我昨晚更换了路由器,现在电脑和无线都很好。我的开发网络服务器似乎很好,我可以通过 SSH 等访问我的任何网站,但是我注意到我无法访问互联网。
我有一个设置了静态 IP 的 Ubuntu 18.04 实例,但是使用 DHCP 进行了测试,并且遇到了与 SSH 等相同的情况,但无法访问互联网。
我猜我的配置是/etc/netplan不适/etc/network/interfaces用于这个版本的 ubuntu,所以设置了下面的配置,它们似乎给了我一个有效的网络连接(虽然我把两者都设置得和最初一样,但我使用后者,但没有起作用):
/etc/netplan/01-netcfg.yaml:
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [192.168.1.6/24]
gateway4: 192.168.1.254
nameservers:
addresses: [8.8.8.8,8.8.4.4]
ifconfig:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a60:6eff:fee5:e58b prefixlen 64 scopeid 0x20<link>
ether 08:60:6e:e5:e5:8b txqueuelen 1000 (Ethernet)
RX packets 29347 bytes 3199867 (3.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4103 bytes 484556 (484.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
/sbin/route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
卷曲 192.168.1.254:
curl: (7) Failed to connect to 192.168.1.254 port 80: No route to host
平失败8.8.8.8,但我的网关/路由器却可以连接到网络上的其他设备。我的新 Draytek 似乎不喜欢我的服务器。路由器的系统日志中似乎没有显示与我的服务器相关的任何内容,因此感觉防火墙也没有阻止任何东西。我相信 Ubuntu 上的防火墙也已禁用:
ufw status
Status: inactive
进一步调查显示,从路由器本身我只能 ping 几台机器,不确定这意味着什么,但从 Ubuntu 盒子我可以 ping 不同的机器。
Ping out of Ubuntu 18.04
192.168.1.6 > 192.168.1.20 Ping OK
192.168.1.6 > 192.168.1.254 No Ping
192.168.1.6 > 192.168.1.1 Ping Ok
192.168.1.6 > 192.168.1.53 No Ping
Ping out of Router (Draytek 2960)
192.168.1.254 > 192.168.1.20 No Ping
192.168.1.254 > 192.168.1.6 No Ping
192.168.1.254 > 192.168.1.1 Ping OK
192.168.1.254 > 192.168.1.53 No Ping
Ping out of my Windows Machines
192.168.1.53 > 192.168.1.20 Ping OK
192.168.1.53 > 192.168.1.6 Ping OK
192.168.1.53 > 192.168.1.254 Ping OK
192.168.1.53 > 192.168.1.1 Ping OK
因此 Windows 机器似乎很顺利,只是一些非 Windows 设备似乎无法与路由器配合使用。1.20 是打印机,1.1 是此处的主域服务器。
TCPDUMP 结果:
sudo tcpdump -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
12:38:12.353881 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 25, length 40
12:38:12.353922 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 25, length 40
12:38:13.357746 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 26, length 40
12:38:13.357769 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 26, length 40
12:38:14.365890 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 27, length 40
12:38:14.365917 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 27, length 40
12:38:15.372843 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 28, length 40
12:38:50.417412 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 0, length 64
12:38:51.417819 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 1, length 64
12:38:52.418246 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 2, length 64
12:38:53.418592 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 3, length 64
12:38:54.419015 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 4, length 64
12:46:36.801414 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 1, length 64
12:46:37.801809 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 2, length 64
12:46:38.821929 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 3, length 64
12:46:39.845948 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 4, length 64
12:46:40.869947 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 5, length 64
12:46:41.869836 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 6, length 64
首先是从 Windows 到 Ubuntu Box。然后从路由器到 Ubuntu box。我确实尝试过从 Ubuntu box 到路由器,但 TCPDUMP 中没有显示任何内容。接下来是从 Ubuntu box 到 Windows 机器,可以看到请求发出,但没有回复,因为 ICMP 可能在 Windows Defender 防火墙上被阻止了。
有没有什么建议可以尝试一下,因为我自己没有主意,而且上面的方法都没有什么意义,为什么每台机器都可以 PING 不同的设备,而 SSH 和 PING HTTP 似乎都根据来源而工作/不工作?
tcpdump -i eth0 arp -n
14:32:29.414036 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:29.414274 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:29.852626 ARP, Request who-has 192.168.1.200 tell 192.168.1.1, length 46
14:32:29.852643 ARP, Request who-has 192.168.1.58 tell 192.168.1.1, length 46
14:32:30.437906 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:30.438138 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:31.461904 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:31.462138 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:32.486027 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:32.486250 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:33.513904 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:33.514218 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:33.944646 ARP, Request who-has 192.168.1.70 tell 192.168.1.253, length 46
14:32:34.533906 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:34.534222 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:35.557980 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:35.558187 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
183 packets captured
200 packets received by filter
17 packets dropped by kernel
路由器的 Mac 地址似乎正确,为 00:1d:aa:c6:44:68。但是很多请求没有显示回复,不确定这是否正确?
然而,有以下迹象表明:
14:55:29.130114 ARP, Unknown (512)
0x0000: 0001 0800 0604 0200 001d aac6 4468 c0a8 ............Dh..
0x0010: 01fe ffff ffff ffff 0000 0000 0100 0000 ................
0x0020: 0000 0000 0000 0000 0000 ..........
14:55:29.130427 ARP, Unknown (512)
0x0000: 0001 0800 0604 0200 001d aac6 4468 c0a8 ............Dh..
0x0010: 02fe ffff ffff ffff 0000 0000 0100 0000 ................
0x0020: 0000 0000 0000 0000 0000
tcpdump -eqtnni eth0 arp
08:60:6e:e5:e5:8b > ff:ff:ff:ff:ff:ff, ARP, length 42: Request who-has 192.168.1.254 tell 192.168.1.6, length 28
00:1d:aa:c6:44:68 > 08:60:6e:e5:e5:8b, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
08:60:6e:e5:e5:8b > ff:ff:ff:ff:ff:ff, ARP, length 42: Request who-has 192.168.1.254 tell 192.168.1.6, length 28
00:1d:aa:c6:44:68 > 08:60:6e:e5:e5:8b, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
00:1d:aa:c6:44:68 > ff:ff:ff:ff:ff:ff, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Unknown (512)