Armbian 为什么一段时间后,获取的 IPv6 无法访问/被访问
有问题设备执行结果:
root@Chuwen:~# ip6tables -F
root@Chuwen:~# ping -6 fe80::a033:13a6:f785:ce86%eth0
PING fe80::a033:13a6:f785:ce86%eth0(fe80::a033:13a6:f785:ce86%eth0) 56 data bytes
^C
--- fe80::a033:13a6:f785:ce86%eth0 ping statistics ---
34 packets transmitted, 0 received, 100% packet loss, time 33782ms
在路由器上执行 ip6tables -F,然后在有问题设备 ping6 路由器链路本地地址
root@Chuwen:~# ping -6 fe80::a033:13a6:f785:ce86%eth0
PING fe80::a033:13a6:f785:ce86%eth0(fe80::a033:13a6:f785:ce86%eth0) 56 data bytes
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
ping: sendmsg: 网络不可达
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%eth0
ping: bad address 'fe80::9abb:99ff:fe04:7b1a%eth0'
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%br0
PING fe80::9abb:99ff:fe04:7b1a%br0 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
^C
--- fe80::9abb:99ff:fe04:7b1a%br0 ping statistics ---
15 packets transmitted, 0 packets received, 100% packet loss
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%eth2
PING fe80::9abb:99ff:fe04:7b1a%eth2 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
ping: sendto: Network is unreachable
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%eth3
PING fe80::9abb:99ff:fe04:7b1a%eth3 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
64 bytes from fe80::9abb:99ff:fe04:7b1a: seq=0 ttl=64 time=0.566 ms
64 bytes from fe80::9abb:99ff:fe04:7b1a: seq=1 ttl=64 time=0.328 ms
^C
--- fe80::9abb:99ff:fe04:7b1a%eth3 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.328/0.447/0.566 ms
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%ppp0
PING fe80::9abb:99ff:fe04:7b1a%ppp0 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
^C
--- fe80::9abb:99ff:fe04:7b1a%ppp0 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%ra0
PING fe80::9abb:99ff:fe04:7b1a%ra0 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
ping: sendto: Network is unreachable
[K2P /opt/home/admin]# ping fe80::9abb:99ff:fe04:7b1a%rax0
PING fe80::9abb:99ff:fe04:7b1a%rax0 (fe80::9abb:99ff:fe04:7b1a): 56 data bytes
ping: sendto: Network is unreachable
似乎找到问题了
那个有问题的设备(似乎是没有网关地址,直接显示 gateway):
root@Chuwen:~# route -6
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
2409:8a38:6824:8dc0::/64 [::] U 100 1 0 eth0
gateway/128 [::] U 100 1 0 eth0
fe80::/64 [::] U 256 4 0 eth0
fe80::/64 [::] U 256 1 0 vethade8bd3
fe80::/64 [::] U 256 1 0 docker0
[::]/0 gateway UG 100 1 0 eth0
localhost/128 [::] Un 0 7 0 lo
Chuwen/128 [::] Un 0 2 0 eth0
Chuwen/128 [::] Un 0 5 0 docker0
Chuwen/128 [::] Un 0 8 0 eth0
Chuwen/128 [::] Un 0 5 0 vethade8bd3
ip6-mcastprefix/8 [::] U 256 6 0 eth0
ip6-mcastprefix/8 [::] U 256 1 0 vethade8bd3
ip6-mcastprefix/8 [::] U 256 1 0 docker0
[::]/0 [::] !n -1 1 0 lo
本机:
chuwen@WenzhouChan:~$ route -6
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
[::]/0 fe80::9abb:99ff:fe04:7b1b U 256 0 0 eth0
2409:8a38:6824:8dc0::/64 [::] U 256 0 0 eth0
2409:8a38:6824:8dc0:2c13:手动:打码:52a8/128 [::] U 256 0 0 eth0
2409:8a38:6824:8dc0:a033:手动:打码:ce86/128 [::] U 256 0 0 eth0
fe80::/64 [::] U 256 0 0 eth0
fe80::a033:13a6:f785:ce86/128 [::] U 256 0 0 eth0
ip6-mcastprefix/8 [::] U 256 0 0 eth0
fe80::/64 [::] 256 0 0 eth1
fe80::105e:60ad:511:ecd1/128 [::] 256 0 0 eth1
ip6-mcastprefix/8 [::] 256 0 0 eth1
fe80::/64 [::] U 256 0 0 eth2
fe80::b47b:451f:33f6:7382/128 [::] U 256 0 0 eth2
ip6-mcastprefix/8 [::] U 256 0 0 eth2
fe80::/64 [::] U 256 0 0 eth3
fe80::d95b:68e3:d10b:d3a4/128 [::] U 256 0 0 eth3
ip6-mcastprefix/8 [::] U 256 0 0 eth3
fe80::/64 [::] 256 0 0 eth4
fe80::c987:5d4c:494:aab6/128 [::] 256 0 0 eth4
ip6-mcastprefix/8 [::] 256 0 0 eth4
ip6-localhost/128 [::] U 256 0 0 lo
ip6-mcastprefix/8 [::] U 256 0 0 lo
fe80::/64 [::] 0 0 0 wifi0
fe80::8df3:1dbb:c9c6:b519/128 [::] 0 0 0 wifi0
ip6-mcastprefix/8 [::] 0 0 0 wifi0
fe80::/64 [::] 256 0 0 wifi1
fe80::9048:89f:c6b3:37a4/128 [::] 256 0 0 wifi1
ip6-mcastprefix/8 [::] 256 0 0 wifi1
fe80::/64 [::] 256 0 0 wifi2
fe80::20ee:534a:8765:2d34/128 [::] 256 0 0 wifi2
ip6-mcastprefix/8 [::] 256 0 0 wifi2
@老虎会游泳,可能又要麻烦你了,不知道怎么的,现在有 IPv6 地址,但就是无法访问 IPv6 站点 和 被访问,重启也无效
root@Chuwen:/opt/www/wwwlogs# route -6
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
2409:8a38:6822:c250::/64 [::] U 100 1 0 eth0
gateway/128 [::] U 100 1 0 eth0
fe80::/64 [::] U 256 1 0 eth0
fe80::/64 [::] U 256 1 0 veth9909344
fe80::/64 [::] U 256 1 0 docker0
[::]/0 gateway UG 100 1 0 eth0
localhost/128 [::] Un 0 7 0 lo
Chuwen/128 [::] Un 0 6 0 eth0
Chuwen/128 [::] Un 0 4 0 docker0
Chuwen/128 [::] Un 0 3 0 veth9909344
Chuwen/128 [::] Un 0 5 0 eth0
ip6-mcastprefix/8 [::] U 256 6 0 eth0
ip6-mcastprefix/8 [::] U 256 1 0 veth9909344
ip6-mcastprefix/8 [::] U 256 1 0 docker0
[::]/0 [::] !n -1 1 0 lo
root@Chuwen:/opt/www/wwwlogs# traceroute ipv6.hu60.cn
traceroute to ipv6.hu60.cn (2408:400a:d:a300::1), 30 hops max, 80 byte packets
1 2409:8a38:6822:c250:9abb:99ff:fe04:7b1b (2409:8a38:6822:c250:9abb:99ff:fe04:7b1b) 0.428 ms 0.228 ms 0.206 ms
2 2409:8a38:6801:: (2409:8a38:6801::) 5.558 ms 5.861 ms 6.177 ms
3 2409:8038:1071:1000:7001:7132:1:0 (2409:8038:1071:1000:7001:7132:1:0) 6.043 ms 6.544 ms 7.072 ms
4 2409:8038:70:1000:1:7001:1:0 (2409:8038:70:1000:1:7001:1:0) 17.869 ms 2409:8038:70:1000:2:7002:1:0 (2409:8038:70:1000:2:7002:1:0) 12.202 ms 12.094 ms
5 2409:8080:0:2:2101:2171:: (2409:8080:0:2:2101:2171::) 11.040 ms 2409:8080:0:2:2103:2172:: (2409:8080:0:2:2103:2172::) 12.245 ms 2409:8080:0:2:2102:2172:1:0 (2409:8080:0:2:2102:2172:1:0) 12.564 ms
6 2409:8080:0:1:203:2101:: (2409:8080:0:1:203:2101::) 28.027 ms 2409:8080:0:1:202:2103:: (2409:8080:0:1:202:2103::) 26.902 ms 2409:8080:0:1:201:2101:: (2409:8080:0:1:201:2101::) 22.100 ms
7 2409:8080:0:1:202:2e1:0:1 (2409:8080:0:1:202:2e1:0:1) 26.813 ms 25.027 ms 26.167 ms
8 2409:8080:0:3:2e1:280:2:1 (2409:8080:0:3:2e1:280:2:1) 31.917 ms 2409:8080:0:3:2e1:280:1:1 (2409:8080:0:3:2e1:280:1:1) 32.987 ms 2409:8080:0:3:2e1:280:10:1 (2409:8080:0:3:2e1:280:10:1) 30.115 ms
9 * * *
10 * 240e::11:21:2302 (240e::11:21:2302) 48.248 ms 48.850 ms
11 240e:0:9000:c::7 (240e:0:9000:c::7) 45.236 ms * 240e:0:9000:a::9 (240e:0:9000:a::9) 48.311 ms
12 240e:83:610::1 (240e:83:610::1) 42.020 ms * 240e:83:100::61 (240e:83:100::61) 39.776 ms
13 fd00:0:1000:3ca::1 (fd00:0:1000:3ca::1) 50.688 ms 49.500 ms 50.571 ms
14 fd00:0:1000:3ca::1 (fd00:0:1000:3ca::1) 51.585 ms * *
15 fc00:110:0:416::1 (fc00:110:0:416::1) 62.138 ms fc00:110:0:41e::1 (fc00:110:0:41e::1) 56.025 ms fc00:110:0:414::1 (fc00:110:0:414::1) 61.922 ms
16 fc00:110:0:41c::1 (fc00:110:0:41c::1) 52.891 ms * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
@老虎会游泳,nas.iton.pw 就是我那个出现问题的设备
C:\Users\chuwen>tracert nas.iton.pw
通过最多 30 个跃点跟踪
到 nas.iton.pw [2409:8a38:6823:73d0:608b:9e15:dd01:97b] 的路由:
1 <1 毫秒 <1 毫秒 <1 毫秒 2409:8a38:6824:c3c0:9abb:99ff:fe04:7b1b
2 13 ms 15 ms 3 ms 2409:8a38:6820::
3 4 ms 4 ms 4 ms 2409:8a38:6802:a173:f210:ab50:ff0e:d1c9
4 无法访问目标主机。
跟踪完成。
@NowTime,说起来,我的ipv6.hu60.cn也一直在出问题,IPv6默认网关经常莫名其妙消失,而且用reboot命令无效,得从阿里云控制面板重启才能恢复。阿里云默认使用的IPv6无状态地址自动配置还是很不稳定啊,没有DHCPv6可靠。。。
我的ipv6.hu60.net最开始也经常出问题,公网IPv6地址和默认网关会消失,得时不时重启一下才会回来,我有段时间甚至一气之下设了个静态地址/路由。不过Vulrt这两年应该是做了改进,最近稳定一些了。
最后,如果地址和路由看起来一切正常,但就是不可达,那就只能考虑是邻居发现方面出了问题。和IPv4 ARP一样,IPv6邻居缓存应该也是可以手动配置的,实在不行可以在正常的时候先看好,然后不正常的时候自己配置一下。
如果配置完还是不行,那只能考虑是软件或硬件的实现问题了,实现有Bug,靠配置已经不能挽救了。只能考虑换个系统,或者换个网卡。
如果有可能,你也可以把路由器的IPv6地址分配策略改成仅DHCPv6,可能可以解决很多莫名其妙的问题。
网上搜一下教程。
@NowTime,为了确认是不是防火墙问题,你可以临时清除防火墙规则:
然后有问题设备ping6路由器链路本地地址。
先在有问题设备运行
ip6tables -F。如果还是不通,在路由器运行。