nslookup 可以工作,但是网络不行

nslookup 可以工作,但是网络不行

系统信息:

ubuntu 服务器 CLI 仅限 22.04.3 LTS。内核 5.15.0-88-generic

我使用 zerotier 网络连接到我的服务器。一切正常,然后我可能更改了某些内容,也可能没有,但当我尝试更新时,它不起作用。Curl 只是冻结,apt 无法连接到任何东西,网络超时。我认为它可能使用了错误的网络,但配置看起来不错。

此外,还有一些针对 443、80 和 3000 端口的附加后路由设置,我删除了它,因为我认为这可能是问题所在。也许我之前添加了它,不知道。还看不到 192.168.2.1 的 Web 界面。它 100% 开启,因为 nmap 显示开放端口,我之前确实连接过,但现在使用 curl 看不到它。

nslookup、ping 有效,其他一切无效。

我的系统是ubuntu linux。时间还可以

sudo iptables -L -n
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DOCKER-USER  all  --  0.0.0.0/0            0.0.0.0/0
DOCKER-ISOLATION-STAGE-1  all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  10.1.0.0/16          0.0.0.0/0            /* generated for MicroK8s pods */
ACCEPT     all  --  0.0.0.0/0            10.1.0.0/16          /* generated for MicroK8s pods */

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination
DOCKER-ISOLATION-STAGE-2  all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination
DROP       all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

这里 eno4 是我的主网络接口,zth6rjzumt 是 zerotier 网络

ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 14:18:77:31:40:c5 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f0
3: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc mq state UP group default qlen 1000
    link/ether 14:18:77:31:40:c6 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f1
    inet 192.168.2.2/24 metric 100 brd 192.168.2.255 scope global dynamic eno4
       valid_lft 322sec preferred_lft 322sec
5: zth6rjzumt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether d6:f9:1e:bc:f7:e9 brd ff:ff:ff:ff:ff:ff
    inet 10.243.145.1/16 brd 10.243.255.255 scope global zth6rjzumt
       valid_lft forever preferred_lft forever
11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:b3:c3:6a:59 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
26: cali1fc61b2214e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-1a155d71-1741-922e-9e68-ef823c07b36d
27: cali79a33944d72@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-c52d1bb3-8de5-87e5-efee-b3201ca1f0c6
30: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UNKNOWN group default
    link/ether 66:19:5e:5e:13:6a brd ff:ff:ff:ff:ff:ff
    inet 10.1.70.192/32 scope global vxlan.calico
       valid_lft forever preferred_lft forever

DNS 似乎没有问题,应该也没有问题

也尝试禁用 ipv6,但没有任何改变。

我也确实更改了路由器配置,但防火墙看起来正常,并且我能够 ping 通,所以这应该不是问题。

路由

default via 192.168.2.1 dev eno4 proto dhcp src 192.168.2.2 metric 100
blackhole 10.1.70.192/26 proto 80
10.1.70.248 dev cali1fc61b2214e scope link
10.1.70.249 dev cali79a33944d72 scope link
10.243.0.0/16 dev zth6rjzumt proto kernel scope link src 10.243.145.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.2.0/24 dev eno4 proto kernel scope link src 192.168.2.2 metric 100
192.168.2.1 dev eno4 proto dhcp scope link src 192.168.2.2 metric 100

ip 地址显示

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 14:18:77:31:40:c5 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f0
3: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc mq state UP group default qlen 1000
    link/ether 14:18:77:31:40:c6 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f1
    inet 192.168.2.2/24 metric 100 brd 192.168.2.255 scope global dynamic eno4
       valid_lft 486sec preferred_lft 486sec
5: zth6rjzumt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether d6:f9:1e:bc:f7:e9 brd ff:ff:ff:ff:ff:ff
    inet 10.243.145.1/16 brd 10.243.255.255 scope global zth6rjzumt
       valid_lft forever preferred_lft forever
11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:b3:c3:6a:59 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
30: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UNKNOWN group default
    link/ether 66:19:5e:5e:13:6a brd ff:ff:ff:ff:ff:ff
    inet 10.1.70.192/32 scope global vxlan.calico
       valid_lft forever preferred_lft forever
46: cali1fc61b2214e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-4aa48182-009f-e169-b53b-74e75be994f1
47: cali79a33944d72@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-920a93e9-8949-9f1a-a296-cbc045c3b3ff

相关内容