저는 Fedora에 Linux 방화벽/라우터를 설정하고 있습니다.
IPv6를 작동시키려고 합니다.
내 간단한 네트워크는 다음과 같습니다
'NET
|
|
ATTMODEM
|
|
| enp2s0
| 2600:yyyy:yyyy:zzzz::53
| fe80::e310:84ed:bda1:a330
LINUXROUTER
| enp3s0
| 2600:yyyy:yyyy:yyyy::1
| fd81:17:15::128
| fe80::e310:84ed:bda1:a331
|
|
SWITCH
|
|
| enp5s0
| 2600:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:23e1
| fd81:17:15::7
| fe80::6d9:xxxx:xxxx:23e1
DESKTOP
내부 IPv6가 실행 중입니다.
LINUXROUTER에서 'NET에 액세스하면 정상적으로 작동합니다.
하지만 마지막 부분인 LAN(데스크톱)에서 "네트워크"로 이동하는 부분을 놓쳤습니다.
현재 세부정보는 다음과 같습니다.
(1)리눅스 라우터
ip -6 addr show
...
EXT 2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2600:yyyy:yyyy:zzzz::53/128 scope global dynamic noprefixroute
valid_lft 2876sec preferred_lft 2876sec
inet6 fe80::e310:84ed:bda1:a330/64 scope link
valid_lft forever preferred_lft forever
INT 3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2600:yyyy:yyyy:yyyy::1/64 scope global dynamic noprefixroute
valid_lft 2876sec preferred_lft 2876sec
inet6 fd81:17:15::128/116 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e310:84ed:bda1:a331/64 scope link
valid_lft forever preferred_lft forever
ip -6 route show
::1 dev lo proto kernel metric 256 pref medium
2600:yyyy:yyyy:yyyy::/64 dev enp3s0 proto dhcp metric 1003 pref medium
fd81:17:15::/116 dev enp3s0 proto kernel metric 256 pref medium
fe80::/64 dev enp2s0 proto kernel metric 256 pref medium
fe80::/64 dev enp3s0 proto kernel metric 256 pref medium
default via fe80::4e12:65ff:fe9c:e3e0 dev enp2s0 metric 1024 pref medium
sysctl -a | grep ipv6 | grep "\.forwarding"
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.enp2s0.forwarding = 1
net.ipv6.conf.enp3s0.forwarding = 1
net.ipv6.conf.lo.forwarding = 1
(2) 데스크톱
ip -6 addr show
...
EXT 4: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2600:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:23e1/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 86391sec preferred_lft 14391sec
inet6 fd81:17:15::7/116 scope global
valid_lft forever preferred_lft forever
inet6 fe80::6d9:xxxx:xxxx:23e1/64 scope link
valid_lft forever preferred_lft forever
ip -6 route show
::1 dev lo proto kernel metric 256 pref medium
2600:yyyy:yyyy:yyyy::/64 dev enp5s0 proto ra metric 1024 expires 86397sec pref medium
fd81:17:15::/116 dev enp5s0 proto kernel metric 256 pref medium
fd81:17:15::/116 dev enp5s0 proto ra metric 1024 expires 86397sec pref medium
fe80::/64 dev enp5s0 proto kernel metric 256 pref medium
default proto static metric 1024 pref medium
nexthop via fd81:17:15::128 dev enp5s0 weight 1 onlink
nexthop via fe80::e310:84ed:bda1:a331 dev enp5s0 weight 1
저는 데스크탑에서
할 수 있는플랫 6
@DESKTOP
2600:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:23e1
fd81:17:15::7
@LINUXROUTER, INT
2600:yyyy:yyyy:yyyy::1
fd81:17:15::128
@LINUXROUTER, EXT
2600:yyyy:yyyy:zzzz::53
할 수 있는아니요플랫 6
@DESKTOP
fe80::6d9:xxxx:xxxx:23e1
@LINUXROUTER, INT
fe80::e310:84ed:bda1:a331
@LINUXROUTER, EXT
fe80::e310:84ed:bda1:a330
@'NET google.com
2607:f8b0:4008:803::200e
Linux 라우터에서 나는
할 수 있는플랫 6
@DESKTOP
2600:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:23e1
fd81:17:15::7
@LINUXROUTER, INT
2600:yyyy:yyyy:yyyy::1
fd81:17:15::128
@LINUXROUTER, EXT
2600:yyyy:yyyy:zzzz::53
그리고 할 수 있다아니요플랫 6
@DESKTOP
fe80::6d9:xxxx:xxxx:23e1
@LINUXROUTER, INT
fe80::e310:84ed:bda1:a331
@LINUXROUTER, EXT
fe80::e310:84ed:bda1:a330
하지만 나는할 수 있는플랫 6
@'NET google.com
2607:f8b0:4008:803::200e
즉, ping6
LINUXROUTER -> NET:google.com OK
DESKTOP -> NET:google.com FAIL
제대로 작동하려면 무엇이 빠졌나요?
나에게 필요한 라우팅, 규칙, 정책 또는 기타 시스템 구성입니까?
감사해요,
슬퍼
편집 1/추가 정보:
LAN에서 ping할 수 없는 것은 'NET'뿐만 아니라 모뎀의 전역 유니캐스트 주소(EXT 또는 INT)이기도 합니다.
NET
|
| 'ethEXT', Global Unicast IP [NET::MODEM::EXT]::1
MODEM
| 'ethINT', Global Unicast IP [NET::MODEM::INT]::1
| DHCP6 server
|
| enp2s0
| [NET::ROUTER::enp2s0]::53/128
ROUTER
| enp3s0
| [NET::ROUTER::enp3s0]::1/64
| radvd server
|
SWITCH
|
| enp5s0
| [NET::DESKTOP::enp5s0]::11/64
DESKTOP
@라우터
OK ping6 -c 1 [NET::MODEM::EXT]::1
OK ping6 -c 1 [NET::MODEM::INT]::1
OK ping6 -c 1 [NET::ROUTER::enp2s0]::53
OK ping6 -c 1 [NET::ROUTER::enp3s0]::1
OK ping6 -c 1 [NET::DESKTOP::enp5s0]::11
OK ping6 -c 1 google.com
PING [NET::MODEM::EXT]::1([NET::MODEM::EXT]::1) 56 data bytes
64 bytes from [NET::MODEM::EXT]::1: icmp_seq=1 ttl=64 time=5.16 ms
--- [NET::MODEM::EXT]::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
ping6 -c 1 [NET::MODEM::INT]::1
PING [NET::MODEM::INT]::1([NET::MODEM::INT]::1) 56 data bytes
64 bytes from [NET::MODEM::INT]::1: icmp_seq=1 ttl=64 time=4.91 ms
--- [NET::MODEM::INT]::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING [NET::ROUTER::enp2s0]::53([NET::ROUTER::enp2s0]::53) 56 data bytes
64 bytes from [NET::ROUTER::enp2s0]::53: icmp_seq=1 ttl=64 time=0.130 ms
--- [NET::ROUTER::enp2s0]::53 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING [NET::ROUTER::enp3s0]::1([NET::ROUTER::enp3s0]::1) 56 data bytes
64 bytes from [NET::ROUTER::enp3s0]::1: icmp_seq=1 ttl=64 time=0.111 ms
--- [NET::ROUTER::enp3s0]::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING [NET::DESKTOP::enp5s0]::11([NET::DESKTOP::enp5s0]::11) 56 data bytes
64 bytes from [NET::DESKTOP::enp5s0]::11: icmp_seq=1 ttl=64 time=0.176 ms
--- [NET::DESKTOP::enp5s0]::11 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING google.com(mia07s49-in-x0e.1e100.net (2607:f8b0:4008:803::200e)) 56 data bytes
64 bytes from mia07s49-in-x0e.1e100.net (2607:f8b0:4008:803::200e): icmp_seq=1 ttl=118 time=20.9 ms
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
@ 데스크탑
FAIL ping6 -c 1 [NET::MODEM::EXT]::1
FAIL ping6 -c 1 [NET::MODEM::INT]::1
OK ping6 -c 1 [NET::ROUTER::enp2s0]::53
OK ping6 -c 1 [NET::ROUTER::enp3s0]::1
OK ping6 -c 1 [NET::DESKTOP::enp5s0]::11
FAIL ping6 -c 1 google.com
!!! PING [NET::MODEM::EXT]::1([NET::MODEM::EXT]::1) 56 data bytes
!!! --- [NET::MODEM::EXT]::1 ping statistics ---
!!! 1 packets transmitted, 0 received, 100% packet loss, time 0ms
!!! PING [NET::MODEM::INT]::1([NET::MODEM::INT]::1) 56 data bytes
!!! --- [NET::MODEM::INT]::1 ping statistics ---
!!! 1 packets transmitted, 0 received, 100% packet loss, time 0ms
PING [NET::ROUTER::enp2s0]::53([NET::ROUTER::enp2s0]::53) 56 data bytes
64 bytes from [NET::ROUTER::enp2s0]::53: icmp_seq=1 ttl=64 time=0.533 ms
--- [NET::ROUTER::enp2s0]::53 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING [NET::ROUTER::enp3s0]::1([NET::ROUTER::enp3s0]::1) 56 data bytes
64 bytes from [NET::ROUTER::enp3s0]::1: icmp_seq=1 ttl=64 time=0.500 ms
--- [NET::ROUTER::enp3s0]::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
PING [NET::DESKTOP::enp5s0]::11(NET::DESKTOP::enp5s00]::11) 56 data bytes
64 bytes from [NET::DESKTOP::enp5s0]::11: icmp_seq=1 ttl=64 time=0.019 ms
--- [NET::DESKTOP::enp5s0]::11 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
!!! PING google.com(mia07s49-in-x0e.1e100.net (2607:f8b0:4008:803::200e)) 56 data bytes
!!! --- google.com ping statistics ---
!!! 1 packets transmitted, 0 received, 100% packet loss, time 0ms