipv6.conf.default.temp_valid_lft = 604800 net.ipv6.conf.default.temp_prefered_lft = 86400 net.ipv6.conf.default.regen_max_retry = 3 net.ipv6.conf.default.max_desync_factor = 600 net.ipv6.conf.default.max_addresses = 16 net.ipv6.conf.default.accept_ra_defrtr = 1 net.ipv6.conf.default.accept_ra_pinfo = 1 net.ipv6.conf.default.accept_ra_rtr_pref = 1 net.ipv6.conf.default.router_probe_interval = 60 net.ipv6.conf.default.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.default.proxy_ndp = 0 net.ipv6.conf.default.accept_source_route = 0 net.ipv6.conf.default.optimistic_dad = 0 net.ipv6.conf.default.mc_forwarding = 0 net.ipv6.conf.default.disable_ipv6 = 0 net.ipv6.conf.default.accept_dad = 1 net.ipv6.conf.default.force_tllao = 0 net.ipv6.conf.lo.forwarding = 0 net.ipv6.conf.lo.hop_limit = 64 net.ipv6.conf.lo.mtu = 16436 net.ipv6.conf.lo.accept_ra = 1 net.ipv6.conf.lo.accept_redirects = 1 net.ipv6.conf.lo.autoconf = 1 net.ipv6.conf.lo.dad_transmits = 1 net.ipv6.conf.lo.router_solicitations = 3 net.ipv6.conf.lo.router_solicitation_interval = 4 net.ipv6.conf.lo.router_solicitation_delay = 1 net.ipv6.conf.lo.force_mld_version = 0 net.ipv6.conf.lo.use_tempaddr = -1 net.ipv6.conf.lo.temp_valid_lft = 604800 net.ipv6.conf.lo.temp_prefered_lft = 86400 net.ipv6.conf.lo.regen_max_retry = 3 net.ipv6.conf.lo.max_desync_factor = 600 net.ipv6.conf.lo.max_addresses = 16 net.ipv6.conf.lo.accept_ra_defrtr = 1 net.ipv6.conf.lo.accept_ra_pinfo = 1 net.ipv6.conf.lo.accept_ra_rtr_pref = 1 net.ipv6.conf.lo.router_probe_interval = 60 net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.lo.proxy_ndp = 0 net.ipv6.conf.lo.accept_source_route = 0 net.ipv6.conf.lo.optimistic_dad = 0 net.ipv6.conf.lo.mc_forwarding = 0 net.ipv6.conf.lo.disable_ipv6 = 0 net.ipv6.conf.lo.accept_dad = -1 net.ipv6.conf.lo.force_tllao = 0 net.ipv6.conf.eth3.forwarding = 0 net.ipv6.conf.eth3.hop_limit = 64 net.ipv6.conf.eth3.mtu = 1500 net.ipv6.conf.eth3.accept_ra = 1 net.ipv6.conf.eth3.accept_redirects = 1 net.ipv6.conf.eth3.autoconf = 0 net.ipv6.conf.eth3.dad_transmits = 1 net.ipv6.conf.eth3.router_solicitations = 3 net.ipv6.conf.eth3.router_solicitation_interval = 4 net.ipv6.conf.eth3.router_solicitation_delay = 1 net.ipv6.conf.eth3.force_mld_version = 0 net.ipv6.conf.eth3.use_tempaddr = 1 net.ipv6.conf.eth3.temp_valid_lft = 604800 net.ipv6.conf.eth3.temp_prefered_lft = 86400 net.ipv6.conf.eth3.regen_max_retry = 3 net.ipv6.conf.eth3.max_desync_factor = 600 net.ipv6.conf.eth3.max_addresses = 16 net.ipv6.conf.eth3.accept_ra_defrtr = 1 net.ipv6.conf.eth3.accept_ra_pinfo = 1 net.ipv6.conf.eth3.accept_ra_rtr_pref = 1 net.ipv6.conf.eth3.router_probe_interval = 60 net.ipv6.conf.eth3.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.eth3.proxy_ndp = 0 net.ipv6.conf.eth3.accept_source_route = 0 net.ipv6.conf.eth3.optimistic_dad = 0 net.ipv6.conf.eth3.mc_forwarding = 0 net.ipv6.conf.eth3.disable_ipv6 = 0 net.ipv6.conf.eth3.accept_dad = 1 net.ipv6.conf.eth3.force_tllao = 0 net.ipv6.conf.eth2.forwarding = 0 net.ipv6.conf.eth2.hop_limit = 64 net.ipv6.conf.eth2.mtu = 1500 net.ipv6.conf.eth2.accept_ra = 1 net.ipv6.conf.eth2.accept_redirects = 1 net.ipv6.conf.eth2.autoconf = 1 net.ipv6.conf.eth2.dad_transmits = 1 net.ipv6.conf.eth2.router_solicitations = 3 net.ipv6.conf.eth2.router_solicitation_interval = 4 net.ipv6.conf.eth2.router_solicitation_delay = 1 net.ipv6.conf.eth2.force_mld_version = 0 net.ipv6.conf.eth2.use_tempaddr = 0 net.ipv6.conf.eth2.temp_valid_lft = 604800 net.ipv6.conf.eth2.temp_prefered_lft = 86400 net.ipv6.conf.eth2.regen_max_retry = 3 net.ipv6.conf.eth2.max_desync_factor = 600 net.ipv6.conf.eth2.max_addresses = 16 net.ipv6.conf.eth2.accept_ra_defrtr = 1 net.ipv6.conf.eth2.accept_ra_pinfo = 1 net.ipv6.conf.eth2.accept_ra_rtr_pref = 1 net.ipv6.conf.eth2.router_probe_interval = 60 net.ipv6.conf.eth2.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.eth2.proxy_ndp = 0 net.ipv6.conf.eth2.accept_source_route = 0 net.ipv6.conf.eth2.optimistic_dad = 0 net.ipv6.conf.eth2.mc_forwarding = 0 net.ipv6.conf.eth2.disable_ipv6 = 0 net.ipv6.conf.eth2.accept_dad = 1 net.ipv6.conf.eth2.force_tllao = 0 net.ipv6.conf.eth3-ifb.forwarding = 0 net.ipv6.conf.eth3-ifb.hop_limit = 64 net.ipv6.conf.eth3-ifb.mtu = 1500 net.ipv6.conf.eth3-ifb.accept_ra = 1 net.ipv6.conf.eth3-ifb.accept_redirects = 1 net.ipv6.conf.eth3-ifb.autoconf = 1 net.ipv6.conf.eth3-ifb.dad_transmits = 1 net.ipv6.conf.eth3-ifb.router_solicitations = 3 net.ipv6.conf.eth3-ifb.router_solicitation_interval = 4 net.ipv6.conf.eth3-ifb.router_solicitation_delay = 1 net.ipv6.conf.eth3-ifb.force_mld_version = 0 net.ipv6.conf.eth3-ifb.use_tempaddr = 0 net.ipv6.conf.eth3-ifb.temp_valid_lft = 604800 net.ipv6.conf.eth3-ifb.temp_prefered_lft = 86400 net.ipv6.conf.eth3-ifb.regen_max_retry = 3 net.ipv6.conf.eth3-ifb.max_desync_factor = 600 net.ipv6.conf.eth3-ifb.max_addresses = 16 net.ipv6.conf.eth3-ifb.accept_ra_defrtr = 1 net.ipv6.conf.eth3-ifb.accept_ra_pinfo = 1 net.ipv6.conf.eth3-ifb.accept_ra_rtr_pref = 1 net.ipv6.conf.eth3-ifb.router_probe_interval = 60 net.ipv6.conf.eth3-ifb.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.eth3-ifb.proxy_ndp = 0 net.ipv6.conf.eth3-ifb.accept_source_route = 0 net.ipv6.conf.eth3-ifb.optimistic_dad = 0 net.ipv6.conf.eth3-ifb.mc_forwarding = 0 net.ipv6.conf.eth3-ifb.disable_ipv6 = 0 net.ipv6.conf.eth3-ifb.accept_dad = -1 net.ipv6.conf.eth3-ifb.force_tllao = 0 net.ipv6.ip6frag_high_thresh = 262144 net.ipv6.ip6frag_low_thresh = 196608 net.ipv6.ip6frag_time = 60 net.ipv6.route.gc_thresh = 1024 net.ipv6.route.max_size = 4096 net.ipv6.route.gc_min_interval = 0 net.ipv6.route.gc_timeout = 60 net.ipv6.route.gc_interval = 30 net.ipv6.route.gc_elasticity = 9 net.ipv6.route.mtu_expires = 600 net.ipv6.route.min_adv_mss = 1220 net.ipv6.route.gc_min_interval_ms = 500 net.ipv6.icmp.ratelimit = 1000 net.ipv6.bindv6only = 0 net.ipv6.ip6frag_secret_interval = 600 net.ipv6.mld_max_msf = 642017-07-07 #2 更新:
提供商說兩台機器都掛在同一個交換機上。這意味著這必須是一個配置問題。
2017-07-08 更新:
我已將核心從 3.4 升級到 3.16,並將 Intel
igbNIC 驅動程序升級到他們網站上的最新軟體包。然而,無濟於事,觀察到的行為根本沒有改變。
在與託管服務提供商來回折騰一周後(並且在嘗試各種事情上浪費了無數小時),事實證明這畢竟是一個提供商/基礎設施問題。
讓他們將伺服器插入不同的路由器後,一切正常。
我想這裡要吸取的教訓是,當供應商告訴你這是機器配置問題時,他們並不總是正確的。
鑑於提供者提供的引用資訊,您最初鍵入的命令看起來完全正確。這給我們留下了一些可能的猜測,可能是什麼問題。
- 提供者給你的資訊不正確。
- 正確使用的介面實際上不是
eth3其他東西。- 從您的機器到網關的路徑上有一個嚴重錯誤配置的防火牆。
- 通信不應該使用基於乙太網的 IPv6,而是使用其他一些協議,可能是基於乙太網的 PPP 上的 IPv6。
whois 查詢將顯示您使用的 IP 地址是
2a00::/12分配給 RIPE 的一部分,但尚未分配給任何 ISP。所以我的猜測是提供商在您收到的資訊中輸入了錯誤的 IP 地址。一些可能感興趣也可能不感興趣的附加說明。您的路線命令可以縮寫為:
ip -6 route add ::/0 via 2a02:f99:0:64::1在這裡指定是多餘的,
dev eth3因為您已經有一條路線表明2a02:f99:0:64::1我已經看到至少有一個提供商
fe80::1用作網關地址。鑑於提供商告訴您將其2a02:f99:0:64::1用作網關地址,它不應該工作,但它仍然是找出問題所在的明智嘗試。您可以嘗試找出正在發生的事情的其他幾件事是查看數據包擷取,例如通過鍵入:
tcpdump -ni eth3 ip6 -s0您可以嘗試使用以下命令查找網段上的所有 IPv6 節點:
ping6 ff02::1%eth3但我最好的建議是向提供者詢問正確的資訊,提及
2a02:f99::/32未分配的資訊。