--语境--
我有一个带有 8 个接口的 Sokeris:em0 连接到桥接路由器 (ISP),em2 连接到我的 DMZ 网络 (Web 服务器)。我从 ISP 获得了一个 /56 前缀和 2 个 DNS IP,但没有网关 IP。
--问题--
我的 em0 没有获取公共 IPv6(仅本地链接)。
--故障排除--
我在线搜索并发现: - OBSD 5.7 不再需要 rtsol,因为它已包含在内核中。 - 必须禁用 IPv6 转发才能使用路由器广告。(这会导致问题,因为我必须在 em2 和 em0 之间转发 IPv6 以便客户访问 Web 服务器)
tcpdump 给出以下输出:tcpdump -vvnli em0 icmp6
05:09:27.184840 fe80::1 > ff02::1: icmp6: router advertisement(chlim=64, MO router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: fc:48:ef:c3:41:fe)(mtu: mtu=1500) [icmp6 cksum ok] [class 0xc0] (len 32, hlim 255)
05:10:26.292927 fe80::200:24ff:fed1:86bc > ff02::2: icmp6: router solicitation (src lladdr: 00:00:24:d1:86:bc) [icmp6 cksum ok] (len 16, hlim 255)
05:10:27.185659 fe80::1 > ff02::1: icmp6: router advertisement(chlim=64, MO router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: fc:48:ef:c3:41:fe)(mtu: mtu=1500) [icmp6 cksum ok] [class 0xc0] (len 32, hlim 255)
05:10:42.962787 fe80::1 > fe80::3a2c:4aff:fe07:b64e: icmp6: neighbor sol: who has fe80::3a2c:4aff:fe07:b64e(src lladdr: fc:48:ef:c3:41:fe) [icmp6 cksum ok] [class 0xc0] (len 32, hlim 255)
05:11:21.187692 fe80::1 > ff02::1: icmp6: router advertisement(chlim=64, MO router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: fc:48:ef:c3:41:fe)(mtu: mtu=1500) [icmp6 cksum ok] [class 0xc0] (len 32, hlim 255)
05:11:26.292308 fe80::200:24ff:fed1:86bc > ff02::2: icmp6: router solicitation (src lladdr: 00:00:24:d1:86:bc) [icmp6 cksum ok] (len 16, hlim 255)
05:11:27.186303 fe80::1 > ff02::1: icmp6: router advertisement(chlim=64, MO router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: fc:48:ef:c3:41:fe)(mtu: mtu=1500) [icmp6 cksum ok] [class 0xc0] (len 32, hlim 255)
--配置--
/etc/主机名.em0
inet XXXXXXXXXXXX 255.255.255.128 NONE media 1000baseTX
inet6 autoconf
没有 rtadvd、dhcpc6 文件
PF 没有影响,因为有或没有 PF 结果都是一样的。
sysctl |grep inet6
net.inet6.ip6.forwarding=0
net.inet6.ip6.redirect=0
net.inet6.ip6.hlim=64
net.inet6.ip6.mrtproto=103
net.inet6.ip6.maxfragpackets=200
net.inet6.ip6.log_interval=5
net.inet6.ip6.hdrnestlimit=10
net.inet6.ip6.dad_count=1
net.inet6.ip6.auto_flowlabel=1
net.inet6.ip6.defmcasthlim=1
net.inet6.ip6.use_deprecated=0
net.inet6.ip6.rr_prune=5
net.inet6.ip6.v6only=1
net.inet6.ip6.maxfrags=200
net.inet6.ip6.mforwarding=0
net.inet6.ip6.multipath=0
net.inet6.ip6.multicast_mtudisc=0
net.inet6.ip6.neighborgcthresh=2048
net.inet6.ip6.maxifprefixes=16
net.inet6.ip6.maxifdefrouters=16
net.inet6.ip6.maxdynroutes=4096
net.inet6.ip6.dad_pending=0
net.inet6.ip6.mtudisctimeout=600
net.inet6.ip6.ifq.len=0
net.inet6.ip6.ifq.maxlen=256
net.inet6.ip6.ifq.drops=0
net.inet6.icmp6.redirtimeout=600
net.inet6.icmp6.nd6_prune=1
net.inet6.icmp6.nd6_delay=5
net.inet6.icmp6.nd6_umaxtries=3
net.inet6.icmp6.nd6_mmaxtries=3
net.inet6.icmp6.errppslimit=100
net.inet6.icmp6.nd6_maxnudhint=0
net.inet6.icmp6.mtudisc_hiwat=1280
net.inet6.icmp6.mtudisc_lowat=256
net.inet6.icmp6.nd6_debug=0
net.inet6.divert.recvspace=65636
net.inet6.divert.sendspace=65636
有人遇到过同样的问题吗?它可能适用于广泛的 dhcp 客户端,但它应该可以开箱即用。
谢谢!