Linux ipv6转发
情况
我知道如何进行 ipv4 转发,并且预计 ipv6 转发的工作方式几乎相同。因此,我使用 ISP 配置的网络地址配置了 VirtualBox 主机。现在,这是我拥有的网络:
(来源:hjts.nl)
问题
我可以 ping 通 Debian 路由器上的所有 ipv6 地址,但无法访问 Debian 必须转发数据包的地址,例如从 Fedora 客户端到 Debian 上的 eth0。
配置
Debian 服务器配置为允许 IPV6 转发:
root@6server:~# sysctl -p
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.accept_ra = 2
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.accept_source_route = 1
iptables 也应该允许它..
root@6server:~# ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
这是我的地址和路线信息:
root@6server:~# ip -6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:981:ec6a::aa:0/48 scope global
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fed6:b45c/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:981:ec6a::ae:1/48 scope global
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe77:f6e8/64 scope link
valid_lft forever preferred_lft forever
root@6server~# ip -6 route show
2001:981:ec6a::aa:0/112 dev eth0 metric 1024
2001:981:ec6a::ae:0/112 dev eth1 metric 1024
2001:981:ec6a::be:0/112 dev eth1 metric 1024
fe80::/64 dev eth1 proto kernel metric 256
fe80::/64 dev eth0 proto kernel metric 256
default via 2001:981:ec6a::2 dev eth0 metric 1024
在 Fedora 客户端上,这是网络路由:
[root@localhost henk]# ip -6 route show
2001:981:ec6a::/48 dev enp0s3 proto kernel metric 256
fe80::/64 dev enp0s3 proto kernel metric 256
default via 2001:981:ec6a::ae:1 dev enp0s3 metric 1024