ubuntu 无法与Azure Linux VM的第二个网络接口卡上的公共IPV6通信

rdlzhqv9  于 2023-08-03  发布在  Linux
关注(0)|答案(1)|浏览(100)

有一个新的Azure Linux VM(Ubuntu 22.04 LTS x64),具有以下两个网络接口卡(NIC):

eth0
Mac Address: 00:22:48:8f:ba:bf
Private IPV4 Address: 10.0.0.4
Public IPV4 Address: 20.25.226.73
Private IPV6 Address: abc:abc:abc:abc::6
Public IPV6 Address: 2a01:111:f100:1000::9d37:d42b

eth1
Mac Address: 00:22:48:8f:64:21
Private IPV4 Address: 10.0.0.14
Public IPV4 Address: 172.183.16.91
Private IPV6 Address: abc:abc:abc:abc::16
Public IPV6 Address: 2603:1030:603::324

字符串
两个NIC都使用vnet子网10.0.0.0/24和abc:abc:abc:abc::/64,并且都使用允许22/80/443/3389/ICMP端口的防火墙入站规则。
根据在Azure Linux虚拟机(https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu)中配置多个网络接口,我设置了以下/etc/netplan/50-cloud-init.yaml文件:

network:
    ethernets:
        eth0:
            dhcp4: true
            dhcp4-overrides: &id001
                route-metric: 100
            dhcp6: true
            dhcp6-overrides: *id001
            match:
                driver: hv_netvsc
                macaddress: 00:22:48:8f:ba:bf
            set-name: eth0
            routes:
             - to: 10.0.0.0/24
               via: 10.0.0.1
               metric: 100
               table: 200
             - to: 0.0.0.0/0
               via: 10.0.0.1
               table: 200
            routing-policy:
             - from: 10.0.0.4/32
               table: 200
             - to: 10.0.0.4/32
               table: 200
        eth1:
            dhcp4: true
            dhcp4-overrides: &id002
                route-metric: 200
            dhcp6: true
            dhcp6-overrides: *id002
            match:
                driver: hv_netvsc
                macaddress: 00:22:48:8f:64:21
            set-name: eth1
            routes:
             - to: 10.0.0.0/24
               via: 10.0.0.1
               metric: 200
               table: 201
             - to: 0.0.0.0/0
               via: 10.0.0.1
               table: 201
            routing-policy:
             - from: 10.0.0.14/32
               table: 201
             - to: 10.0.0.14/32
               table: 201
    version: 2


在应用上面的yaml文件之后,两个IPV4地址上的一切都运行良好,例如相互ping并将网站链接到它们。
对于公共IPV6地址,事情很复杂。正如《What is IPv6 for Azure Virtual Network》中的限制部分所述(https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/ipv6-overview):“ICMPv 6 is not currently supported in Network Security Groups.”我们不能使用“ping 6”命令,但需要使用其他方法来测试公共IPV6地址的可用性。其中一种方法是使用“telnet-6\f25 ipv6.telnetmyip.com-6”命令。
1.我们用eth0信息登录SSH shell(类似于Xshell)(先登录public IPV4,然后尝试public IPV6),输入“telnet -6 ipv6.telnetmyip.com”,它都响应:

Trying 2600:1f16:227:6200::100...
Connected to ipv6.telnetmyip.com.
The escape character is '^]'.
{

"comment": "##     Your IP Address is 2a01:111:f100:1000::9d37:d42b (51152)     ##",

"family": "ipv6",
"ip": "2a01:111:f100:1000::9d37:d42b",
"port": "51152",
"protocol": "telnet",
"version": "v1.3.0",
"website": "https://github.com/packetsar/checkmyip",
"sponsor": "Sponsored by ConvergeOne, https://www.convergeone.com/"
}
Connection closed by foreign host.


很好,系统在公共IPV6地址eth0下运行良好。这意味着我不需要修改YAML文件中的任何eth0。
1.我们使用eth 1 public IPV4登录到SSH shell(类似于Xshell),并输入“telnet -6 ipv6.telnetmyip.com”,它会响应:

Trying 2600:1f16:227:6200::100...
Connected to ipv6.telnetmyip.com.
The escape character is '^]'.
{

"comment": "##     Your IP Address is 2a01:111:f100:1000::9d37:d42b (55926)     ##",

"family": "ipv6",
"ip": "2a01:111:f100:1000::9d37:d42b",
"port": "55926",
"protocol": "telnet",
"version": "v1.3.0",
"website": "https://github.com/packetsar/checkmyip",
"sponsor": "Sponsored by ConvergeOne, https://www.convergeone.com/"
}
Connection closed by foreign host.


糟糕!它不识别eth 1的公共IPV6地址,而是使用eth0的公共IPV6地址
那么,如何编辑YAML文件以使eth 1的公共IPV6地址可用?
(我试着把问题交给ChatGPT 4和Claude 2,但他们的答案都不起作用。

62lalag4

62lalag41#

经过多次尝试,我想我已经找到了解决办法。下面是修改后的YAML文件:

network:
    ethernets:
        eth0:
            dhcp4: true
            dhcp4-overrides: &id001
                route-metric: 100
            dhcp6: true
            dhcp6-overrides: *id001
            match:
                driver: hv_netvsc
                macaddress: 00:22:48:8f:ba:bf #The Exact MAC Address
            set-name: eth0

            routes:
            #IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
             - to: 10.0.0.0/24
               via: 10.0.0.1
               metric: 100
               table: 200
             - to: 0.0.0.0/0
               via: 10.0.0.1
               table: 200
            #IPV6
             - to: abc:abc:abc:abc::/64  #Or "fe80::/64" as the Command "ip -6 route" Output
               via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
               metric: 100
               table: 200
             - to: ::/0
               via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
               table: 200   

            routing-policy:
            #IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu 
             - from: 10.0.0.4/32 #Exact Internal Static IPV4 Address
               table: 200
             - to: 10.0.0.4/32 #Exact Internal Static IPV4 Address
               table: 200
            #IPV6
             - from: abc:abc:abc:abc::6/128  #Exact Internal Static IPV6 Address
               table: 200
             - to: abc:abc:abc:abc::6/128 #Exact Internal Static IPV6 Address
               table: 200

        eth1:
            dhcp4: true
            dhcp4-overrides: &id002
                route-metric: 200
            dhcp6: true
            dhcp6-overrides: *id002
            match:
                driver: hv_netvsc
                macaddress: 00:22:48:8f:64:21 #The Exact MAC Address
            set-name: eth1

            routes:
            #IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
             - to: 10.0.0.0/24
               via: 10.0.0.1
               metric: 200
               table: 201
             - to: 0.0.0.0/0
               via: 10.0.0.1
               table: 201
            #IPV6
             - to: abc:abc:abc:abc::/64  #Or "fe80::/64" as the Command "ip -6 route" Output
               via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
               metric: 200
               table: 201
             - to: ::/0
               via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
               table: 201   

            routing-policy:
            #IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
             - from: 10.0.0.14/32 #Exact Internal Static IPV4 Address
               table: 201
             - to: 10.0.0.14/32 #Exact Internal Static IPV4 Address
               table: 201
            #IPV6
             - from: abc:abc:abc:abc::16/128  #Exact Internal Static IPV6 Address
               table: 201
             - to: abc:abc:abc:abc::16/128 #Exact Internal Static IPV6 Address
               table: 201
    version: 2

字符串
正如我前面所评论的,“telnetmyip.com”将始终使用eth0,无论是在IPV4还是IPV6上。因此,我更改为将域名链接到eth0和eth 1上的IPV4和IPV6地址,例如“eth0ipv4.example.com”,“eth0ipv6.example.com”,“eth1ipv4.example.com”和“eth1ipv6.example.com”。此外,我在Windows客户端机器上使用PsPing方法(https://learn.microsoft.com/en-us/sysinternals/downloads/psping)来测试此Ubuntu Server(22.04 LTS)。
现在让我们看看结果。
1.在IPV4上PsPing eth0

C:\PSTools>psping -4 eth0ipv4.example.com:443

PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 20.25.226.73:443:
5 iterations (warmup 1) ping test:
Connecting to 20.25.226.73:443 (warmup): from 192.168.1.8:65313: 231.25ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65314: 206.61ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65315: 217.29ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65316: 213.11ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65317: 212.49ms

TCP connect statistics for 20.25.226.73:443:
  Sent = 4, Received = 4, Lost = 0 (0% loss),
  Minimum = 206.61ms, Maximum = 217.29ms, Average = 212.37ms


2.在IPV6上PsPing eth0

C:\PSTools>psping -6 eth0ipv6.example.com:443

PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 2a01:111:f100:1000::9d37:d42b:443:
5 iterations (warmup 1) ping test:
Connecting to 2a01:111:f100:1000::9d37:d42b:443 (warmup): from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65323: 289.15ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65324: 265.27ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65325: 262.48ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65326: 267.85ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65327: 268.38ms

TCP connect statistics for 2a01:111:f100:1000::9d37:d42b:443:
  Sent = 4, Received = 4, Lost = 0 (0% loss),
  Minimum = 262.48ms, Maximum = 268.38ms, Average = 266.00ms


3.在IPV4上PsPing eth 1

C:\PSTools>psping -4 eth1ipv4.example.com:443

PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 172.183.16.91:443:
5 iterations (warmup 1) ping test:
Connecting to 172.183.16.91:443 (warmup): from 192.168.1.8:65318: 209.25ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65319: 216.23ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65320: 214.06ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65321: 239.47ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65322: 231.35ms

TCP connect statistics for 172.183.16.91:443:
  Sent = 4, Received = 4, Lost = 0 (0% loss),
  Minimum = 214.06ms, Maximum = 239.47ms, Average = 225.28ms


4.在IPV6上PsPing eth 1

C:\PSTools>psping -6 eth1ipv6.example.com:443

PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 2603:1030:603::324:443:
5 iterations (warmup 1) ping test:
Connecting to 2603:1030:603::324:443 (warmup): from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65328: 211.58ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65329: 206.49ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65330: 230.37ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65331: 217.74ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65332: 204.68ms

TCP connect statistics for 2603:1030:603::324:443:
  Sent = 4, Received = 4, Lost = 0 (0% loss),
  Minimum = 204.68ms, Maximum = 230.37ms, Average = 214.82ms


现在一切都很好!

相关问题