我无法连接到github.com
IF,只有当我尝试从 LAN 服务器(我们称之为其 FQDN server.com
)内部进行连接时才能这样做。如果我ssh server.com
然后尝试,比如说curl github.com
,会产生“无主机路由”类型的错误:
curl: (7) Failed to connect to github.com port 80: No route to host
有问题的服务器具有活动的 DNS (bind9)、DHCP、HTTP/s 和 SSH 服务,特别是它是 LAN 上所有机器的 DNS 解析器。请参阅帖子底部的一些有用信息。
我可以很好地连接到 GitHub任何但是,我的其他本地机器。
我该如何诊断并修复这个问题?
$ systemd-resolve github.com
github.com: 192.30.253.113
192.30.253.112
-- Information acquired via protocol DNS in 48.2ms.
-- Data is authenticated: no
$ host -v github.com
Trying "github.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47061
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 2
;; QUESTION SECTION:
;github.com. IN A
;; ANSWER SECTION:
github.com. 8 IN A 192.30.253.113
github.com. 8 IN A 192.30.253.112
;; AUTHORITY SECTION:
. 513652 IN NS a.root-servers.net.
. 513652 IN NS d.root-servers.net.
. 513652 IN NS k.root-servers.net.
. 513652 IN NS j.root-servers.net.
. 513652 IN NS c.root-servers.net.
. 513652 IN NS f.root-servers.net.
. 513652 IN NS h.root-servers.net.
. 513652 IN NS g.root-servers.net.
. 513652 IN NS b.root-servers.net.
. 513652 IN NS i.root-servers.net.
. 513652 IN NS e.root-servers.net.
. 513652 IN NS l.root-servers.net.
. 513652 IN NS m.root-servers.net.
;; ADDITIONAL SECTION:
E.ROOT-SERVERS.NET. 133062 IN AAAA 2001:500:a8::e
G.ROOT-SERVERS.NET. 483477 IN AAAA 2001:500:12::d0d
Received 347 bytes from 127.0.0.1#53 in 0 ms
Trying "github.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37084
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;github.com. IN AAAA
;; AUTHORITY SECTION:
github.com. 660 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Received 112 bytes from 127.0.0.1#53 in 0 ms
Trying "github.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39053
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 13, ADDITIONAL: 2
;; QUESTION SECTION:
;github.com. IN MX
;; ANSWER SECTION:
github.com. 844 IN MX 1 aspmx.l.google.com.
github.com. 844 IN MX 10 alt3.aspmx.l.google.com.
github.com. 844 IN MX 5 alt2.aspmx.l.google.com.
github.com. 844 IN MX 5 alt1.aspmx.l.google.com.
github.com. 844 IN MX 10 alt4.aspmx.l.google.com.
;; AUTHORITY SECTION:
. 513652 IN NS b.root-servers.net.
. 513652 IN NS j.root-servers.net.
. 513652 IN NS l.root-servers.net.
. 513652 IN NS e.root-servers.net.
. 513652 IN NS i.root-servers.net.
. 513652 IN NS m.root-servers.net.
. 513652 IN NS g.root-servers.net.
. 513652 IN NS k.root-servers.net.
. 513652 IN NS a.root-servers.net.
. 513652 IN NS f.root-servers.net.
. 513652 IN NS d.root-servers.net.
. 513652 IN NS c.root-servers.net.
. 513652 IN NS h.root-servers.net.
;; ADDITIONAL SECTION:
E.ROOT-SERVERS.NET. 133062 IN AAAA 2001:500:a8::e
G.ROOT-SERVERS.NET. 483477 IN AAAA 2001:500:12::d0d
Received 430 bytes from 127.0.0.1#53 in 0 ms
$ sudo traceroute -ITU github.com
traceroute to github.com (192.30.253.112), 30 hops max, 60 byte packets
1 server.com (192.168.0.2) 2998.275 ms !H 2998.252 ms !H 2998.238 ms !H
答案1
我怀疑这与我在 LAN 中使用子网有关192.168.0.0/16
,事实也确实如此。为了了解问题所在并最终解决它,我首先查询了服务器的路由,结果发现了一个奇怪的网络掩码:
# ip route show
default via 192.168.0.1 dev enp5s0 onlink
192.0.0.0/8 dev enp5s0 proto kernel scope link src 192.168.0.2
仔细查看后,我们/etc/network/interfaces
发现了罪魁祸首:
iface enp5s0 inet static
address 192.168.0.2
netmask 255.0.0.0
gateway 192.168.0.1
我记不清在设置服务器时 Ubuntu Server 安装是否提示我输入有关网络的详细信息,或者它是否默默地做出了上述假设。我实际上相信它出厂时就配置为需要子网10.0.0.0/8
,我一定是错误地将其更改为192.168.*.*
但忘记了网络掩码。
无论如何,我随后将上面的网络掩码更正为255.255.0.0
并执行systemctl restart networking
。运行ip route show
显示新的网络掩码已生效,但还奇怪的是,旧的。我必须明确删除旧路线,ip route delete 192.0.0.0/8 dev enp5s0
并然后一切顺利。
编辑:我的问题的第一部分(如何诊断)的答案是查看机器的路由,如果您遇到与我类似的网络连接问题,这可能是首先查看的好地方。