发送 wget 请求后无法 ping 通 ip 地址

发送 wget 请求后无法 ping 通 ip 地址

我在尝试访问远程网站地址时遇到问题。

请帮帮我。

首先,一切都好。

第二,发送一个 wget 请求,并接收“Connection Reset by Peer”

then.ping 不工作。

我发现命令“ip route get xxx”输出在发送 wget 后发生了变化。

和“ip 路由刷新缓存”可以修复 ping。但 wget 仍然无法工作。

CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0  src 192.168.1.179 

CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.858 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=180.024 ms
64 bytes from 104.26.12.50: seq=2 ttl=53 time=179.980 ms
^Z[1]+  Stopped                    ping 104.26.12.50

CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer

CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 104.26.12.50 dev eth0  src 192.168.1.179 

CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
^Z[2]+  Stopped                    ping 104.26.12.50

CoreELEC:~ # ip route flush cache

CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0  src 192.168.1.179 

CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.730 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=179.616 ms
^Z[3]+  Stopped                    ping 104.26.12.50

路由跟踪结果

CoreELEC:~ # ip route flush cache

CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
 1  192.168.1.1 (192.168.1.1)  0.770 ms  0.752 ms  0.650 ms
 2  10.11.128.1 (10.11.128.1)  3.400 ms  3.728 ms  3.249 ms
 3  211.136.62.237 (211.136.62.237)  5.067 ms  4.482 ms  4.310 ms
 4  111.24.14.45 (111.24.14.45)  4.594 ms  4.720 ms  4.791 ms
 5  111.24.2.110 (111.24.2.110)  16.499 ms^Z[1]+  Stopped                    traceroute 104.26.12.50

CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer

CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
 1  192.168.1.179 (192.168.1.179)  1675.641 ms !H  2751.899 ms !H  3000.313 ms !H
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
 1  192.168.1.179 (192.168.1.179)  724.558 ms !H  2989.973 ms !H  3000.084 ms !H

CoreELEC:~ # ip route flush cache

CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
 1  192.168.1.1 (192.168.1.1)  0.831 ms  0.907 ms  0.807 ms
 2  10.11.128.1 (10.11.128.1)  10.854 ms  7.432 ms  2.965 ms
 3  211.136.62.237 (211.136.62.237)  24.308 ms  7.107 ms  19.634 ms
 4  111.24.14.45 (111.24.14.45)  4.821 ms  4.816 ms  4.593 ms
 5^Z[2]+  Stopped                    traceroute 104.26.12.50

同一本地网络的另一台Mac:

bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
 1  192.168.1.1 (192.168.1.1)  3.779 ms  0.954 ms  0.986 ms
 2  10.11.128.1 (10.11.128.1)  3.959 ms  3.594 ms  3.680 ms
 3  211.136.62.237 (211.136.62.237)  5.088 ms  5.719 ms  4.760 ms
 4  111.24.14.45 (111.24.14.45)  5.277 ms  4.875 ms  5.072 ms
 5  111.24.2.106 (111.24.2.106)  7.508 ms
    111.24.2.110 (111.24.2.110)  5.291 ms
    111.24.17.157 (111.24.17.157)  5.907 ms
 6  221.176.21.150 (221.176.21.150)  38.841 ms  7.606 ms  9.093 ms
^C

bash-3.2$ wget https://104.26.12.50/
Connecting to 104.26.12.50:443... connected.
OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Unable to establish SSL connection.

bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
 1  192.168.1.1 (192.168.1.1)  3.674 ms  1.162 ms  1.141 ms
 2  10.11.128.1 (10.11.128.1)  4.327 ms  4.152 ms  4.043 ms
 3  211.136.62.237 (211.136.62.237)  5.764 ms  18.867 ms  19.749 ms
 4  111.24.14.45 (111.24.14.45)  7.277 ms  5.256 ms  5.969 ms
^C


我使用的是coreelec9.0.0(Linux3.14.29),BusyBox中的'ip'命令不支持完整选项。

CoreELEC:~ # cat /proc/version 
Linux version 3.14.29 (adamg@zulu) (gcc version 7.3.1 20180425 [linaro-7.3-2018.05 revision d29120a424ecfbc167ef90065c0eeb7f91977701] (Linaro GCC 7.3-2018.05) ) #1 SMP Sat Feb 16 12:49:23 GMT 2019

CoreELEC:~ # uname -a
Linux CoreELEC 3.14.29 #1 SMP Sat Feb 16 12:49:23 GMT 2019 aarch64 GNU/Linux

CoreELEC:~ # lsb_release -a
CoreELEC (official): 9.0.0


CoreELEC:~ # ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
    link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
    link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff

CoreELEC:~ # ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
    link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.179/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::fe7c:2ff:fee9:85c5/64 scope link 
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
    link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff

CoreELEC:~ # ip route
default via 192.168.1.1 dev eth0 
192.168.1.0/24 dev eth0 scope link  src 192.168.1.179 
192.168.1.1 dev eth0 scope link 

CoreELEC:~ # ip rule
0:  from all lookup local 
32766:  from all lookup main 
32767:  from all lookup default 

跟踪路径输出

CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
 1?: [LOCALHOST]                      pmtu 1500
 1:  192.168.1.1                                           1.169ms 
 1:  192.168.1.1                                           1.090ms 
 2:  192.168.1.1                                           1.064ms pmtu 1492
 2:  10.11.128.1                                           4.250ms 
 3:  211.136.62.237                                       31.305ms 
 4:  111.24.14.45                                          6.265ms 
 5:  111.24.17.157                                         6.674ms asymm  6 
 6:  221.176.21.150                                        7.991ms asymm  8 
 7:  221.183.25.202                                        7.046ms asymm  9 
 8:  221.183.55.113                                        9.257ms 
 9:  223.120.22.18                                         8.574ms asymm  8 
10:  223.120.6.54                                        180.044ms asymm 11 
11:  223.120.6.54                                        181.604ms 
^Z[1]+  Stopped                    tracepath -4 104.26.12.50

CoreELEC:~/.opt/bin # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer

CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
 1?: [LOCALHOST]                      pmtu 1492
 1:  192.168.1.179                                       375.207ms !H
 1:  192.168.1.179                                       2750.098ms !H
     Resume: pmtu 1492 

CoreELEC:~/.opt/bin # ip route flush cache

CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
 1?: [LOCALHOST]                      pmtu 1500
 1:  192.168.1.1                                           0.994ms 
 1:  192.168.1.1                                           0.776ms 
 2:  192.168.1.1                                           0.809ms pmtu 1492
 2:  10.11.128.1                                           5.180ms 
 3:  211.136.62.237                                       13.072ms 
 4:  111.24.14.45                                          4.863ms 
^Z[2]+  Stopped                    tracepath -4 104.26.12.50
CoreELEC:~/.opt/bin #

答案1

我来回答https问题。该端口上的加密已被破坏,或者它正在使用虚拟主机,在这种情况下,您需要使用主机名而不是 IP 地址进行连接。

localhost:~ $ openssl s_client -connect 104.26.12.50:443
CONNECTED(00000003)
139928269652608:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

答案2

通过将我的无线路由器(netgear R6400v2)的固件版本从 v1.0.4.106_10.0.80 降级到 v1.0.2.62_10.0.46 修复

相关内容