Solaris 10 共享 IP 区域网络问题:连接进入(缓慢),但无法出去

Solaris 10 共享 IP 区域网络问题:连接进入(缓慢),但无法出去

我在使用 Solaris 共享 IP 区域时遇到了网络问题 —— 连接速度非常慢;连接失败(除了从本地区域通过 IP 地址 ping 全局区域会返回一个数据包。)

以下是从全局区域看到的景象。我将不可能的 IP 前缀 256.115.99 替换为真实的(静态的、全局可访问的)前缀,以保护无辜者——如果“256”让你眼花缭乱,我深表歉意。

# uname -a
SunOS ucblibrary10t 5.10 Generic_142900-08 sun4u sparc SUNW,Sun-Fire-280R

# ifconfig -a4         
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        zone alpha
        inet 127.0.0.1 netmask ff000000 
ce0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 256.115.99.112 netmask ffffff00 broadcast 256.115.99.255
        ether 0:3:ba:95:ff:9d 
ce0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        zone alpha
        inet 172.16.27.27 netmask ffffff00 broadcast 172.16.27.255

# netstat -rn

Routing Table: IPv4
  Destination           Gateway           Flags  Ref     Use     Interface 
-------------------- -------------------- ----- ----- ---------- --------- 
default              256.115.99.1         UG        1      64672           
default              172.16.27.16         UG        1     130879 ce0       
256.115.99.0         256.115.99.112       U         1       7614 ce0       
224.0.0.0            256.115.99.112       U         1          0 ce0       
127.0.0.1            127.0.0.1            UH       11   19515531 lo0       

# ping alpha
alpha is alive
# ping -s alpha
PING alpha: 56 data bytes
64 bytes from alpha (172.16.27.27): icmp_seq=0. time=0.302 ms
64 bytes from alpha (172.16.27.27): icmp_seq=1. time=0.198 ms
64 bytes from alpha (172.16.27.27): icmp_seq=2. time=0.168 ms
64 bytes from alpha (172.16.27.27): icmp_seq=3. time=0.142 ms
64 bytes from alpha (172.16.27.27): icmp_seq=4. time=0.129 ms
64 bytes from alpha (172.16.27.27): icmp_seq=5. time=0.133 ms
^C
----alpha PING Statistics----

6 packets transmitted, 6 packets received, 0% packet loss
round-trip (ms)  min/avg/max/stddev = 0.129/0.179/0.302/0.066

# zonecfg -z alpha info
zonename: alpha
zonepath: /var/zones/alpha
brand: native
autoboot: false
bootargs: 
pool: 
limitpriv: 
scheduling-class: 
ip-type: shared
inherit-pkg-dir:
 dir: /lib
inherit-pkg-dir:
 dir: /platform
inherit-pkg-dir:
 dir: /sbin
inherit-pkg-dir:
 dir: /usr
net:
 address: 172.16.27.27/24
 physical: ce0
 defrouter: 172.16.27.16

# cat /etc/hosts

# Internet host table
#
#::1 localhost 
127.0.0.1 localhost 
256.115.99.112 mymachine.mydomain.com
172.16.27.27 alpha

# cat /etc/defaultrouter
172.16.27.16

# ssh -vvv alpha
debug: Connecting to alpha, port 22... (SOCKS not used)
debug: Ssh2Transport/trcommon.c:3665/ssh_tr_create: My version: SSH-1.99-3.2.3 SSH Secure Shell (non-commercial)
debug: client supports 3 auth methods: 'publickey,keyboard-interactive,password'
debug: Ssh2Common/sshcommon.c:537/ssh_common_wrap: local ip = 256.115.99.112, local port = 61423
debug: Ssh2Common/sshcommon.c:539/ssh_common_wrap: remote ip = 172.16.27.27, remote port = 22
debug: SshConnection/sshconn.c:1945/ssh_conn_wrap: Wrapping...
debug: SshReadLine/sshreadline.c:2414/ssh_readline_eloop_initialize: Initializing ReadLine...
debug: Remote version: SSH-2.0-3.2.3 SSH Secure Shell (non-commercial)
debug: Major: 3 Minor: 2 Revision: 3
debug: Ssh2Transport/trcommon.c:1356/ssh_tr_negotiate: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1422/ssh_tr_negotiate: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1425/ssh_tr_negotiate: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Remote host key found from database.
debug: Ssh2Common/sshcommon.c:332/ssh_common_special: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common/sshcommon.c:382/ssh_common_special: Received SSH_CROSS_ALGORITHMS packet from connection protocol.
debug: server offers auth methods 'publickey,password'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1742/ssh_client_auth_pubkey: Starting pubkey auth...
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1699/ssh_client_auth_pubkey_agent_open_complete: Agent is not running.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1497/ssh_client_auth_pubkey_agent_list_complete: Got 0 keys from the agent.
debug: SshConfig/sshconfig.c:2717/ssh2_parse_config_ext: Unable to open /root/.ssh2/identification
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1477/ssh_client_auth_pubkey_add_candidates: Trying 0 key candidates.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:931/ssh_client_auth_pubkey_try_this_candidate: All keys declined by server, disabling method.
debug: Ssh2AuthClient/sshauthc.c:319/ssh_authc_completion_proc: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,password'.
debug: Ssh2AuthPasswdClient/authc-passwd.c:105/ssh_client_auth_passwd: Starting password auth...
root's password: 

(当 ssh 时,它会在“初始化 ReadLine...”处挂起半分钟以上)

以下是该区域内的景观:

bash-3.00# cat /etc/hosts
#
# Internet host table
#
::1     localhost       
127.0.0.1       localhost
172.16.27.27    alpha   loghost

bash-3.00# ifconfig -a4
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
ce0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 172.16.27.27 netmask ffffff00 broadcast 172.16.27.255
bash-3.00# netstat -ran

Routing Table: IPv4
  Destination           Gateway           Flags  Ref     Use     Interface 
-------------------- -------------------- ----- ----- ---------- --------- 
default              172.16.27.16         UG        1     130677 ce0       
172.16.27.0          172.16.27.27         U         1        226 ce0:1     
224.0.0.0            172.16.27.27         U         1          0 ce0:1     
0.0.0.0              172.16.27.27         UHB       1          0 ce0:1     
0.0.0.0              172.16.27.27         UHB       1          0 ce0:1     
172.16.255.255       172.16.27.27         UHB       1          0 ce0:1     
172.16.255.255       172.16.27.27         UHB       1          0 ce0:1     
172.16.27.255        172.16.27.27         UHB       1          0 ce0:1     
172.16.27.255        172.16.27.27         UHB       1          0 ce0:1     
172.16.27.0          172.16.27.27         UHB       1          0 ce0:1     
172.16.27.0          172.16.27.27         UHB       1          0 ce0:1     
172.16.27.27             --               UHL       7         80 ce0:1     
172.16.0.0           172.16.27.27         UHB       1          0 ce0:1     
172.16.0.0           172.16.27.27         UHB       1          0 ce0:1     
255.255.255.255      172.16.27.27         UHB       1          0 ce0:1     
255.255.255.255      172.16.27.27         UHB       1          0 ce0:1     
127.0.0.1            127.0.0.1            UH        4        127 lo0:1     
bash-3.00# ping 256.115.99.112
256.115.99.112 is alive
bash-3.00# ping -s 256.115.99.112
PING 256.115.99.112: 56 data bytes
^C
----256.115.99.112 PING Statistics----
6 packets transmitted, 1 packets received, 83% packet loss
round-trip (ms)  min/avg/max/stddev = 9.22e+15/0.00/0.00/NaN
bash-3.00# ping google.com
ping: unknown host google.com

我在 /etc/nsswitch.conf 中有“hosts:files dns”,并且在 /etc/resolv.conf 中定义了名称服务器,但 ping 操作并未从名称服务器得到任何答复。

非常感谢您的任何建议,谢谢。

答案1

您应该在全局区域中拥有一个与非全局区域位于同一网络“172.16.27”中的 IP,并使用该 IP 而不是“256.115.99”进行通信。

相关内容