Networking
網路服務超時,每秒重啟一次
設置
我在 online.net 上的 debian 伺服器正在執行雙棧 ipv4/ipv6
# /etc/network/interfaces auto lo iface lo inet loopback source /etc/network/interfaces.d/*
/etc/network/interfaces.d/中有2個文件
# /etc/network/interfaces.d/device-enp0s20-inet auto enp0s20 iface enp0s20 inet dhcp
和
# /etc/network/interfaces.d/device-enp0s20-inet6 auto enp0s20 iface enp0s20 inet6 dhcp request_prefix 1 accept_ra 2
我使用 dhclient請求我的ipv6 委派前綴
# /etc/dhcp/dhclient.conf option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; send host-name = gethostname(); request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; interface "enp0s20" { send dhcp6.client-id XX:XX:XX:XX:XX:XX:XX:XX:XX:XX; }
在 enp0s20 的 inet6 設置中,我想要 accept_ra=2,因為我的核心中有 net.ipv6.conf.all.forwarding=1(我打算設置一個 vpn)。
問題
每次嘗試重新啟動網路服務都會失敗。
$ sudo serving networking restart # first attempt Job for networking.service failed because a timeout was exceeded. See "systemctl status networking.service" and "journalctl -xe" for details. $ sudo service networking restart # second attempt works fine (this cycles)
啟動網路服務也總是在啟動時失敗。
日誌
我啟用它以更好地了解正在發生的事情
# /etc/default/networking VERBOSE=yes
這是我在重啟失敗時從 journalctl 得到的資訊:
Apr 03 12:38:37 boxname ifup[4135]: ifup: parsing file /etc/network/interfaces.d/device-enp0s20-inet Apr 03 12:38:37 boxname ifup[4135]: ifup: parsing file /etc/network/interfaces.d/device-enp0s20-inet6 Apr 03 12:38:37 boxname ifup[4135]: /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d Apr 03 12:38:37 boxname ifup[4135]: ifup: configuring interface enp0s20=enp0s20 (inet) Apr 03 12:38:37 boxname ifup[4135]: /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d Apr 03 12:38:37 boxname ifup[4135]: /sbin/dhclient -4 -v -pf /run/dhclient.enp0s20.pid -lf /var/lib/dhcp/dhclient.enp0s20.leases -I -df /var/lib/dhcp/dhclient6.enp0s20.leases enp0s20 Apr 03 12:38:37 boxname ifup[4135]: Internet Systems Consortium DHCP Client 4.3.5 Apr 03 12:38:37 boxname ifup[4135]: Copyright 2004-2016 Internet Systems Consortium. Apr 03 12:38:37 boxname ifup[4135]: All rights reserved. Apr 03 12:38:37 boxname ifup[4135]: For info, please visit https://www.isc.org/software/dhcp/ Apr 03 12:38:38 boxname ifup[4135]: Listening on LPF/enp0s20/<REDACTED> Apr 03 12:38:38 boxname ifup[4135]: Sending on LPF/enp0s20/<REDACTED> Apr 03 12:38:38 boxname ifup[4135]: Sending on Socket/fallback Apr 03 12:38:38 boxname ifup[4135]: DHCPDISCOVER on enp0s20 to 255.255.255.255 port 67 interval 4 Apr 03 12:38:38 boxname ifup[4135]: DHCPREQUEST of 163.172.XX.XX on enp0s20 to 255.255.255.255 port 67 Apr 03 12:38:38 boxname ifup[4135]: DHCPOFFER of 163.172.XX.XX from 163.172.XX.1 Apr 03 12:38:38 boxname ifup[4135]: DHCPACK of 163.172.XX.XX from 163.172.XX.1 Apr 03 12:38:38 boxname ifup[4135]: bound to 163.172.XX.XX -- renewal in 2147483648 seconds. Apr 03 12:38:38 boxname ifup[4135]: /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d Apr 03 12:38:38 boxname ifup[4135]: run-parts: executing /etc/network/if-up.d/000resolvconf Apr 03 12:38:38 boxname ifup[4135]: run-parts: executing /etc/network/if-up.d/openntpd Apr 03 12:38:38 boxname ifup[4135]: run-parts: executing /etc/network/if-up.d/openssh-server Apr 03 12:38:38 boxname ifup[4135]: run-parts: executing /etc/network/if-up.d/upstart Apr 03 12:38:38 boxname ifup[4135]: ifup: configuring interface enp0s20=enp0s20 (inet6) Apr 03 12:38:38 boxname ifup[4135]: /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d Apr 03 12:38:38 boxname ifup[4135]: /sbin/modprobe -q net-pf-10 > /dev/null 2>&1 || true # ignore failure. Apr 03 12:38:38 boxname ifup[4135]: /sbin/sysctl -q -e -w net.ipv6.conf.enp0s20.accept_ra=2 Apr 03 12:38:38 boxname ifup[4135]: /bin/ip link set dev enp0s20 up Apr 03 12:38:38 boxname ifup[4135]: /lib/ifupdown/wait-for-ll6.sh Apr 03 12:38:39 boxname ifup[4135]: /sbin/dhclient -6 -pf /run/dhclient6.enp0s20.pid -lf /var/lib/dhcp/dhclient6.enp0s20.leases -I -P -N -df /var/lib/dhcp/dhclient.enp0s20.leases enp0s20 Apr 03 12:38:50 boxname ifup[4135]: RTNETLINK answers: Invalid argument
問題
你能幫我找出問題所在並修復它嗎?
我發現了問題!
經過一番研究,我發現dhcpv6 的工作方式是客戶端從埠 546 和伺服器從埠 547 進行通信。我添加了以下兩個 ip6tables 規則,它們使我的盒子充當客戶端:
-A INPUT -p udp --sport 547 --dport 546 -j ACCEPT -A OUTPUT -p udp --sport 546 --dport 547 -j ACCEPT
這解決了這個問題。
之所以出現這個問題,是因為我使用了防火牆並且無意中阻止了 dhcpv6。如果您不使用防火牆,則不需要這些規則,這篇文章不是您問題的答案。