원격 웹사이트 주소에 접속하는 데 문제가 있습니다.
도와주세요.
첫째, 모든 것이 괜찮습니다.
둘째, wget 요청을 보내고 "피어에 의한 연결 재설정"을 수신합니다.
then.ping이 작동하지 않습니다.
wget을 보낸 후 "ip Route get xxx" 명령의 출력이 변경된 것을 확인했습니다.
"ip 경로 새로 고침 캐시"를 사용하면 핑을 수정할 수 있습니다. 하지만 wget은 여전히 작동하지 않습니다.
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.858 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=180.024 ms
64 bytes from 104.26.12.50: seq=2 ttl=53 time=179.980 ms
^Z[1]+ Stopped ping 104.26.12.50
CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 104.26.12.50 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
^Z[2]+ Stopped ping 104.26.12.50
CoreELEC:~ # ip route flush cache
CoreELEC:~ # ip route get 104.26.12.50
104.26.12.50 via 192.168.1.1 dev eth0 src 192.168.1.179
CoreELEC:~ # ping 104.26.12.50
PING 104.26.12.50 (104.26.12.50): 56 data bytes
64 bytes from 104.26.12.50: seq=0 ttl=53 time=179.730 ms
64 bytes from 104.26.12.50: seq=1 ttl=53 time=179.616 ms
^Z[3]+ Stopped ping 104.26.12.50
추적 경로 결과
CoreELEC:~ # ip route flush cache
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.1 (192.168.1.1) 0.770 ms 0.752 ms 0.650 ms
2 10.11.128.1 (10.11.128.1) 3.400 ms 3.728 ms 3.249 ms
3 211.136.62.237 (211.136.62.237) 5.067 ms 4.482 ms 4.310 ms
4 111.24.14.45 (111.24.14.45) 4.594 ms 4.720 ms 4.791 ms
5 111.24.2.110 (111.24.2.110) 16.499 ms^Z[1]+ Stopped traceroute 104.26.12.50
CoreELEC:~ # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.179 (192.168.1.179) 1675.641 ms !H 2751.899 ms !H 3000.313 ms !H
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.179 (192.168.1.179) 724.558 ms !H 2989.973 ms !H 3000.084 ms !H
CoreELEC:~ # ip route flush cache
CoreELEC:~ # traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 30 hops max, 38 byte packets
1 192.168.1.1 (192.168.1.1) 0.831 ms 0.907 ms 0.807 ms
2 10.11.128.1 (10.11.128.1) 10.854 ms 7.432 ms 2.965 ms
3 211.136.62.237 (211.136.62.237) 24.308 ms 7.107 ms 19.634 ms
4 111.24.14.45 (111.24.14.45) 4.821 ms 4.816 ms 4.593 ms
5^Z[2]+ Stopped traceroute 104.26.12.50
동일한 로컬 네트워크에 있는 다른 Mac:
bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 3.779 ms 0.954 ms 0.986 ms
2 10.11.128.1 (10.11.128.1) 3.959 ms 3.594 ms 3.680 ms
3 211.136.62.237 (211.136.62.237) 5.088 ms 5.719 ms 4.760 ms
4 111.24.14.45 (111.24.14.45) 5.277 ms 4.875 ms 5.072 ms
5 111.24.2.106 (111.24.2.106) 7.508 ms
111.24.2.110 (111.24.2.110) 5.291 ms
111.24.17.157 (111.24.17.157) 5.907 ms
6 221.176.21.150 (221.176.21.150) 38.841 ms 7.606 ms 9.093 ms
^C
bash-3.2$ wget https://104.26.12.50/
Connecting to 104.26.12.50:443... connected.
OpenSSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
Unable to establish SSL connection.
bash-3.2$ traceroute 104.26.12.50
traceroute to 104.26.12.50 (104.26.12.50), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 3.674 ms 1.162 ms 1.141 ms
2 10.11.128.1 (10.11.128.1) 4.327 ms 4.152 ms 4.043 ms
3 211.136.62.237 (211.136.62.237) 5.764 ms 18.867 ms 19.749 ms
4 111.24.14.45 (111.24.14.45) 7.277 ms 5.256 ms 5.969 ms
^C
나는 coreelec9.0.0(Linux3.14.29)을 사용하고 있으며 BusyBox의 'ip' 명령은 전체 옵션을 지원하지 않습니다.
CoreELEC:~ # cat /proc/version
Linux version 3.14.29 (adamg@zulu) (gcc version 7.3.1 20180425 [linaro-7.3-2018.05 revision d29120a424ecfbc167ef90065c0eeb7f91977701] (Linaro GCC 7.3-2018.05) ) #1 SMP Sat Feb 16 12:49:23 GMT 2019
CoreELEC:~ # uname -a
Linux CoreELEC 3.14.29 #1 SMP Sat Feb 16 12:49:23 GMT 2019 aarch64 GNU/Linux
CoreELEC:~ # lsb_release -a
CoreELEC (official): 9.0.0
CoreELEC:~ # ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff
CoreELEC:~ # ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 4096 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP8000> mtu 1500 qdisc fq_codel qlen 1000
link/ether fc:7c:02:e9:85:c5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.179/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::fe7c:2ff:fee9:85c5/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether fc:7c:02:e9:85:c4 brd ff:ff:ff:ff:ff:ff
CoreELEC:~ # ip route
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 scope link src 192.168.1.179
192.168.1.1 dev eth0 scope link
CoreELEC:~ # ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
추적 경로 출력
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1500
1: 192.168.1.1 1.169ms
1: 192.168.1.1 1.090ms
2: 192.168.1.1 1.064ms pmtu 1492
2: 10.11.128.1 4.250ms
3: 211.136.62.237 31.305ms
4: 111.24.14.45 6.265ms
5: 111.24.17.157 6.674ms asymm 6
6: 221.176.21.150 7.991ms asymm 8
7: 221.183.25.202 7.046ms asymm 9
8: 221.183.55.113 9.257ms
9: 223.120.22.18 8.574ms asymm 8
10: 223.120.6.54 180.044ms asymm 11
11: 223.120.6.54 181.604ms
^Z[1]+ Stopped tracepath -4 104.26.12.50
CoreELEC:~/.opt/bin # wget https://104.26.12.50/
Connecting to 104.26.12.50 (104.26.12.50:443)
wget: error getting response: Connection reset by peer
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1492
1: 192.168.1.179 375.207ms !H
1: 192.168.1.179 2750.098ms !H
Resume: pmtu 1492
CoreELEC:~/.opt/bin # ip route flush cache
CoreELEC:~/.opt/bin # tracepath -4 104.26.12.50
1?: [LOCALHOST] pmtu 1500
1: 192.168.1.1 0.994ms
1: 192.168.1.1 0.776ms
2: 192.168.1.1 0.809ms pmtu 1492
2: 10.11.128.1 5.180ms
3: 211.136.62.237 13.072ms
4: 111.24.14.45 4.863ms
^Z[2]+ Stopped tracepath -4 104.26.12.50
CoreELEC:~/.opt/bin #
답변1
https 질문에 대답하겠습니다. 포트의 암호화가 깨졌거나 가상 호스트를 사용하고 있는 경우에는 IP 주소 대신 호스트 이름을 사용하여 연결해야 합니다.
localhost:~ $ openssl s_client -connect 104.26.12.50:443
CONNECTED(00000003)
139928269652608:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
답변2
내 무선 라우터(netgear R6400v2)의 펌웨어 버전을 v1.0.4.106_10.0.80에서 v1.0.2.62_10.0.46으로 다운그레이드하여 문제를 해결했습니다.