Mic*_*ton 5 linux ipv6 windows-server-2008-r2 radvd kvm-virtualization
我有一个新安装的 Windows Server 2008 R2 SP1 虚拟机,尽管显然具有正确的 IPv6 连接,但它完全无法访问任何 IPv6 网页。此外,其他 Linux VM 也无法访问 IPv6 网站。
此设置以前在虚拟机中具有完整的 IPv6 连接,并且在没有明显原因的情况下停止工作。
我的所有 VM 都桥接到物理以太网,并从主机上的 radvd 接收通知。IPv6 在主机上正常工作,主机也是 IPv6 路由器。Wireshark 显示主机在收到 HTTP SYN 数据包后正在发回 ICMPv6 Destination Unreachable (Administratively disabled)。
Internet Explorer 报告它无法显示网页,而 Google Chrome 仅显示 Oops!Chrome 无法连接到网页,没有错误号。
我什至能够 ping 本地网关和 Google 的 IPv6 地址并进行 IPv6 DNS 查找。
PS C:\Users\Administrator> ping -6 fe80::6e62:6dff:fed1:dfad
Pinging fe80::6e62:6dff:fed1:dfad with 32 bytes of data:
Reply from fe80::6e62:6dff:fed1:dfad: time<1ms
Reply from fe80::6e62:6dff:fed1:dfad: time<1ms
Reply from fe80::6e62:6dff:fed1:dfad: time<1ms
Reply from fe80::6e62:6dff:fed1:dfad: time<1ms
Ping statistics for fe80::6e62:6dff:fed1:dfad:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
PS C:\Users\Administrator> ping -6 www.google.com
Pinging www.l.google.com [2001:4860:800a::67] with 32 bytes of data:
Reply from 2001:4860:800a::67: time=43ms
Reply from 2001:4860:800a::67: time=42ms
Reply from 2001:4860:800a::67: time=46ms
Reply from 2001:4860:800a::67: time=42ms
Ping statistics for 2001:4860:800a::67:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 46ms, Average = 43ms
我的虚拟机配置如下:
PS C:\Users\Administrator> ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : WIN-CRLO5NIQB72
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : local
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : local
Description . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter
Physical Address. . . . . . . . . : 52-54-00-DD-DF-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:db8:1600:80bf:5054:ff:fedd:df3e(Preferred)
Link-local IPv6 Address . . . . . : fe80::5054:ff:fedd:df3e%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.12.146(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 09, 2012 1:59:42 PM
Lease Expires . . . . . . . . . . : Tuesday, July 10, 2012 1:59:42 PM
Default Gateway . . . . . . . . . : fe80::6e62:6dff:fed1:dfad%13
192.168.12.1
DHCP Server . . . . . . . . . . . : 192.168.12.1
DNS Servers . . . . . . . . . . . : 2001:4860:4860::8888
2001:4860:4860::8844
192.168.12.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10d1:317d:3f57:f36d(Preferred)
Link-local IPv6 Address . . . . . : fe80::10d1:317d:3f57:f36d%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
PS C:\Users\Administrator> netsh interface ipv6 show route
Publish Type Met Prefix Idx Gateway/Interface Name
------- -------- --- ------------------------ --- ------------------------
No Manual 256 ::/0 13 fe80::6e62:6dff:fed1:dfad
No Manual 256 ::1/128 1 Loopback Pseudo-Interface 1
No Manual 8 2001::/32 12 Teredo Tunneling Pseudo-Interface
No Manual 256 2001:0:4137:9e76:10d1:317d:3f57:f36d/128 12 Teredo Tunneling Pseudo-Interface
No Manual 8 2001:db8:1600:80bf::/64 13 Local Area Connection 2
No Manual 256 2001:db8:1600:80bf:5054:ff:fedd:df3e/128 13 Local Area Connection 2
No Manual 256 fe80::/64 13 Local Area Connection 2
No Manual 256 fe80::/64 12 Teredo Tunneling Pseudo-Interface
No Manual 256 fe80::5efe:192.168.12.146/128 11 isatap.local
No Manual 256 fe80::10d1:317d:3f57:f36d/128 12 Teredo Tunneling Pseudo-Interface
No Manual 256 fe80::5054:ff:fedd:df3e/128 13 Local Area Connection 2
No Manual 256 ff00::/8 1 Loopback Pseudo-Interface 1
No Manual 256 ff00::/8 13 Local Area Connection 2
No Manual 256 ff00::/8 12 Teredo Tunneling Pseudo-Interface
PS C:\Users\Administrator> netsh interface ipv6 show prefixpolicies
Querying active state...
Precedence Label Prefix
---------- ----- --------------------------------
50 0 ::1/128
40 1 ::/0
30 2 2002::/16
20 3 ::/96
10 4 ::ffff:0:0/96
5 5 2001::/32
到目前为止,在我尝试过的 VM 中:
netsh interface ipv6 set global randomizeidentifiers=disabled
没变。
禁用 Teredo 适配器:无变化。它以某种方式重新启用。
使用Microsoft Fix-It 更喜欢 IPv6 而不是 IPv4:没有变化。
到目前为止,我在主机上尝试过:
检查 IPv6 转发 sysctl:
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.br0.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.em1.forwarding = 1
net.ipv6.conf.lo.forwarding = 1
net.ipv6.conf.sit0.forwarding = 1
net.ipv6.conf.sixxs.forwarding = 1
net.ipv6.conf.virbr0.forwarding = 1
net.ipv6.conf.virbr0-nic.forwarding = 1
net.ipv6.conf.vnet0.forwarding = 1
net.ipv6.conf.vnet1.forwarding = 1
net.ipv6.conf.vnet2.forwarding = 1
重新启动 radvd:没有变化。
ICMPv6 目标不可达数据包帮助将问题识别为防火墙问题。
添加在 br0 上转发 IPv6 数据包的规则修复了该问题:
ip6tables -I FORWARD 6 -i br0 -s 2001:db8:1600:80bf::/64 -j ACCEPT
| 归档时间: |
|
| 查看次数: |
2490 次 |
| 最近记录: |