CentOS 7连接问题

我有第二个CentOS 7盒，连接起来很麻烦。基本上，我们运行的是WHMCS，但是一个域名查找一直在失败。所以问题是IPv6连接。

[root@da01 ~]# yum install telnet -y -q -e 0 [root@da01 ~]# telnet whois.crsnic.net 43 Trying 2001:503:e8ef:1000::74...

它试图通过IPv6连接。我们一直在移动我们的colo服务器，并获得了一个IPv6范围（10个地址），但是这还没有在系统中设置 – 因此连接超时。

 [root@da01 ~]# telnet whois.crsnic.net 43 Trying 2001:503:e8ef:1000::74... telnet: connect to address 2001:503:e8ef:1000::74: Connection timed out

解决scheme是暂时禁用整个系统的IPv6连接。所以简单地继续，select你想禁用IPv6的networking接口：

 [root@da01 ~]# vi /etc/sysconfig/network-scripts/ifcfg-em2

然后将所有与IPv6相关的configuration值更改为“no”，如下所示：

 IPV6INIT="no" IPV6_AUTOCONF="no" IPV6_DEFROUTE="no" IPV6_FAILURE_FATAL="no" IPV6_PEERDNS="no" IPV6_PEERROUTES="no" IPV6_PRIVACY="no"

最后，重新启动networking相关的服务。

 [root@da01 ~]# service network restart

现在它将通过尝试通过IPv6连接，然后超时重试与IPv4：

 [root@da01 ~]# telnet whois.crsnic.net 43 Trying 199.7.74.74... Connected to whois.crsnic.net. Escape character is '^]'. Connection closed by foreign host.

所以，我改变了系统configuration中的这些值。

 [root@da01 network-scripts]# sysctl -w net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.all.disable_ipv6 = 1 [root@da01 network-scripts]# sysctl -w net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6 = 1 [root@da01 network-scripts]# sysctl -p /etc/sysctl.conf [root@da01 network-scripts]# sysctl --system

不过，我现在遇到了networking问题。

无法ping服务器

 iMac-van-William-4:~ williamdavidedwards$ ping PING : 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1

从服务器的Traceroute是奇怪的

 [root@da01 domains]# traceroute google.nl traceroute to google.nl (74.125.136.94), 30 hops max, 60 byte packets 1 178.21.23.3 (178.21.23.3) 11.069 ms * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * *

无法ping任何东西，除了服务器IP本身，网关8.8.8.8和8.8.4.4

 [root@da01 domains]# ping nu.nl PING nu.nl (62.69.166.254) 56(84) bytes of data. ^C --- nu.nl ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 999ms

路线-n

 [root@da01 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 5.255.90.1 0.0.0.0 UG 100 0 0 em2 5.255.90.0 0.0.0.0 255.255.255.0 U 100 0 0 em2

在/etc/resolv.conf

 [root@da01 ~]# cat /etc/resolv.conf # Generated by NetworkManager search -removed- -removed- nameserver 8.8.8.8 nameserver 8.8.4.4

使用ifconfig

 [root@da01 ~]# ifconfig em1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c3:fd txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet serveripv4 netmask 255.255.255.0 broadcast 5.255.90.255 inet6 serveripv6 prefixlen 32 scopeid 0x0<global> inet6 ipv6 prefixlen 64 scopeid 0x20<link> inet6 ipv6 prefixlen 64 scopeid 0x0<global> ether ipv6 txqueuelen 1000 (Ethernet) RX packets 42827922 bytes 4801530409 (4.4 GiB) RX errors 0 dropped 30874 overruns 0 frame 0 TX packets 2972081 bytes 1060556603 (1011.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c4:01 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 em4: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:21:9b:a7:c4:03 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 0 (Local Loopback) RX packets 13560475 bytes 5100699012 (4.7 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 13560475 bytes 5100699012 (4.7 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

当我ping一个不存在的地址（dsjahdasjdsa.com）时，它会通过ping dsjahdasjdsa.com.example.com来自动ping我自己的服务器，其中example.com是我网域的域名。

不幸的是，这仍然在发生。我必须承认我卡住了…帮助

这个问题是由数据中心的DDoS防护软件造成的。它包含了一个导致DNS查找时间延迟的错误。我重新安装了操作系统，禁用了DDoS防护（他们正在修复这个bug），现在一切正常。