我有一台 ubuntu 机器(22.04 LTS),具有多个网络接口并且禁用了防火墙。
当我 ping /traceroute 任何外部 IP 地址时,它会按预期工作,但有一个例外:178.x.x.x。如果我从任何其他机器 ping 这个 IP,它工作正常,但从这个安装库它只是超时。
我试图查看 ip 路由/netplan 配置,但我无法弄清楚。
ip r:
default via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.57 metric 100
51.x.x.0/24 dev eno1 proto kernel scope link src 51.x.x.57 metric 100
51.x.x.254 dev eno1 proto dhcp scope link src 51.x.x.57 metric 100
192.168.169.0/24 dev eno2 proto kernel scope link src 192.168.169.3
213.x.x.99 via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.57 metric 100
和ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
最后traceroute 178.x.x.x:
traceroute to 178.x.x.x (178.x.x.x), 64 hops max
1 51.x.x.252 0.529ms 0.408ms 0.383ms
2 * * *
3 * * *
4 * * *
5 * * *
这让我抓狂,因为我无法弄清楚出了什么问题以及为什么在这台机器上无法访问该 IP(在其他机器上它工作得很好)。
netplan get all返回:
network:
version: 2
renderer: networkd
ethernets:
lo:
dhcp4: false
optional: true
addresses:
- 127.0.0.1/8
eno1:
accept-ra: false
addresses:
- 51.x.x.57/24
dhcp4: false
match:
macaddress: x:x:x:x:x:x
set-name: eno1
eno2:
match:
macaddress: x:x:x:x:x:x
addresses:
- 192.168.169.3/24
dhcp4: false
set-name: eno2
routes:
- to: default
via: 255.255.255.0
on-link: true
编辑:
有 3 台机器(对所有内容进行完全 ssh 访问),所有机器都使用相同的网关51.x.x.254,地址178.x.x.x位于其中一台机器上。它178.x.x.x可以从外部访问,但不能从其中一台机器(我遇到问题的机器)访问。如果我跟踪除相关 IP 之外的任何其他内容,它会按预期工作。
编辑2:
所有 3 台机器上的防火墙均已禁用。178.x.x.x它在第一台机器上配置的地址为:
network:
version: 2
ethernets:
eno1:
optional: true
nameservers:
addresses:
- 8.8.8.8
addresses:
- "178.x.x.x/29"
- "51.x.x.55/24"
dhcp4: false
set-name: "eno1"
eno2:
addresses:
- "192.168.169.1/24"
dhcp4: false
ip -br link; ip -4 -br addr; ip -4 rule; ip -4 neigh ; ip -4 route从第一台机器开始:
lo UNKNOWN <LOOPBACK,UP,LOWER_UP>
enx8ac862b39a5b DOWN <BROADCAST,MULTICAST>
eno1 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
eno2 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
lo UNKNOWN 127.0.0.1/8
eno1 UP 178.x.x.x/29 51.x.x.55/24 metric 100
eno2 UP 192.168.169.1/24
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
51.x.x.254 dev eno1 lladdr REACHABLE
192.168.169.6 dev eno2 lladdr REACHABLE
192.168.169.3 dev eno2 lladdr REACHABLE
192.168.169.5 dev eno2 lladdr REACHABLE
192.168.169.4 dev eno2 lladdr REACHABLE
192.168.169.2 dev eno2 lladdr REACHABLE
51.x.x.57 dev eno1 lladdr REACHABLE
51.x.x.56 dev eno1 lladdr REACHABLE
51.x.x.253 dev eno1 lladdr STALE
51.x.x.252 dev eno1 lladdr STALE
default via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.55 metric 100
51.x.x.0/24 dev eno1 proto kernel scope link src 51.x.x.55 metric 100
51.x.x.254 dev eno1 proto dhcp scope link src 51.x.x.55 metric 100
178.x.x.x/29 dev eno1 proto kernel scope link src 178.x.x.x
192.168.169.0/24 dev eno2 proto kernel scope link src 192.168.169.1
213.x.x.99 via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.55 metric 100
178.x.x.x可以访问它的第二台机器配置为:
network:
version: 2
renderer: networkd
ethernets:
eno1:
addresses:
- "51.x.x.56/24"
nameservers:
addresses:
- 8.8.8.8
dhcp4: false
set-name: "eno1"
eno2:
addresses:
- "192.168.169.2/24"
dhcp4: false
ip -br link; ip -4 -br addr; ip -4 rule; ip -4 neigh ; ip -4 route从第二台机器
lo UNKNOWN <LOOPBACK,UP,LOWER_UP>
enx7e6c479cb2e0 DOWN <BROADCAST,MULTICAST>
eno1 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
eno2 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
lo UNKNOWN 127.0.0.1/8
eno1 UP 51.x.x.56/24
eno2 UP 192.168.169.2/24
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
192.168.169.3 dev eno2 lladdr REACHABLE
192.168.169.1 dev eno2 lladdr REACHABLE
51.x.x.56 dev eno1 lladdr REACHABLE
51.x.x.57 dev eno1 lladdr REACHABLE
51.x.x.252 dev eno1 lladdr STALE
51.x.x.253 dev eno1 lladdr STALE
51.x.x.254 dev eno1 lladdr REACHABLE
default via 51.x.x.254 dev eno1 proto static onlink
51.x.x.0/24 dev eno1 proto kernel scope link src 51.x.x.56
192.168.169.0/24 dev eno2 proto kernel scope link src 192.168.169.2
ip -br link; ip -4 -br addr; ip -4 rule; ip -4 neigh ; ip -4 route从第三台机器(无法到达的机器178.x.x.x):
lo UNKNOWN <LOOPBACK,UP,LOWER_UP>
enx7e6c479cb2e0 DOWN <BROADCAST,MULTICAST>
eno1 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
eno2 UP <BROADCAST,MULTICAST,UP,LOWER_UP>
lo UNKNOWN 127.0.0.1/8
eno1 UP 51.x.x.57/24
eno2 UP 192.168.169.3/24
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
192.168.169.2 dev eno2 lladdr REACHABLE
192.168.169.1 dev eno2 lladdr REACHABLE
51.x.x.56 dev eno1 lladdr REACHABLE
51.x.x.55 dev eno1 lladdr REACHABLE
51.x.x.252 dev eno1 lladdr STALE
51.x.x.253 dev eno1 lladdr STALE
51.x.x.254 dev eno1 lladdr REACHABLE
default via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.57 metric 100
51.x.x.0/24 dev eno1 proto kernel scope link src 51.x.x.57 metric 100
51.x.x.254 dev eno1 proto dhcp scope link src 51.x.x.57 metric 100
192.168.169.0/24 dev eno2 proto kernel scope link src 192.168.169.3
213.x.x.99 via 51.x.x.254 dev eno1 proto dhcp src 51.x.x.57 metric 100
nft list ruleset所有 3 台机器上也都是空的