我有一台 Linux 计算机(Ubuntu 22.04),它有 2 个接口,分别位于不同的 VLAN 上。一个接口应通过 ipv4 作为默认网关,另一个接口应通过 ipv6 连接。
这是我的配置
network:
version: 2
ethernets:
wan:
match:
macaddress: fa:a1:d2:cd:8b:35
set-name: wan
addresses:
- 2000:3000::d17/48
dhcp4: false
dhcp6: false
accept-ra: false
vpn:
match:
macaddress: fa:08:df:79:9b:b5
set-name: vpn
addresses:
- 172.29.1.17/24
dhcp4: false
dhcp6: false
routes:
- to: 172.29.29.0/24
via: 172.29.1.1
nameservers:
addresses:
- 1.1.1.1
ip -6 route
2000:3000::/48 dev wan proto kernel metric 256 pref medium
fe80::/64 dev vpn proto kernel metric 256 pref medium
fe80::/64 dev wan proto kernel metric 256 pref medium
ip -6 neighbour
fe80::c6aa:bbcc:fe48:4681 dev wan lladdr aa:bb:cc:48:46:81 router STALE
2000:3000::1 dev wan lladdr aa:bb:cc:48:46:81 router STALE
IPv6 网关应该是
ping -6 2000:3000::1
PING 2000:3000::1(2000:300::1) 56 data bytes
64 bytes from 2000:3000::1: icmp_seq=1 ttl=64 time=0.727 ms
64 bytes from 2000:3000::1: icmp_seq=2 ttl=64 time=0.278 ms
这对于 VPN 接口来说很好,但 WAN ipv6 没有路由,所以我无法通过 ipv6 从外部访问它。我该如何添加路由?
答案1
我扩展了你的 netplan 文件,添加了静态默认 ipv6 路由
network:
version: 2
ethernets:
wan:
match:
macaddress: fa:a1:d2:cd:8b:35
set-name: wan
addresses:
- 2000:3000::d17/48
dhcp4: false
dhcp6: false
accept-ra: false
routes:
- to: ::/0
via: "2000:3000::1"
on-link: true
vpn:
match:
macaddress: fa:08:df:79:9b:b5
set-name: vpn
addresses:
- 172.29.1.17/24
dhcp4: false
dhcp6: false
routes:
- to: 172.29.29.0/24
via: 172.29.1.1
nameservers:
addresses:
- 1.1.1.1
此 netplan 文件不包含 IPv4 的默认路由,猜测这符合您的用例。我不确定此行on-link: true
是否需要,但它在我的配置中...