我在尝试访问远程网站地址时遇到问题。
请帮帮我。
首先,一切都好。
第二,发送一个 wget 请求,并接收“Connection Reset by Peer”
then.ping 不工作。
我发现命令“ip route get xxx”输出在发送 wget 后发生了变化。
和“ip 路由刷新缓存”可以修复 ping。但 wget 仍然无法工作。
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.858 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=180.024 ms
64 bytes from 104.26.12.50: seq=2 ttl=53 time=179.980 ms
^Z[1]+ Stopped ping 104.26.12.50
CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 104.26.12.50 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
^Z[2]+ Stopped ping 104.26.12.50
CoreELEC:~ # ip route flush cache
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.730 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=179.616 ms
^Z[3]+ Stopped ping 104.26.12.50
路由跟踪结果
CoreELEC:~ # ip route flush cache
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.1 (192.168.1.1) 0.770 ms 0.752 ms 0.650 ms
2 10.11.128.1 (10.11.128.1) 3.400 ms 3.728 ms 3.249 ms
3 211.136.62.237 (211.136.62.237) 5.067 ms 4.482 ms 4.310 ms
4 111.24.14.45 (111.24.14.45) 4.594 ms 4.720 ms 4.791 ms
5 111.24.2.110 (111.24.2.110) 16.499 ms^Z[1]+ Stopped traceroute 104.26.12.50
CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.179 (192.168.1.179) 1675.641 ms !H 2751.899 ms !H 3000.313 ms !H
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.179 (192.168.1.179) 724.558 ms !H 2989.973 ms !H 3000.084 ms !H
CoreELEC:~ # ip route flush cache
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.1 (192.168.1.1) 0.831 ms 0.907 ms 0.807 ms
2 10.11.128.1 (10.11.128.1) 10.854 ms 7.432 ms 2.965 ms
3 211.136.62.237 (211.136.62.237) 24.308 ms 7.107 ms 19.634 ms
4 111.24.14.45 (111.24.14.45) 4.821 ms 4.816 ms 4.593 ms
5^Z[2]+ Stopped traceroute 104.26.12.50
同一本地网络的另一台Mac:
bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 3.779 ms 0.954 ms 0.986 ms
2 10.11.128.1 (10.11.128.1) 3.959 ms 3.594 ms 3.680 ms
3 211.136.62.237 (211.136.62.237) 5.088 ms 5.719 ms 4.760 ms
4 111.24.14.45 (111.24.14.45) 5.277 ms 4.875 ms 5.072 ms
5 111.24.2.106 (111.24.2.106) 7.508 ms
111.24.2.110 (111.24.2.110) 5.291 ms
111.24.17.157 (111.24.17.157) 5.907 ms
6 221.176.21.150 (221.176.21.150) 38.841 ms 7.606 ms 9.093 ms
^C
bash-3.2$ wget https://104.26.12.50/
Connecting to 104.26.12.50:443... connected.
OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Unable to establish SSL connection.
bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 3.674 ms 1.162 ms 1.141 ms
2 10.11.128.1 (10.11.128.1) 4.327 ms 4.152 ms 4.043 ms
3 211.136.62.237 (211.136.62.237) 5.764 ms 18.867 ms 19.749 ms
4 111.24.14.45 (111.24.14.45) 7.277 ms 5.256 ms 5.969 ms
^C
我使用的是coreelec9.0.0(Linux3.14.29),BusyBox中的'ip'命令不支持完整选项。
CoreELEC:~ # cat /proc/version
Linux version 3.14.29 (adamg@zulu) (gcc version 7.3.1 20180425 [linaro-7.3-2018.05 revision d29120a424ecfbc167ef90065c0eeb7f91977701] (Linaro GCC 7.3-2018.05) ) #1 SMP Sat Feb 16 12:49:23 GMT 2019
CoreELEC:~ # uname -a
Linux CoreELEC 3.14.29 #1 SMP Sat Feb 16 12:49:23 GMT 2019 aarch64 GNU/Linux
CoreELEC:~ # lsb_release -a
CoreELEC (official): 9.0.0
CoreELEC:~ # ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff
CoreELEC:~ # ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.179/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::fe7c:2ff:fee9:85c5/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff
CoreELEC:~ # ip route
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 scope link src 192.168.1.179
192.168.1.1 dev eth0 scope link
CoreELEC:~ # ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
跟踪路径输出
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1500
1: 192.168.1.1 1.169ms
1: 192.168.1.1 1.090ms
2: 192.168.1.1 1.064ms pmtu 1492
2: 10.11.128.1 4.250ms
3: 211.136.62.237 31.305ms
4: 111.24.14.45 6.265ms
5: 111.24.17.157 6.674ms asymm 6
6: 221.176.21.150 7.991ms asymm 8
7: 221.183.25.202 7.046ms asymm 9
8: 221.183.55.113 9.257ms
9: 223.120.22.18 8.574ms asymm 8
10: 223.120.6.54 180.044ms asymm 11
11: 223.120.6.54 181.604ms
^Z[1]+ Stopped tracepath -4 104.26.12.50
CoreELEC:~/.opt/bin # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1492
1: 192.168.1.179 375.207ms !H
1: 192.168.1.179 2750.098ms !H
Resume: pmtu 1492
CoreELEC:~/.opt/bin # ip route flush cache
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1500
1: 192.168.1.1 0.994ms
1: 192.168.1.1 0.776ms
2: 192.168.1.1 0.809ms pmtu 1492
2: 10.11.128.1 5.180ms
3: 211.136.62.237 13.072ms
4: 111.24.14.45 4.863ms
^Z[2]+ Stopped tracepath -4 104.26.12.50
CoreELEC:~/.opt/bin #
答案1
我来回答https问题。该端口上的加密已被破坏,或者它正在使用虚拟主机,在这种情况下,您需要使用主机名而不是 IP 地址进行连接。
localhost:~ $ openssl s_client -connect 104.26.12.50:443
CONNECTED(00000003)
139928269652608:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
答案2
通过将我的无线路由器(netgear R6400v2)的固件版本从 v1.0.4.106_10.0.80 降级到 v1.0.2.62_10.0.46 修复