지금 제가 살고 있는 곳에서는 인터넷 연결(유선)이 아래와 같은 이상한 증상을 보이고 있습니다. 호스트 이름을 사용하든 IP 주소를 사용하든 상관이 없는 것 같습니다.
- 핑은 잘 작동해요
- 스카이프를 사용할 수 있습니다
- Wget이 연결되었지만 응답을 받지 못했습니다. (시간이 초과될 때까지 "HTTP 요청 전송, 응답 대기 중"을 기다립니다.)
- 적용 가능한 도메인의 작은 하위 집합을 제외하고.
- ssh 명령(
ssh host ls)이 작동합니다. - 대화형 SSH는 짧은 시간 동안 작동하지만 처음처럼
ls매번 같은 지점에서 매우 빠르게 중단됩니다. - Windows에서는 모든 것이 잘 작동합니다.
이를 추가로 진단하려면 어떻게 해야 합니까? 지금까지는 애플리케이션 계층에만 집중했습니다. 확실한 인터넷 연결이 있기 때문에 Firefox를 터널링하는 방법이 있을 것입니다. 하지만 먼저 문제를 확인하고 싶습니다.
이는 통과하지 못하는 대용량 패킷과 관련이 있을 가능성이 높습니다. MTU가 있다는 것을 알았지만 이를 eth0으로 설정해도 문제가 해결되지 않습니다. 나는 PPPOE와 라우터 뒤에 있다고 생각합니다. 외부 IP는 Windows와 Linux에서 동일합니다.
일부 명령의 출력:
ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1024 qdisc mq state UP qlen 1000
link/ether 00:26:aa:aa:aa:61 brd ff:ff:ff:ff:ff:ff
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether c4:17:aa:aa:aa:ff brd ff:ff:ff:ff:ff:ff
4: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 5e:49:aa:aa:aa:27 brd ff:ff:ff:ff:ff:ff
ip route show
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.4 metric 1
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
169.254.0.0/16 dev eth0 scope link metric 1000
default via 192.168.1.1 dev eth0 proto static
ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1024 qdisc mq state UP qlen 1000
link/ether 00:26:2d:78:ac:61 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.4/24 brd 192.168.1.255 scope global eth0
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether c4:17:fe:3b:56:ff brd ff:ff:ff:ff:ff:ff
4: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 5e:49:01:03:55:27 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
inet6 fe80::5c49:1ff:fe03:5527/64 scope link
valid_lft forever preferred_lft forever
최대 1468 크기까지 핑을 보낼 수 있습니다.
tim@milagros:/$ ping -M do -c 1 -s 1470 stackexchange.com
PING stackexchange.com (64.34.119.12) 1470(1498) bytes of data.
--- stackexchange.com ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
tim@milagros:/$ ping -M do -c 1 -s 1468 stackexchange.com
PING stackexchange.com (64.34.119.12) 1468(1496) bytes of data.
1476 bytes from stackoverflow.com (64.34.119.12): icmp_seq=1 ttl=52 time=176 ms
--- stackexchange.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 176.539/176.539/176.539/0.000 ms
tim@milagros:~/projekt/perl$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:26:2d:78:ac:61
inet addr:192.168.1.4 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:161 errors:0 dropped:0 overruns:0 frame:0
TX packets:194 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:143947 (143.9 KB) TX bytes:67727 (67.7 KB)
Interrupt:16
답변1
Tim, MTU 변경에 대한 우려를 무시하시기 바랍니다. 귀하의 질문은 MTU 문제로 가득 차 있으며 저는 15년 넘게 전문 네트워크 엔지니어로 일하고 있습니다.
DFMTU가 도움이 되는지 확인하려면 ping과 IP 헤더에 설정된 비트를 사용하여 Linux 시스템에서 테스트하세요.
ping -M do -s 1232 <some pingable internet ip address>
-sPPPoE IP MTU가 1300바이트라고 가정하고 매개변수를 계산했습니다 . ping이 성공하면 사용하여 -s 1472무슨 일이 일어나는지 확인하십시오. 이제 ping이 실패하면 MTU 문제에 대한 확실한 증거가 있는 것입니다(이더넷 링크 MTU를 더 낮게 설정하지 않았다고 가정). 참고로, -s 1472에코 요청은 1500바이트 이더넷 페이로드와 함께 전송됩니다. -M do -s 1472동일한 1500바이트 페이로드는 IP 헤더에 설정된 DF 비트와 함께 전송됩니다.
또한 MTU는 다음과 같이 설정되어야 합니다.둘 다링크의 양쪽 모두...따라서 모뎀에서도 이 작업을 수행해야 합니다.
편집하다
팀, 너 아직도내가 실행하라고 요청한 명령을 실행하지 않았습니다.. 당신이 하고 있는 일에 어떤 문제가 있는지 예를 들어보겠습니다. (8.8.8.8 경로에 IP 조각화를 위한 방화벽이 있었기 때문에 대상 호스트를 stackexchange.com으로 수정해야 했습니다.)
부정적인 예(ping 플래그 사용)
[mpenning@Bucksnort ~]$ ping -c 1 -s 65507 64.34.119.12
PING 64.34.119.12 (64.34.119.12) 65507(65535) bytes of data.
65515 bytes from 64.34.119.12: icmp_seq=1 ttl=51 time=53.2 ms
--- 64.34.119.12 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 53.246/53.246/53.246/0.000 ms
[mpenning@Bucksnort ~]$
수사적 질문: 64KB ping 패킷이 1500바이트 이더넷 세그먼트를 어떻게 통과합니까? (주 A 참조) 제가 요청한 정보를 공개하지 않는 한 제가 할 수 있는 일은 아무것도 없습니다. 이것도 같은 예인데,ping -M do
긍정적인 예
[mpenning@Bucksnort ~]$ ping -M do -c 1 -s 65507 64.34.119.12
PING 64.34.119.12 (64.34.119.12) 65507(65535) bytes of data.
From 24.102.60.3 icmp_seq=1 Frag needed and DF set (mtu = 1500)
--- 64.34.119.12 ping statistics ---
0 packets transmitted, 0 received, +1 errors
[mpenning@Bucksnort ~]$
ping -M do경로를 따라 최대 MTU에 대한 정보를 제공합니다(이 경우 첫 번째 홉 이더넷 세그먼트의 값이 IP MTU1500바이트라는 것을 알고 있습니다).
미주:
A: IP 조각은 기본적으로 허용되므로 ping은 일련의 IP 조각으로 수행될 수 있습니다 ping. 링크를 통과할 최대 패킷 크기를 찾으려는 경우IP 헤더를 수정해야 합니다.(나는 그것을 로 설명했습니다 -M do) 당신이 함께 꿰매어진 흩어진 응답들로 끝나지 않도록 하기 위해. 사용 ping -c 1 -s 65507 64.34.119.12:
[mpenning@Bucksnort ~]$ sudo tshark -n -i eth0 icmp
1 0.000000 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=0)
2 0.000058 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=1480)
3 0.000071 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=2960)
4 0.000081 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=4440)
5 0.000094 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=5920)
6 0.000105 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=7400)
7 0.000116 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=8880)
8 0.000124 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=10360)
9 0.000133 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=11840)
10 0.000143 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=13320)
11 0.000152 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=14800)
12 0.000162 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=16280)
13 0.000172 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=17760)
14 0.000181 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=19240)
15 0.000191 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=20720)
16 0.000201 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=22200)
17 0.000211 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=23680)
18 0.000221 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=25160)
19 0.000230 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=26640)
20 0.000240 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=28120)
21 0.000250 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=29600)
22 0.000259 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=31080)
23 0.000269 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=32560)
24 0.000278 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=34040)
25 0.000288 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=35520)
26 0.000298 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=37000)
27 0.000308 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=38480)
28 0.000318 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=39960)
29 0.000327 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=41440)
30 0.000337 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=42920)
31 0.000352 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=44400)
32 0.000361 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=45880)
33 0.000372 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=47360)
34 0.000384 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=48840)
35 0.000394 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=50320)
36 0.000403 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=51800)
37 0.000411 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=53280)
38 0.000419 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=54760)
39 0.000428 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=56240)
40 0.000437 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=57720)
41 0.000446 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=59200)
42 0.000455 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=60680)
43 0.000466 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=62160)
44 0.000477 24.102.60.3 -> 64.34.119.12 IP Fragmented IP protocol (proto=ICMP 0x01, off=63640)
45 0.000486 24.102.60.3 -> 64.34.119.12 ICMP Echo (ping) request
46 0.044402 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=0)
47 0.044439 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=1480)
48 0.044899 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=2960)
49 0.044910 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=4440)
50 0.044916 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=5920)
51 0.045149 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=7400)
52 0.045399 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=8880)
53 0.045409 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=10360)
54 0.045415 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=11840)
55 0.045649 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=13320)
56 0.045899 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=14800)
57 0.045908 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=16280)
58 0.045915 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=17760)
59 0.046148 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=19240)
60 0.046163 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=20720)
61 0.046402 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=22200)
62 0.046421 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=23680)
63 0.046650 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=25160)
64 0.046668 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=26640)
65 0.046901 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=28120)
66 0.046918 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=29600)
67 0.047151 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=31080)
68 0.047171 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=32560)
69 0.047399 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=34040)
70 0.047418 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=35520)
71 0.047424 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=37000)
72 0.047650 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=38480)
73 0.047900 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=39960)
74 0.048149 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=41440)
75 0.048165 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=42920)
76 0.048172 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=44400)
77 0.048178 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=45880)
78 0.048398 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=47360)
79 0.048650 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=48840)
80 0.048667 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=50320)
81 0.048674 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=51800)
82 0.048900 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=53280)
83 0.048922 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=54760)
84 0.049150 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=56240)
85 0.049174 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=57720)
86 0.049398 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=59200)
87 0.049649 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=60680)
88 0.049671 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=62160)
89 0.049677 64.34.119.12 -> 24.102.60.3 IP Fragmented IP protocol (proto=ICMP 0x01, off=63640)
90 0.049683 64.34.119.12 -> 24.102.60.3 ICMP Echo (ping) reply