Debian
如何修復 Linux Mint 18.x 上的 IPv6 DNS 伺服器設置?
作業系統:Linux Mint 18.2 Cinnamon + Windows 10 Pro;雙引導。
我剛剛使用這個網站http://test-ipv6.com/來檢查我的 IPv6 準備情況。
Windows 10 Pro 上的結果:
Linux Mint 18.2 Cinnamon 的結果:
如您所見,我的 Linux Mint 上的 DNS 設置存在一些問題。但是一切似乎都已打開,例如在網路設置 - IPv6 部分:
我不確定在哪裡查找失敗的 DNS 設置。或者 Linux Mint 18 還沒有為 IPv6 做好準備嗎?
編輯1:
$ cat /etc/resolv.conf nameserver 209.222.18.222 nameserver 209.222.18.218但是在網路管理器中,我將 Google DNS 視為主要的 + 我的 IPS 作為次要的,我已在路由器的 IPv4 部分中的 DHCP 中進行了配置:
我想這是我的筆記型電腦正在使用的那些。
$ nmcli dev show | grep DNS IP4.DNS[1]: 8.8.8.8 IP4.DNS[2]: 10.255.255.10 IP6.DNS[1]: 2a02:768:0:1010::3 IP6.DNS[2]: 2a02:768:0:1010::2我承認我根本不了解 IPv6,但我不明白為什麼在 Windows 上進行測試,因此 IPv6 可以完全執行,而在 Linux 上則不行。
$ cat /etc/gai.conf # Configuration for getaddrinfo(3). # # So far only configuration for the destination address sorting is needed. # RFC 3484 governs the sorting. But the RFC also says that system # administrators should be able to overwrite the defaults. This can be # achieved here. # # All lines have an initial identifier specifying the option followed by # up to two values. Information specified in this file replaces the # default information. Complete absence of data of one kind causes the # appropriate default information to be used. The supported commands include: # # reload <yes|no> # If set to yes, each getaddrinfo(3) call will check whether this file # changed and if necessary reload. This option should not really be # used. There are possible runtime problems. The default is no. # # label <mask> <value> # Add another rule to the RFC 3484 label table. See section 2.1 in # RFC 3484. The default is: # #label ::1/128 0 #label ::/0 1 #label 2002::/16 2 #label ::/96 3 #label ::ffff:0:0/96 4 #label fec0::/10 5 #label fc00::/7 6 #label 2001:0::/32 7 # # This default differs from the tables given in RFC 3484 by handling # (now obsolete) site-local IPv6 addresses and Unique Local Addresses. # The reason for this difference is that these addresses are never # NATed while IPv4 site-local addresses most probably are. Given # the precedence of IPv6 over IPv4 (see below) on machines having only # site-local IPv4 and IPv6 addresses a lookup for a global address would # see the IPv6 be preferred. The result is a long delay because the # site-local IPv6 addresses cannot be used while the IPv4 address is # (at least for the foreseeable future) NATed. We also treat Teredo # tunnels special. # # precedence <mask> <value> # Add another rule to the RFC 3484 precedence table. See section 2.1 # and 10.3 in RFC 3484. The default is: # #precedence ::1/128 50 #precedence ::/0 40 #precedence 2002::/16 30 #precedence ::/96 20 #precedence ::ffff:0:0/96 10 # # For sites which prefer IPv4 connections change the last line to # precedence ::ffff:0:0/96 100 # # scopev4 <mask> <value> # Add another rule to the RFC 6724 scope table for IPv4 addresses. # By default the scope IDs described in section 3.2 in RFC 6724 are # used. Changing these defaults should hardly ever be necessary. # The defaults are equivalent to: # #scopev4 ::ffff:169.254.0.0/112 2 #scopev4 ::ffff:127.0.0.0/104 2 #scopev4 ::ffff:0.0.0.0/96 14所以,幾乎所有的東西都被註釋掉了。
另外,您問我使用的是哪個 DHCP 客戶端:
$ dhclient --help Internet Systems Consortium DHCP Client 4.3.3 ...編輯2:
$ cat /etc/dhcp/dhclient.conf # Configuration file for /sbin/dhclient. # # This is a sample configuration file for dhclient. See dhclient.conf's # man page for more information about the syntax of this file # and a more comprehensive list of the parameters understood by # dhclient. # # Normally, if the DHCP server provides reasonable information and does # not leave anything out (like the domain name, for example), then # few changes must be made to this file, if any. # option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; send host-name = gethostname(); request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; #send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; #send dhcp-lease-time 3600; #supersede domain-name "fugue.com home.vix.com"; #prepend domain-name-servers 127.0.0.1; #require subnet-mask, domain-name-servers; timeout 300; #retry 60; #reboot 10; #select-timeout 5; #initial-interval 2; #script "/sbin/dhclient-script"; #media "-link0 -link1 -link2", "link0 link1"; #reject 192.33.137.209; #alias { # interface "eth0"; # fixed-address 192.5.5.213; # option subnet-mask 255.255.255.255; #} #lease { # interface "eth0"; # fixed-address 192.33.137.200; # medium "link0 link1"; # option host-name "andare.swiftmedia.com"; # option subnet-mask 255.255.255.0; # option broadcast-address 192.33.137.255; # option routers 192.33.137.250; # option domain-name-servers 127.0.0.1; # renew 2 2000/1/12 00:00:01; # rebind 2 2000/1/12 00:00:01; # expire 2 2000/1/12 00:00:01; #}編輯3:
將 IPv6 行複制粘貼到上面一行後:
cat /etc/dhcp/dhclient.conf # Configuration file for /sbin/dhclient. # # This is a sample configuration file for dhclient. See dhclient.conf's # man page for more information about the syntax of this file # and a more comprehensive list of the parameters understood by # dhclient. # # Normally, if the DHCP server provides reasonable information and does # not leave anything out (like the domain name, for example), then # few changes must be made to this file, if any. # option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; send host-name = gethostname(); request subnet-mask, broadcast-address, time-offset, routers, dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; #send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; #send dhcp-lease-time 3600; #supersede domain-name "fugue.com home.vix.com"; #prepend domain-name-servers 127.0.0.1; #require subnet-mask, domain-name-servers; timeout 300; #retry 60; #reboot 10; #select-timeout 5; #initial-interval 2; #script "/sbin/dhclient-script"; #media "-link0 -link1 -link2", "link0 link1"; #reject 192.33.137.209; #alias { # interface "eth0"; # fixed-address 192.5.5.213; # option subnet-mask 255.255.255.255; #} #lease { # interface "eth0"; # fixed-address 192.33.137.200; # medium "link0 link1"; # option host-name "andare.swiftmedia.com"; # option subnet-mask 255.255.255.0; # option broadcast-address 192.33.137.255; # option routers 192.33.137.250; # option domain-name-servers 127.0.0.1; # renew 2 2000/1/12 00:00:01; # rebind 2 2000/1/12 00:00:01; # expire 2 2000/1/12 00:00:01; #}編輯4:
也許是我的 VPN 提供商應用程序造成的,我沒有做任何更改。我目前沒有使用 VPN,所以我想測試我的 Linux 是否支持 IPv6。resolv.conf 中的名稱伺服器屬於 VPN 提供商:Private Internet Access。
試圖弄清楚,為什麼
resolv.conf沒有被更新:$ lsattr /etc/resolv.conf -------------e-- /etc/resolv.conf編輯5:
$ sudo tcpdump -i eth0 udp port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 13:28:35.416720 IP 192.168.0.11.46858 > resolver1.privateinternetaccess.com.domain: 22927+ A? imap.gmail.com. (32) 13:28:35.416730 IP 192.168.0.11.46858 > resolver1.privateinternetaccess.com.domain: 8909+ AAAA? imap.gmail.com. (32) 13:28:35.416974 IP 192.168.0.11.39732 > resolver1.privateinternetaccess.com.domain: 35471+ PTR? 222.18.222.209.in-addr.arpa. (45) 13:28:35.436305 IP 192.168.0.11.52326 > resolver1.privateinternetaccess.com.domain: 65414+ A? live.mozillamessaging.com. (43) 13:28:35.436310 IP 192.168.0.11.52326 > resolver1.privateinternetaccess.com.domain: 30886+ AAAA? live.mozillamessaging.com. (43) 13:28:35.478049 IP 192.168.0.11.46175 > resolver1.privateinternetaccess.com.domain: 5292+ A? mx.endora.cz. (30) 13:28:35.478053 IP 192.168.0.11.46175 > resolver1.privateinternetaccess.com.domain: 16624+ AAAA? mx.endora.cz. (30) 13:28:35.815497 IP 192.168.0.11.50734 > resolver1.privateinternetaccess.com.domain: 17117+ A? clients1.google.com. (37) 13:28:35.815508 IP 192.168.0.11.50734 > resolver1.privateinternetaccess.com.domain: 34551+ AAAA? clients1.google.com. (37) 13:28:35.816481 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.46175: 5292 1/0/0 A 88.86.120.212 (46) 13:28:35.818739 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.46175: 16624 0/1/0 (86) 13:28:35.959874 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.50734: 17117 2/0/0 CNAME clients.l.google.com., A 172.217.12.142 (77) 13:28:35.959899 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.50734: 34551 2/0/0 CNAME clients.l.google.com., AAAA 2607:f8b0:4006:819::200e (89) 13:28:35.972396 IP 192.168.0.11.50409 > resolver1.privateinternetaccess.com.domain: 53313+ A? ocsp2.globalsign.com. (38) 13:28:35.972406 IP 192.168.0.11.50409 > resolver1.privateinternetaccess.com.domain: 62184+ AAAA? ocsp2.globalsign.com. (38) 13:28:36.145921 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.50409: 62184 3/0/0 CNAME cdn.globalsigncdn.com., AAAA 2400:cb00:2048:1::681f:4a7c, AAAA 2400:cb00:2048:1::681f:4b7c (126) 13:28:36.153394 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.50409: 53313 3/0/0 CNAME cdn.globalsigncdn.com., A 104.31.75.124, A 104.31.74.124 (102) 13:28:36.345446 IP 192.168.0.11.39036 > resolver1.privateinternetaccess.com.domain: 49155+ A? www.googleapis.com. (36) 13:28:36.345462 IP 192.168.0.11.39036 > resolver1.privateinternetaccess.com.domain: 10791+ AAAA? www.googleapis.com. (36) 13:28:36.483314 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.39036: 49155 13/0/0 CNAME googleapis.l.google.com., A 172.217.6.234, A 172.217.10.234, A 172.217.12.170, A 172.217.12.202, A 172.217.9.234, A 172.217.10.10, A 172.217.10.42, A 172.217.10.74, A 172.217.10.138, A 172.217.3.106, A 172.217.12.138, A 172.217.6.202 (262) 13:28:36.483344 IP resolver1.privateinternetaccess.com.domain > 192.168.0.11.39036: 10791 2/0/0 CNAME googleapis.l.google.com., AAAA 2607:f8b0:4006:812::200a (98) ^C編輯6:
sudo dhclient -r sudo dhclient -v eth0 Internet Systems Consortium DHCP Client 4.3.3 Copyright 2004-2015 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Listening on LPF/eth0/d8:50:e6:05:e1:db Sending on LPF/eth0/d8:50:e6:05:e1:db Sending on Socket/fallback DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x3ede007c) DHCPREQUEST of 192.168.0.11 on eth0 to 255.255.255.255 port 67 (xid=0x7c00de3e) DHCPOFFER of 192.168.0.11 from 192.168.0.1 DHCPACK of 192.168.0.11 from 192.168.0.1 /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf bound to 192.168.0.11 -- renewal in 2147483648 seconds.編輯7:
$ sudo tcpdump -i eth0 -vvv -n port 68 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 14:30:18.135530 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from d8:50:e6:05:e1:db, length 300, xid 0x7a30842b, Flags [none] (0x0000) Client-Ethernet-Address d8:50:e6:05:e1:db Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Request Requested-IP Option 50, length 4: 192.168.0.11 Hostname Option 12, length 10: "vb-nb-mint" Parameter-Request Option 55, length 18: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP, Classless-Static-Route, Classless-Static-Route-Microsoft, Static-Route Option 252, NTP END Option 255, length 0 PAD Option 0, length 0, occurs 18 14:30:18.136280 IP (tos 0x0, ttl 64, id 15220, offset 0, flags [none], proto UDP (17), length 576) 192.168.0.1.67 > 192.168.0.11.68: [udp sum ok] BOOTP/DHCP, Reply, length 548, xid 0x7a30842b, Flags [none] (0x0000) Your-IP 192.168.0.11 Client-Ethernet-Address d8:50:e6:05:e1:db Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: ACK Server-ID Option 54, length 4: 192.168.0.1 Lease-Time Option 51, length 4: 4294967295 Subnet-Mask Option 1, length 4: 255.255.255.0 Default-Gateway Option 3, length 4: 192.168.0.1 Domain-Name-Server Option 6, length 8: 8.8.8.8,10.255.255.10 END Option 255, length 0 PAD Option 0, length 0, occurs 270 ^C$ cat /run/resolvconf/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 8.8.8.8 nameserver 10.255.255.10 nameserver 127.0.1.1
在 /etc/gai.conf 中,您需要將 IPv6 優先於 IPv4 的行註釋掉,如下所示:
# precedence ::ffff:0:0/96 100您還需要編輯 /etc/dhclient/dhclient6.conf 並可能將 -6 參數傳遞給 dhclient 如果這還不夠。
我還建議更正 resolv.conf 連結。
我也可以發誓 dhclient 只使用通過 DHCP 傳遞的前兩個 DNS 伺服器,但我可能錯了。
編輯:
- 上面的步驟是正確的,即作為我們註釋掉該行的第一步:
precedence ::ffff:0:0/96 100在以下文件中:
/etc/gai.conf
- 執行適用於基於 Ubuntu 16.04 的 Linux Mint 18.x的 Microsoft 文件中提到的步驟:
創建以下文件:
/etc/dhcp/dhclient6.conf內容:
timeout 10;創建以下文件:
/etc/network/interfaces.d/50-cloud-init.cfg內容:
iface eth0 inet6 auto up sleep 5 up dhclient -1 -6 -cf /etc/dhcp/dhclient6.conf -lf /var/lib/dhcp/dhclient6.eth0.leases -v eth0 || true
- 最後在覆蓋原始的同時創建符號連結
resolv.conf:ln -sf /run/resolvconf/resolv.conf /etc/resolv.conf
- 從 DHCP 重新啟動,瞧,IPv6 正在工作。