我的 Debian 有 IPv6 分配问题。接口分配了数百个IPv6公共地址:
$ ip addr | grep -c '2409:'
219
使用ip addr检查 IPv6 地址:
3: enp11s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:e0:4c:36:93:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global noprefixroute enp11s0
valid_lft forever preferred_lft forever
inet6 2409:8a50:a4e:92f0:6174:3f62:57cf:ba6a/64 scope global temporary dynamic
valid_lft 258842sec preferred_lft 85861sec
inet6 2409:8a50:a4e:92f0:f49d:44ca:8557:3ca5/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 258842sec preferred_lft 172442sec
inet6 2409:8a50:a46:c400:6174:3f62:57cf:ba6a/64 scope global temporary dynamic
valid_lft 258843sec preferred_lft 85861sec
inet6 2409:8a50:a46:c400:7541:7da1:5434:1741/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 258843sec preferred_lft 172443sec
inet6 2409:8a50:a46:c400:d05e:8af5:f6cf:f42f/64 scope global temporary dynamic
valid_lft 258554sec preferred_lft 85860sec
inet6 2409:8a50:a4e:92f0:d05e:8af5:f6cf:f42f/64 scope global temporary dynamic
valid_lft 258842sec preferred_lft 85860sec
inet6 2409:8a50:a4e:92f0:5999:8fc7:475b:ccef/64 scope global temporary dynamic
valid_lft 258303sec preferred_lft 85572sec
inet6 2409:8a50:a46:c400:5999:8fc7:475b:ccef/64 scope global temporary dynamic
valid_lft 258554sec preferred_lft 85572sec
inet6 2409:8a50:a46:c400:d9d3:ef05:bb58:ca07/64 scope global temporary dynamic
valid_lft 258137sec preferred_lft 85321sec
inet6 2409:8a50:a4e:92f0:d9d3:ef05:bb58:ca07/64 scope global temporary dynamic
valid_lft 258303sec preferred_lft 85321sec
inet6 2409:8a50:a4e:92f0:71c8:2bc:9942:9d25/64 scope global temporary dynamic
valid_lft 258051sec preferred_lft 85155sec
inet6 2409:8a50:a46:c400:71c8:2bc:9942:9d25/64 scope global temporary dynamic
valid_lft 258137sec preferred_lft 85155sec
.......
内核消息显示:
[496922.494943] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[497266.149336] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[497287.754771] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[497581.736350] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[498100.833291] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[498118.774008] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[498690.290277] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[499141.642258] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[499586.227054] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[499742.201967] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[499901.453946] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[499961.327580] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[500430.519108] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[500727.481891] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[500913.499238] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[500978.223144] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[501374.991352] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[501561.471323] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[501958.160961] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[502102.048465] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[502546.680738] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[502767.658846] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[503042.022824] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[505438.052608] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[505816.211563] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[506099.932168] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[506448.276145] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[506632.626997] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[507026.426232] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[507331.850194] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[507364.491312] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[507578.809108] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
[507628.593994] IPv6: ipv6_create_tempaddr: retry temporary address regeneration
........
并且/etc/init.d/networking restart不工作。
是什么原因造成的呢?以及如何解决?
谢谢!
答案1
可能的原因:IPv6 隐私被激活。这会为每个连接生成一个单独的 IPv6 地址,因此 IPv6 地址的基于硬件的部分可能不会用于识别正在使用的计算机。
在 debian 中,可以从以下位置查看设置
$cat /proc/sys/net/ipv6/conf/default/use_tempaddr
在哪里
0- 禁用1- 启用,更喜欢公共地址2- 启用,首选临时地址-1- 未设置/未知,使用默认值
在 NetworkManager 中禁用
签入任/etc/NetworkManager/conf.d/ip6-privacy.conf一
[connection]
ipv6.ip6-privacy=2
/etc/NetworkManager/system-connections/connection.example或者在for 的各个连接中
[ipv6]
ip6-privacy=2
将这些值设置为0并且最好还发送一个
echo 0 > /proc/sys/net/ipv6/conf/default/use_tempaddr
只是为了确定然后重新启动 NetworkManager。
现在临时地址生成已禁用,请检查地址是否已删除。如果没有,删除所有地址的操作如下:
#/bin/bash
ip a | grep global | grep -o '2409.[^ ]*' | while read address ; do
ip del $address dev enp11s0
done
ip addr add $address dev enp11s0
即只匹配全局 IPv6 地址,将其全部删除,但对于最后一个重新激活它。
PS:我很确定,使用正确的子网掩码,您实际上可能会跳过循环......