Networking
CentOS 7 連接問題
我有第二個 CentOS 7 機器,連接有很多問題。基本上,我們正在執行 WHMCS,但域查找一直失敗。所以問題是 IPv6 連接性。
[root@da01 ~]# yum install telnet -y -q -e 0 [root@da01 ~]# telnet whois.crsnic.net 43 Trying 2001:503:e8ef:1000::74...
它正在嘗試通過 IPv6 連接。我們一直在移動我們的 colo 伺服器並獲得了 IPv6 範圍(10 個地址),但這尚未在系統中設置 - 因此連接超時。
[root@da01 ~]# telnet whois.crsnic.net 43 Trying 2001:503:e8ef:1000::74... telnet: connect to address 2001:503:e8ef:1000::74: Connection timed out
解決方法是暫時禁用整個系統的 IPv6 連接。因此,只需繼續選擇要禁用 IPv6 的網路介面:
[root@da01 ~]# vi /etc/sysconfig/network-scripts/ifcfg-em2
然後將所有與 IPv6 相關的配置值更改為“no”,如下所示:
IPV6INIT="no" IPV6_AUTOCONF="no" IPV6_DEFROUTE="no" IPV6_FAILURE_FATAL="no" IPV6_PEERDNS="no" IPV6_PEERROUTES="no" IPV6_PRIVACY="no"
最後,重啟網路相關服務。
[root@da01 ~]# service network restart
現在它將通過嘗試通過 IPv6 進行連接,然後在超時重試 IPv4 時:
[root@da01 ~]# telnet whois.crsnic.net 43 Trying 199.7.74.74... Connected to whois.crsnic.net. Escape character is '^]'. Connection closed by foreign host.
因此,我在系統配置中更改了這些值。
[root@da01 network-scripts]# sysctl -w net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.all.disable_ipv6 = 1 [root@da01 network-scripts]# sysctl -w net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6 = 1 [root@da01 network-scripts]# sysctl -p /etc/sysctl.conf [root@da01 network-scripts]# sysctl --system
但是,我現在遇到網路問題。
無法ping通伺服器
iMac-van-William-4:~ williamdavidedwards$ ping PING : 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1
來自伺服器的 Traceroute 很奇怪
[root@da01 domains]# traceroute google.nl traceroute to google.nl (74.125.136.94), 30 hops max, 60 byte packets 1 178.21.23.3 (178.21.23.3) 11.069 ms * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * *
除了伺服器 IP 本身、網關、8.8.8.8 和 8.8.4.4 之外,無法 ping 任何東西
[root@da01 domains]# ping nu.nl PING nu.nl (62.69.166.254) 56(84) bytes of data. ^C --- nu.nl ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 999ms
路線-n
[root@da01 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 5.255.90.1 0.0.0.0 UG 100 0 0 em2 5.255.90.0 0.0.0.0 255.255.255.0 U 100 0 0 em2
/etc/resolv.conf
[root@da01 ~]# cat /etc/resolv.conf # Generated by NetworkManager search -removed- -removed- nameserver 8.8.8.8 nameserver 8.8.4.4
如果配置
[root@da01 ~]# ifconfig em1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c3:fd txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet serveripv4 netmask 255.255.255.0 broadcast 5.255.90.255 inet6 serveripv6 prefixlen 32 scopeid 0x0<global> inet6 ipv6 prefixlen 64 scopeid 0x20<link> inet6 ipv6 prefixlen 64 scopeid 0x0<global> ether ipv6 txqueuelen 1000 (Ethernet) RX packets 42827922 bytes 4801530409 (4.4 GiB) RX errors 0 dropped 30874 overruns 0 frame 0 TX packets 2972081 bytes 1060556603 (1011.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c4:01 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em4: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c4:03 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 0 (Local Loopback) RX packets 13560475 bytes 5100699012 (4.7 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 13560475 bytes 5100699012 (4.7 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
當我 ping 一個不存在的地址 (dsjahdasjdsa.com) 時,它會通過 ping dsjahdasjdsa.com.example.com 自動 ping 我自己的伺服器,其中 example.com 是我的網路介面域。
不幸的是,這種情況仍在發生。我必須承認我被困住了……幫助
該問題是由數據中心的 DDoS 保護軟體引起的。它包含一個錯誤,導致 DNS 查找延遲很大。我重新安裝了作業系統,禁用了 DDoS 保護(他們正在修復錯誤),現在一切正常。