Destination unreachable: адрес недоступен при пинге внешних хостов
У меня проблемы с пингом google.com на ubuntu 20.04
david@Ptolemy:~$ ping google.com
PING google.com(syd09s22-in-x0e.1e100.net (2404:6800:4006:80e::200e)) 56 data bytes
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=1 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=2 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=3 Destination unreachable: Address unreachable
^C
--- google.com ping statistics ---
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5071ms
Я могу пинговать google со своего компьютера с Windows в той же сети.
Я могу пинговать с мой компьютер ubuntu - шлюз по умолчанию
david@Ptolemy:~$ ip r
default via 10.0.0.138 dev eno1 proto dhcp metric 100
10.0.0.0/24 dev eno1 proto kernel scope link src 10.0.0.28 metric 100
169.254.0.0/16 dev eno1 scope link metric 1000
david@Ptolemy:~$ ping 10.0.0.138
PING 10.0.0.138 (10.0.0.138) 56(84) bytes of data.
64 bytes from 10.0.0.138: icmp_seq=1 ttl=64 time=0.528 ms
64 bytes from 10.0.0.138: icmp_seq=2 ttl=64 time=0.492 ms
64 bytes from 10.0.0.138: icmp_seq=3 ttl=64 time=0.491 ms
64 bytes from 10.0.0.138: icmp_seq=4 ttl=64 time=0.491 ms
64 bytes from 10.0.0.138: icmp_seq=5 ttl=64 time=0.565 ms
64 bytes from 10.0.0.138: icmp_seq=6 ttl=64 time=0.507 ms
^C
--- 10.0.0.138 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5113ms
rtt min/avg/max/mdev = 0.491/0.512/0.565/0.027 ms
Вот некоторые другие настройки:
david@Ptolemy:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 04:92:26:5c:a2:ea brd ff:ff:ff:ff:ff:ff
inet 10.0.0.28/24 brd 10.0.0.255 scope global dynamic noprefixroute eno1
valid_lft 85865sec preferred_lft 85865sec
inet6 2001:8003:7405:1200:b479:aa32:55aa:acf5/64 scope global temporary dynamic
valid_lft 2911sec preferred_lft 2911sec
inet6 2001:8003:7405:1200:88b2:8fdf:2a6e:c736/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 2911sec preferred_lft 2911sec
inet6 fe80::318d:29eb:dfbb:ab2e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
и мои iptables имеют правила по умолчанию, как показано ниже:
david@Ptolemy:~$ sudo iptables -L
[sudo] password for david:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Кто-нибудь знает, как это можно исправить? Спасибо.
ОБНОВЛЕНИЕ Re: вопросы @Jurrie Я пробовал ping -4 google.com на обеих машинах, и он работает. Затем я попробовал ping -6 google.com на обеих машинах. Это дает одну и ту же ошибку недоступности пункта назначения теперь на обеих машинах, так что благодаря вам мы на правильном пути.
david@Ptolemy:~$ ip -6 r
::1 dev lo proto kernel metric 256 pref medium
2001:8003:7405:1200::/64 via fe80::faab:5ff:feca:8050 dev eno1 proto ra metric 100 pref medium
fe80::/64 dev eno1 proto kernel metric 100 pref medium
default via fe80::faab:5ff:feca:8050 dev eno1 proto ra metric 20100 pref medium
Итак, я зашел на страницу шлюза, и в сетевых настройках «Локальный IPv4-адрес» задан тот, который мы видели 10.0.0.138, однако в этой таблице внизу есть две настройки IPv6, которые оставлены пустыми, т.е. не задано. Связать IPv6-адрес локального шлюза Адрес IPv6 Globale Gateway
Мне нужно будет выяснить, как настроить ipv6 для моего шлюза, или я могу настроить ubuntu на использование ipv4. Что предпочтительнее?
Дополнительные результаты тестирования и странное поведение -
Я вернул gai.conf в исходное состояние, закомментировав вашу рекомендованную строку
Priority :: ffff: 0: 0/96 100перезагрузился, а затем запустил следующие тесты. Обратите внимание, как pinging google без параметров не работает с сообщением о недоступности хоста, где работает pining amazon. Затем обратите внимание, что ping -6 также не работает, но создает разные сообщения. Я думаю, что ubuntu вернулся к использованию ipv6 для пинга, но почему это амазонка. com работает с обычным пингом, если это так?
david@Ptolemy:~$ ping www.google.com
PING www.google.com(syd09s23-in-x04.1e100.net (2404:6800:4006:80f::2004)) 56 data bytes
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=1 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=2 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=3 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=4 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=5 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=6 Destination unreachable: Address unreachable
^X^C
--- www.google.com ping statistics ---
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7090ms
david@Ptolemy:~$ ping www.amazon.com
PING d3ag4hukkh62yn.cloudfront.net (13.224.176.180) 56(84) bytes of data.
64 bytes from server-13-224-176-180.syd1.r.cloudfront.net (13.224.176.180): icmp_seq=1 ttl=244 time=22.1 ms
64 bytes from server-13-224-176-180.syd1.r.cloudfront.net (13.224.176.180): icmp_seq=2 ttl=244 time=21.9 ms
64 bytes from server-13-224-176-180.syd1.r.cloudfront.net (13.224.176.180): icmp_seq=3 ttl=244 time=21.8 ms
^X64 bytes from server-13-224-176-180.syd1.r.cloudfront.net (13.224.176.180): icmp_seq=4 ttl=244 time=21.7 ms
^C
--- d3ag4hukkh62yn.cloudfront.net ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 21.661/21.860/22.090/0.160 ms
david@Ptolemy:~$ ping -6 www.google.com
PING www.google.com(syd09s23-in-x04.1e100.net (2404:6800:4006:80f::2004)) 56 data bytes
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=1 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=2 Destination unreachable: Address unreachable
From 2001:8003:7405:1200:faab:5ff:feca:8050 (2001:8003:7405:1200:faab:5ff:feca:8050) icmp_seq=3 Destination unreachable: Address unreachable
^C
--- www.google.com ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3026ms
david@Ptolemy:~$ ping -6 www.amazon.com
ping: www.amazon.com: Name or service not known
david@Ptolemy:~$ ping -4 www.google.com
PING www.google.com (142.250.66.196) 56(84) bytes of data.
64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=1 ttl=115 time=22.3 ms
64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=2 ttl=115 time=27.1 ms
64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=3 ttl=115 time=22.3 ms
64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=4 ttl=115 time=22.3 ms
64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=5 ttl=115 time=21.9 ms
^X64 bytes from syd09s23-in-f4.1e100.net (142.250.66.196): icmp_seq=6 ttl=115 time=22.2 ms
^C
--- www.google.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5007ms
rtt min/avg/max/mdev = 21.931/23.008/27.081/1.825 ms
david@Ptolemy:~$ ping -4 www.amazon.com
PING e15316.e22.akamaiedge.net (23.217.176.20) 56(84) bytes of data.
64 bytes from a23-217-176-20.deploy.static.akamaitechnologies.com (23.217.176.20): icmp_seq=1 ttl=60 time=9.58 ms
64 bytes from a23-217-176-20.deploy.static.akamaitechnologies.com (23.217.176.20): icmp_seq=2 ttl=60 time=9.31 ms
64 bytes from a23-217-176-20.deploy.static.akamaitechnologies.com (23.217.176.20): icmp_seq=3 ttl=60 time=9.36 ms
^C
--- e15316.e22.akamaiedge.net ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 9.305/9.414/9.578/0.117 ms
1 ответ
Pinging google.com from your Ubuntu installation is done using IPv6.
You mention you can ping google.com from Windows on the same network - is this also using IPv6? Or is it using the older IPv4 variant?
If Windows is using IPv4 - could you try ping -4 google.com in Ubuntu and see if that works? If it does, we can be sure the problem is IPv6 based. If it does not work, something completely different is wrong. (Though I do not see what exactly.)
The diagnostic commands you give are all IPv4 based. We need the IPv6 equivalents.
Could you try:
ip -6 rto list your IPv6 routesping -6 [your-default-gateway-here]%[iface-to-use-for-default-gateway]to ping your default gateway using IPv6sudo ip6tables -Lto list your IPv6 firewall rules
And list those outputs here?
Update
To IPv6 or not to IPv6?
You ask whether IPv4 or IPv6 is preferred.
Computers that are connected to a network (like the Internet) are given unique numbers. These are either IPv4 numbers or IPv6 numbers. IPv4 numbers look like 52.142.124.215, while IPv6 numbers look like 2001:9a8:0:e:1337:0:80:1. The IPv4 number scheme allows for a maximum of 2³² unique addresses (though a bunch of those are reserved for special purposes or for private networks). Believe it or not, this is not enough nowadays. IPv6 was invented to fix this (and more) - it allows for a maximum of 2¹²⁸ unique addresses. This is why in general I would say you should prefer IPv6.
But, you say your ISP does not support IPv6. It's a shame, ISPs have been given plenty of time to support IPv6. But if not all devices between your Ubuntu machine and Google.com support IPv6, you can not do 'real IPv6'. (There is the option to do IPv6 over IPv4, but don't bother - switching ISPs is more likely a better solution.) Stick to using IPv4.
Why does Ubuntu try IPv6 when the ISP does not support it?
As said, computers use unique numbers to refer to other hosts. But we humans are not good in remembering such numbers as 52.142.124.215. We are good at remembering funny, random words, like "Duck Duck Go!". (In fact, you've already remembered it now: duckduckgo.com is a privacy friendly search engine.) So, in the background, we use a system called DNS which translates duckduckgo.com into 52.142.124.215.
ISPs all run DNS servers for this, and there are also public DNS servers that are not ISP-specific.
Your Ubuntu machine asked its DNS resolver: "Hey, what's the IP number for google.com?", and the DNS server responded "That would be 2404:6800:4006:80e::200e good sir". However, that's an IPv6 address, and your ISP does not support it.
So it makes me wonder which DNS servers you use? Could you check this in your network settings? Try to use the DNS servers provided by your ISP. Most often, ISPs suggest using DHCP, which will make your computer automatically use the ISP DNS servers.
If you are already using your ISP's DNS servers, or you can not use them, or you do not want to use them, you should configure Ubuntu to prefer IPv4 addresses even though an IPv6 address for the requested DNS name is available.
Prefer IPv4 addresses when doing DNS lookup
Programs on Linux do DNS to IP resolution using the function getaddressinfo. That function has a configuration file: /etc/gai.conf. Open it using a text editor, and add a line at the bottom saying:
precedence ::ffff:0:0/96 100
On my system, this changes ping google.com from using IPv6 to IPv4. (Note that this part on getaddressinfo was taken from this answer.)