Networking

CentOS 7 連接問題

  • July 4, 2016

我有第二個 CentOS 7 機器,連接有很多問題。基本上,我們正​​在執行 WHMCS,但域查找一直失敗。所以問題是 IPv6 連接性。

[root@da01 ~]# yum install telnet -y -q -e 0
[root@da01 ~]# telnet whois.crsnic.net 43
Trying 2001:503:e8ef:1000::74...

它正在嘗試通過 IPv6 連接。我們一直在移動我們的 colo 伺服器並獲得了 IPv6 範圍(10 個地址),但這尚未在系統中設置 - 因此連接超時。

[root@da01 ~]# telnet whois.crsnic.net 43
Trying 2001:503:e8ef:1000::74...
telnet: connect to address 2001:503:e8ef:1000::74: Connection timed out

解決方法是暫時禁用整個系統的 IPv6 連接。因此,只需繼續選擇要禁用 IPv6 的網路介面:

[root@da01 ~]# vi /etc/sysconfig/network-scripts/ifcfg-em2 

然後將所有與 IPv6 相關的配置值更改為“no”,如下所示:

IPV6INIT="no"
IPV6_AUTOCONF="no"
IPV6_DEFROUTE="no"
IPV6_FAILURE_FATAL="no"
IPV6_PEERDNS="no"
IPV6_PEERROUTES="no"
IPV6_PRIVACY="no"

最後,重啟網路相關服務。

[root@da01 ~]# service network restart

現在它將通過嘗試通過 IPv6 進行連接,然後在超時重試 IPv4 時:

[root@da01 ~]# telnet whois.crsnic.net 43
Trying 199.7.74.74...
Connected to whois.crsnic.net.
Escape character is '^]'.
Connection closed by foreign host.

因此,我在系統配置中更改了這些值。

[root@da01 network-scripts]# sysctl -w net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.all.disable_ipv6 = 1
[root@da01 network-scripts]# sysctl -w     net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6 = 1
[root@da01 network-scripts]# sysctl -p /etc/sysctl.conf
[root@da01 network-scripts]# sysctl --system

但是,我現在遇到網路問題。

無法ping通伺服器

iMac-van-William-4:~ williamdavidedwards$ ping 
PING : 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1

來自伺服器的 Traceroute 很奇怪

[root@da01 domains]# traceroute google.nl
traceroute to google.nl (74.125.136.94), 30 hops max, 60 byte packets
1  178.21.23.3 (178.21.23.3)  11.069 ms * *
2  * * *
3  * * *
4  * * *
5  * * *
6  * * *
7  * * *
8  * * *
9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

除了伺服器 IP 本身、網關、8.8.8.8 和 8.8.4.4 之外,無法 ping 任何東西

[root@da01 domains]# ping nu.nl
PING nu.nl (62.69.166.254) 56(84) bytes of data.
^C
--- nu.nl ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

路線-n

[root@da01 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use     Iface
0.0.0.0         5.255.90.1      0.0.0.0         UG    100    0        0 em2
5.255.90.0      0.0.0.0         255.255.255.0   U     100    0        0 em2

/etc/resolv.conf

[root@da01 ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search -removed- -removed-
nameserver 8.8.8.8
nameserver 8.8.4.4

如果配置

[root@da01 ~]# ifconfig
em1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
       ether 00:21:9b:a7:c3:fd  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 0  bytes 0 (0.0 B)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

em2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
       inet serveripv4  netmask 255.255.255.0  broadcast 5.255.90.255
       inet6 serveripv6  prefixlen 32  scopeid 0x0<global>
       inet6 ipv6  prefixlen 64  scopeid 0x20<link>
       inet6 ipv6  prefixlen 64  scopeid 0x0<global>
       ether ipv6  txqueuelen 1000  (Ethernet)
       RX packets 42827922  bytes 4801530409 (4.4 GiB)
       RX errors 0  dropped 30874  overruns 0  frame 0
       TX packets 2972081  bytes 1060556603 (1011.4 MiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

em3: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
       ether 00:21:9b:a7:c4:01  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 0  bytes 0 (0.0 B)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

em4: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
       ether 00:21:9b:a7:c4:03  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 0  bytes 0 (0.0 B)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
       inet 127.0.0.1  netmask 255.0.0.0
       loop  txqueuelen 0  (Local Loopback)
       RX packets 13560475  bytes 5100699012 (4.7 GiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 13560475  bytes 5100699012 (4.7 GiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

當我 ping 一個不存在的地址 (dsjahdasjdsa.com) 時,它會通過 ping dsjahdasjdsa.com.example.com 自動 ping 我自己的伺服器,其中 example.com 是我的網路介面域。

不幸的是,這種情況仍在發生。我必須承認我被困住了……幫助

該問題是由數據中心的 DDoS 保護軟體引起的。它包含一個錯誤,導致 DNS 查找延遲很大。我重新安裝了作業系統,禁用了 DDoS 保護(他們正在修復錯誤),現在一切正常。

引用自:https://serverfault.com/questions/786388