1 .

@NowTime，ip -6 route看看默认路由（default via xxx dev xxx）是不是掉了。如果容易掉，加个静态路由。

ip -6 route change default via 路由器ipv6地址 dev 网卡

默认路由会掉通常都是IPv6 RA或者DHCPv6的问题

2 .

以下是执行结果：

root@Chuwen:~# ip -6 route
2409:8a38:6824:8dc0::/64 dev eth0 proto ra metric 100  pref medium
fe80::9abb:99ff:fe04:7b1b dev eth0 proto static metric 100  pref medium
fe80::/64 dev eth0 proto kernel metric 256  pref medium
fe80::/64 dev vethade8bd3 proto kernel metric 256  pref medium
fe80::/64 dev docker0 proto kernel metric 256  pref medium
default via fe80::9abb:99ff:fe04:7b1b dev eth0 proto static metric 100  pref medium

路由器ipv6地址怎么获取，它是固定的吗

3 . @老虎会游泳
那猜测是 `IPv6 RA` 的问题，我没开启 `DHCPv6` 也会出现这个问题

4 .

@老虎会游泳，执行了下，好像没用

root@Chuwen:~# ip -6 route change default via fe80::9abb:99ff:fe04:7b1b dev eth0
RTNETLINK answers: No such file or directory
root@Chuwen:~# uname -r
5.3.18-rockchip64
root@Chuwen:~# apt  install kernel-modules-extra-`uname -r`
正在读取软件包列表... 完成
正在分析软件包的依赖关系树       
正在读取状态信息... 完成       
E: 无法定位软件包 kernel-modules-extra-5.3.18-rockchip64
E: 无法按照 glob ‘kernel-modules-extra-5.3.18-rockchip64’ 找到任何软件包
E: 无法按照正则表达式 kernel-modules-extra-5.3.18-rockchip64 找到任何软件包

5 .

@NowTime，不要用fe80::开头的IP，要用路由器的内网接口公网IP（2409:）。
如果你一定要用fe80::开头的ip，你需要加上接口：

ip -6 route change default via fe80::9abb:99ff:fe04:7b1b%eth0 dev eth0

还有，RTNETLINK answers: No such file or directory显然是一个错误，表示命令没有执行成功。

6 .

执行结果

root@Chuwen:~# ip -6 route change default via fe80::9abb:99ff:fe04:7b1b%eth0 dev eth0
Error: inet6 address is expected rather than "fe80::9abb:99ff:fe04:7b1b%eth0".

7 . @老虎会游泳，如果换成路由器的公网IP，那公网IPv6不是会变吗

8 .

@NowTime，看起来你的默认路由本来就在

default via fe80::9abb:99ff:fe04:7b1b dev eth0 proto static metric 100  pref medium

所以不需要修改默认路由。
也许你可以traceroute6一下看看中断在哪里。

traceroute6 -n 路由器公网ip
tracetoute6 -n ipv6.hu60.cn

9 .

@NowTime，fe80::9abb:99ff:fe04:7b1b是路由器LAN接口的链路本地地址。除此之外，路由器LAN接口还有一个全局唯一地址（公网地址）。

IPv6和IPv4的区别在于，每个接口都会有一个公网地址，所以路由器的WAN接口会有一个公网地址，LAN接口会有另一个公网地址。而IPv4的LAN只有内网地址。

这里说的“路由器内网（LAN）接口的公网地址”，就相当于IPv4的192.168.1.1。

不能写路由器公网（WAN）接口的公网地址，因为它和LAN不在一个局域网，不可达。

10 .

@NowTime，当然，默认路由写链路本地地址也是可以的，不过链路本地地址使用时涉及接口标识符，所以有时候不方便。
你也可以ping一下这个默认路由的链路本地地址，看看还在不：

ping6 fe80::9abb:99ff:fe04:7b1b%eth0

这时候应该就必须使用接口标识符了，否则命令会报错。

参考：
http://lesca.me/archives/the-percent-sign-following-link-local-address.html

11 .

我再说明下我的问题吧，设备开机，获取了 IPv6

root@Chuwen:~# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.3.119  netmask 255.255.255.0  broadcast 192.168.3.255
        inet6 2409:8a38:6824:8dc0:66e0:手动:打码:ac6f  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::7368:5996:c91e:e7f6  prefixlen 64  scopeid 0x20<link>
        ether de:67:82:3a:3c:5e  txqueuelen 1000  (Ethernet)
        RX packets 72908830  bytes 25040805497 (23.3 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 189162998  bytes 140905864805 (131.2 GiB)
        TX errors 195  dropped 0 overruns 195  carrier 0  collisions 0
        device interrupt 33

但是问题就是，运行了大概5、6天

该设备就无法访问 IPv6 资源
也无法被访问，该设备安装了 webserver，通过该设备的公网 ipv6 无法访问，也无法 ping 通(电脑 ping 该设备)

以下是按照你说的做的

root@Chuwen:~# traceroute6 -n 2409:8a38:6802:5298:f977:手动:打码:6c40
traceroute to 2409:8a38:6802:5298:f977:手动:打码:6c40 (2409:8a38:6802:5298:f977:手动:打码:6c40), 30 hops max, 80 byte packets
connect: 网络不可达

12 .

root@Chuwen:~# ping6 fe80::9abb:99ff:fe04:7b1b%eth0
connect: 网络不可达

ping 任何 IPv6 地址都是这种提示

13 .

@NowTime，你路由器是linux吗，ifconfig和ip -6 route看看？

14 .

@老虎会游泳

[K2P /opt/home/admin]# ifconfig
br0       Link encap:Ethernet  HWaddr 98:BB:99:04:7B:1B  
          inet addr:192.168.3.1  Bcast:192.168.3.255  Mask:255.255.255.0
          inet6 addr: 2409:8a38:6824:8dc0:9abb:手动:打码:7b1b/60 Scope:Global
          inet6 addr: fe80::9abb:99ff:fe04:7b1b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:716455861 errors:0 dropped:91 overruns:0 frame:0
          TX packets:683278003 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1067635490357 (994.3 GiB)  TX bytes:516090290062 (480.6 GiB)

eth2      Link encap:Ethernet  HWaddr 98:BB:99:04:7B:1B  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:975628152 errors:0 dropped:3172 overruns:0 frame:0
          TX packets:514134076 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1103223474182 (1.0 TiB)  TX bytes:308229268260 (287.0 GiB)
          Interrupt:11 

eth3      Link encap:Ethernet  HWaddr 98:BB:99:04:7B:1A  
          inet addr:192.168.2.7  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::9abb:99ff:fe04:7b1a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:687000424 errors:0 dropped:10 overruns:0 frame:0
          TX packets:1055865678 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:521262890635 (485.4 GiB)  TX bytes:1114420581999 (1.0 TiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:49469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49469 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:4454216 (4.2 MiB)  TX bytes:4454216 (4.2 MiB)

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:100.111.44.30  P-t-P:100.111.0.1  Mask:255.255.255.255
          inet6 addr: 2409:8a38:6802:919a:25fd:手动:打码:a225/64 Scope:Global
          inet6 addr: 2409:8a38:6802:919a:9abb:手动:打码:7b1a/64 Scope:Global
          inet6 addr: fe80::9abb:99d1:d804:7b1a/10 Scope:Link
          inet6 addr: 2409:8a38:6802:919a:55:手动:打码:e8c7/64 Scope:Global
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:81166949 errors:0 dropped:0 overruns:0 frame:0
          TX packets:96825380 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:72323319848 (67.3 GiB)  TX bytes:50051379428 (46.6 GiB)

ra0       Link encap:Ethernet  HWaddr 98:BB:99:04:7B:1C  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:72027796 errors:360 dropped:0 overruns:0 frame:0
          TX packets:105583671 errors:5914419 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3000 
          RX bytes:552364393 (526.7 MiB)  TX bytes:322171201 (307.2 MiB)
          Interrupt:12 

rax0      Link encap:Ethernet  HWaddr 9A:BB:99:24:7B:1C  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:78600335 errors:0 dropped:0 overruns:0 frame:0
          TX packets:109358092 errors:512946 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3000 
          RX bytes:4124319924 (3.8 GiB)  TX bytes:4176878270 (3.8 GiB)

[K2P /opt/home/admin]# ip -6 route
anycast 2409:8a38:6802:919a:: via :: dev lo  proto none  metric 0 
2409:8a38:6802:919a::/64 dev ppp0  proto kernel  metric 256  expires 2592156sec
anycast 2409:8a38:6824:8dc0:: via :: dev lo  proto none  metric 0 
2409:8a38:6824:8dc0::/60 dev br0  proto kernel  metric 256 
anycast fe80:: via :: dev lo  proto none  metric 0 
anycast fe80:: via :: dev lo  proto none  metric 0 
anycast fe80:: via :: dev lo  proto none  metric 0 
fe80::/64 dev br0  proto kernel  metric 256 
fe80::/64 dev eth3  proto kernel  metric 256 
fe80::/64 dev ppp0  proto kernel  metric 256 
fe80::/10 dev ppp0  metric 1 
fe80::/10 dev ppp0  proto kernel  metric 256 
ff00::/8 dev br0  metric 256 
ff00::/8 dev eth3  metric 256 
ff00::/8 dev ppp0  metric 256 
default via fe80::ce1a:faff:feeb:4780 dev ppp0  proto kernel  metric 1024  expires 1795sec hoplimit 64
default dev ppp0  metric 2048

15 .

@NowTime，看看电脑或路由器是不是有防火墙规则

ip6tables-save

这会打印所有规则（不是保存，重定向到文件才是保存，比如ip6tables-save > xxx.txt）

16 .

@老虎会游泳，好像是没获取到 临时 IPv6，我启用了 隐私扩展 (RFC 4941)

正常情况下是会获取到 2个公网 IPv6，一个临时的，一个永久的

这是我电脑的

chuwen@WenzhouChan:~$ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.3.4  netmask 255.255.255.0  broadcast 192.168.3.255
        inet6 2409:8a38:6824:8dc0:a033:手动:打码:ce86  prefixlen 64  scopeid 0x0<global>
        inet6 2409:8a38:6824:8dc0:2c13:手动:打码:52a8  prefixlen 128  scopeid 0x0<global>
        inet6 fe80::a033:13a6:f785:ce86  prefixlen 64  scopeid 0xfd<compat,link,site,host>
        ether d8:c4:97:6f:93:cb  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

这是那个有问题的设备

root@Chuwen:~# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.3.119  netmask 255.255.255.0  broadcast 192.168.3.255
        inet6 2409:8a38:6824:8dc0:66e0:手动:打码:ac6f  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::7368:5996:c91e:e7f6  prefixlen 64  scopeid 0x20<link>
        ether de:67:82:3a:3c:5e  txqueuelen 1000  (Ethernet)
        RX packets 72917831  bytes 25043612518 (23.3 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 189170509  bytes 140907373532 (131.2 GiB)
        TX errors 195  dropped 0 overruns 195  carrier 0  collisions 0
        device interrupt 33

17 .

那个有问题的设备

root@Chuwen:~# ip6tables-save
# Generated by ip6tables-save v1.6.0 on Tue May 26 16:29:33 2020
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [321:28987]
:ufw6-after-forward - [0:0]
:ufw6-after-input - [0:0]
:ufw6-after-logging-forward - [0:0]
:ufw6-after-logging-input - [0:0]
:ufw6-after-logging-output - [0:0]
:ufw6-after-output - [0:0]
:ufw6-before-forward - [0:0]
:ufw6-before-input - [0:0]
:ufw6-before-logging-forward - [0:0]
:ufw6-before-logging-input - [0:0]
:ufw6-before-logging-output - [0:0]
:ufw6-before-output - [0:0]
:ufw6-logging-allow - [0:0]
:ufw6-logging-deny - [0:0]
:ufw6-reject-forward - [0:0]
:ufw6-reject-input - [0:0]
:ufw6-reject-output - [0:0]
:ufw6-skip-to-policy-forward - [0:0]
:ufw6-skip-to-policy-input - [0:0]
:ufw6-skip-to-policy-output - [0:0]
:ufw6-track-forward - [0:0]
:ufw6-track-input - [0:0]
:ufw6-track-output - [0:0]
:ufw6-user-forward - [0:0]
:ufw6-user-input - [0:0]
:ufw6-user-limit - [0:0]
:ufw6-user-limit-accept - [0:0]
:ufw6-user-logging-forward - [0:0]
:ufw6-user-logging-input - [0:0]
:ufw6-user-logging-output - [0:0]
:ufw6-user-output - [0:0]
-A INPUT -j ufw6-before-logging-input
-A INPUT -j ufw6-before-input
-A INPUT -j ufw6-after-input
-A INPUT -j ufw6-after-logging-input
-A INPUT -j ufw6-reject-input
-A INPUT -j ufw6-track-input
-A FORWARD -j ufw6-before-logging-forward
-A FORWARD -j ufw6-before-forward
-A FORWARD -j ufw6-after-forward
-A FORWARD -j ufw6-after-logging-forward
-A FORWARD -j ufw6-reject-forward
-A FORWARD -j ufw6-track-forward
-A OUTPUT -j ufw6-before-logging-output
-A OUTPUT -j ufw6-before-output
-A OUTPUT -j ufw6-after-output
-A OUTPUT -j ufw6-after-logging-output
-A OUTPUT -j ufw6-reject-output
-A OUTPUT -j ufw6-track-output
-A ufw6-after-input -p udp -m udp --dport 137 -j ufw6-skip-to-policy-input
-A ufw6-after-input -p udp -m udp --dport 138 -j ufw6-skip-to-policy-input
-A ufw6-after-input -p tcp -m tcp --dport 139 -j ufw6-skip-to-policy-input
-A ufw6-after-input -p tcp -m tcp --dport 445 -j ufw6-skip-to-policy-input
-A ufw6-after-input -p udp -m udp --dport 546 -j ufw6-skip-to-policy-input
-A ufw6-after-input -p udp -m udp --dport 547 -j ufw6-skip-to-policy-input
-A ufw6-after-logging-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw6-after-logging-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw6-before-forward -m rt --rt-type 0 -j DROP
-A ufw6-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT
-A ufw6-before-forward -p ipv6-icmp -m icmp6 --icmpv6-type 129 -j ACCEPT
-A ufw6-before-forward -j ufw6-user-forward
-A ufw6-before-input -i lo -j ACCEPT
-A ufw6-before-input -m rt --rt-type 0 -j DROP
-A ufw6-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw6-before-input -m conntrack --ctstate INVALID -j ufw6-logging-deny
-A ufw6-before-input -m conntrack --ctstate INVALID -j DROP
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 129 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 144 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 145 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 146 -j ACCEPT
-A ufw6-before-input -p ipv6-icmp -m icmp6 --icmpv6-type 147 -j ACCEPT
-A ufw6-before-input -s fe80::/10 -d fe80::/10 -p udp -m udp --sport 547 --dport 546 -j ACCEPT
-A ufw6-before-input -d ff02::fb/128 -p udp -m udp --dport 5353 -j ACCEPT
-A ufw6-before-input -d ff02::f/128 -p udp -m udp --dport 1900 -j ACCEPT
-A ufw6-before-input -j ufw6-user-input
-A ufw6-before-output -o lo -j ACCEPT
-A ufw6-before-output -m rt --rt-type 0 -j DROP
-A ufw6-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 1 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 2 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 3 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 4 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 129 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 141 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 142 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 130 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 131 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 132 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 143 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 148 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -p ipv6-icmp -m icmp6 --icmpv6-type 149 -m hl --hl-eq 255 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 151 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 152 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-output -s fe80::/10 -p ipv6-icmp -m icmp6 --icmpv6-type 153 -m hl --hl-eq 1 -j ACCEPT
-A ufw6-before-output -j ufw6-user-output
-A ufw6-logging-allow -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw6-logging-deny -m conntrack --ctstate INVALID -m limit --limit 3/min --limit-burst 10 -j RETURN
-A ufw6-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw6-skip-to-policy-forward -j DROP
-A ufw6-skip-to-policy-input -j DROP
-A ufw6-skip-to-policy-output -j ACCEPT
-A ufw6-track-output -p tcp -m conntrack --ctstate NEW -j ACCEPT
-A ufw6-track-output -p udp -m conntrack --ctstate NEW -j ACCEPT
-A ufw6-user-input -p tcp -m multiport --dports 20,21,22,22,80,888,8888 -j ACCEPT
-A ufw6-user-input -p tcp -m multiport --dports 39000:40000 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 10086 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 10086 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 9000 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 9000 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 139 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 139 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 137 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 137 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 138 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 138 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 80 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 443 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 9080 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 9080 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 888 -j ACCEPT
-A ufw6-user-input -p udp -m multiport --dports 137,138 -m comment --comment "\'dapp_Samba\'" -j ACCEPT
-A ufw6-user-input -p tcp -m multiport --dports 139,445 -m comment --comment "\'dapp_Samba\'" -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 8000 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 8000 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 8080 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 8080 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 8081 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 8081 -j ACCEPT
-A ufw6-user-input -p tcp -m multiport --dports 5800:65535 -j ACCEPT
-A ufw6-user-input -p udp -m multiport --dports 5800:65535 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 8888 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 8888 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 10086 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 10086 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 3306 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 3306 -j ACCEPT
-A ufw6-user-input -p tcp -m tcp --dport 9312 -j ACCEPT
-A ufw6-user-input -p udp -m udp --dport 9312 -j ACCEPT
-A ufw6-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] "
-A ufw6-user-limit -j REJECT --reject-with icmp6-port-unreachable
-A ufw6-user-limit-accept -j ACCEPT
COMMIT
# Completed on Tue May 26 16:29:33 2020

路由器

[K2P /opt/home/admin]# ip6tables-save
# Generated by ip6tables-save v1.4.16.3 on Tue May 26 16:30:25 2020
*filter
:INPUT ACCEPT [27740:2532665]
:FORWARD ACCEPT [119073:10481786]
:OUTPUT ACCEPT [47916:4615473]
:bfplimit - [0:0]
:logaccept - [0:0]
:maclist - [0:0]
:upnp - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD ! -o br0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
COMMIT
# Completed on Tue May 26 16:30:25 2020

18 .

@NowTime，RFC4941实施应该不会阻止非临时地址通信，而且无论如何链路本地地址通信肯定得是通的，没有公网也应该是通的。

你可以试试让那个设备

ping -6 fe80::a033:13a6:f785:ce86%eth0

这是你电脑的链路本地地址。

19 .

@老虎会游泳

这是你让我执行的

root@Chuwen:~# ping -6 fe80::a033:13a6:f785:ce86%eth0
PING fe80::a033:13a6:f785:ce86%eth0(fe80::a033:13a6:f785:ce86%eth0) 56 data bytes
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=9 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=10 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=11 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=12 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=13 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=14 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=16 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=17 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=19 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=20 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=22 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=23 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=25 Destination unreachable: Address unreachable
From fe80::7368:5996:c91e:e7f6%eth0 icmp_seq=26 Destination unreachable: Address unreachable
^C
--- fe80::a033:13a6:f785:ce86%eth0 ping statistics ---
27 packets transmitted, 0 received, +14 errors, 100% packet loss, time 26618ms

这个被 ping 的ip是从这个设备 ifconfig 找的

root@Chuwen:~# ping -6  fe80::7368:5996:c91e:e7f6%eth0
PING fe80::7368:5996:c91e:e7f6%eth0(fe80::7368:5996:c91e:e7f6%eth0) 56 data bytes
64 bytes from fe80::7368:5996:c91e:e7f6%eth0: icmp_seq=1 ttl=64 time=0.241 ms
64 bytes from fe80::7368:5996:c91e:e7f6%eth0: icmp_seq=2 ttl=64 time=0.177 ms
64 bytes from fe80::7368:5996:c91e:e7f6%eth0: icmp_seq=3 ttl=64 time=0.191 ms
64 bytes from fe80::7368:5996:c91e:e7f6%eth0: icmp_seq=4 ttl=64 time=0.168 ms
^C
--- fe80::7368:5996:c91e:e7f6%eth0 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3054ms
rtt min/avg/max/mdev = 0.168/0.194/0.241/0.029 ms