昨天,我的 DEBIAN 服务器宕机了,我不得不重启。之后,几个网站都无法访问,我发现 3 上的 2 个 IP 无法 ping 通。主 IP 仍然有效,连接的网站也可以工作。LAMP 没问题。
当我从外部(例如从我电脑上的 CMD 窗口) ping IP 时,它没有响应(超时)当我从内部(例如从 SSH 窗口) ping 时,它会响应。
这里是 ifconfig:
eth0 Link encap:Ethernet HWaddr 38:60:77:59:ab:d5
inet adr:94.23.45.172 Bcast:94.23.45.255 Masque:255.255.255.0
adr inet6: fe80::3a60:77ff:fe59:abd5/64 Scope:Lien
adr inet6: 2001:41d0:2:2eac::/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30087 errors:0 dropped:8 overruns:0 frame:0
TX packets:42372 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
RX bytes:3059473 (2.9 MiB) TX bytes:42177957 (40.2 MiB)
Interruption:20 Mémoire:fe500000-fe520000
eth0:0 Link encap:Ethernet HWaddr 38:60:77:59:ab:d5
inet adr:91.121.34.20 Bcast:91.121.34.255 Masque:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interruption:20 Mémoire:fe500000-fe520000
eth0:1 Link encap:Ethernet HWaddr 38:60:77:59:ab:d5
inet adr:149.202.31.242 Bcast:149.202.31.255 Masque:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interruption:20 Mémoire:fe500000-fe520000
lo Link encap:Boucle locale
inet adr:127.0.0.1 Masque:255.0.0.0
adr inet6: ::1/128 Scope:Hôte
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:3952 errors:0 dropped:0 overruns:0 frame:0
TX packets:3952 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:591562 (577.6 KiB) TX bytes:591562 (577.6 KiB)
我什么也没看到。你能帮忙吗?
[编辑]
当我在远处的 CMD 窗口下跟踪路线时:
有效的 IP:
C:\Users\Bruno>tracert 94.23.45.172
Détermination de l'itinéraire vers ns3453432.ip-94-23-45.eu [94.23.45.172]
avec un maximum de 30 sauts :
1 <1 ms <1 ms <1 ms OpenWrt.lan [192.168.29.1]
2 1 ms 2 ms 2 ms 172.31.131.1
3 37 ms 37 ms 37 ms 10.0.131.1
4 48 ms * * ovh.franceix.net [37.49.236.144]
5 48 ms 47 ms 48 ms gsw-g1-a9.fr.eu [213.186.32.210]
6 52 ms 52 ms 52 ms rbx-g2-a9.fr.eu [91.121.131.213]
7 51 ms 51 ms 51 ms vss-1b-6k.fr.eu [91.121.131.74]
8 52 ms 52 ms 52 ms ns3453432.ip-94-23-45.eu [94.23.45.172]
Itinéraire déterminé.
不起作用的IP:
C:\Users\Bruno>tracert 149.202.31.242
Détermination de l'itinéraire vers ip242.ip-149-202-31.eu [149.202.31.242]
avec un maximum de 30 sauts :
1 <1 ms <1 ms <1 ms OpenWrt.lan [192.168.29.1]
2 2 ms 1 ms 1 ms 172.31.131.1
3 37 ms 36 ms 37 ms 10.0.131.1
4 47 ms * * ovh.franceix.net [37.49.236.144]
5 49 ms 49 ms 48 ms gsw-g1-a9.fr.eu [213.186.32.210]
6 52 ms 51 ms 52 ms rbx-g2-a9.fr.eu [91.121.131.213]
7 53 ms 52 ms 53 ms vss-1b-6k.fr.eu [91.121.131.74]
8 * * * Délai d'attente de la demande dépassé.
9 * * * Délai d'attente de la demande dépassé.
10 * * * Délai d'attente de la demande dépassé.
11 * * * Délai d'attente de la demande dépassé.
12 * * * Délai d'attente de la demande dépassé.
13 * * * Délai d'attente de la demande dépassé.
14 * * ^C
这表明目标服务器不一样:
- ns3453432.ip-94-23-45.eu => 好的,这是我的服务器
- ip242.ip-149-202-31.eu => NOK,我不知道这个服务器是什么?也许正常?我的提供商的 IP 服务器?
[编辑]
“ip 地址”的结果:
: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 56:3d:d8:48:8f:18 brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN
link/ether b6:7a:a9:a6:7f:e3 brd ff:ff:ff:ff:ff:ff
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 38:60:77:59:ab:d5 brd ff:ff:ff:ff:ff:ff
inet 94.23.45.172/24 brd 94.23.45.255 scope global eth0
valid_lft forever preferred_lft forever
inet 91.121.34.20/24 brd 91.121.34.255 scope global eth0:0
valid_lft forever preferred_lft forever
inet 149.202.31.242/24 brd 149.202.31.255 scope global eth0:1
valid_lft forever preferred_lft forever
inet6 2001:41d0:2:2eac::/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::3a60:77ff:fe59:abd5/64 scope link
valid_lft forever preferred_lft forever
5: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/ipip 0.0.0.0 brd 0.0.0.0
6: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
7: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN
link/tunnel6 :: brd ::
不知道有没有帮助啊?
[编辑]
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:2222
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:8443
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:1337
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:2222
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:ntp
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s
ACCEPT tcp -- anywhere anywhere tcp dpt:iscsi-target state NEW,ESTABLISHED
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
和路线:
Table de routage IP du noyau
Destination Passerelle Genmask Indic Metric Ref Use Iface
default vss-gw-6k.fr.eu 0.0.0.0 UG 0 0 0 eth0
91.121.34.0 * 255.255.255.0 U 0 0 0 eth0
94.23.45.0 * 255.255.255.0 U 0 0 0 eth0
149.202.31.0 * 255.255.255.0 U 0 0 0 eth0