设为首页收藏本站
开启辅助访问 切换到窄版

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
宽带技术网»首页 ::::: 技 术 交 流 区 ::::: 『 光猫FTTx技术交流区 』 深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT ...
12
返回列表 发新帖
楼主: gwaiter

深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT925G

[复制链接]
gwaiter
 楼主| 发表于 2021-6-29 19:52:49 | 显示全部楼层
开日志发现关键,run out先不管
9 ~6 Q# ~6 f5 {7 A. T那每当我从外网测试内网IPV6的时候就会出现下面的Warning: [- Z: p9 A  }! c) W( I
高手指导一下怎么解决,应该解决这个,网络就通了syslog: Ignoring non-LinkLocal MLD from :: received on br0/33
1 k; Y' [9 D2 r$ c: i( ^4 k2021-06-29 19:50:09        Warning        kernel: run out of client entry!
9 y* z0 E  N- n, {/ a2021-06-29 19:50:09        Warning        kernel: run out of client entry!6 V; v$ K+ I: m0 L6 L9 p% I
2021-06-29 19:50:09        Warning        kernel: run out of client entry!
- T- P+ S2 Y) p7 J  \; f2021-06-29 19:50:09        Warning        kernel: run out of group entry!
& [. i( W9 I& S2021-06-29 19:50:09        Warning        kernel: run out of group entry!
6 f7 m8 o, R. e. I8 A2021-06-29 19:50:09        Warning        syslog: Ignoring non-LinkLocal MLD from :: received on br0/33
- a- k  V# _2 }8 b8 l2 u$ Y# C' U2021-06-29 19:50:09        Warning        kernel: run out of group entry!$ t9 Y% x$ L2 Y# p0 x
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
5 W3 D2 ~/ o/ E2021-06-29 19:50:09        Warning        kernel: run out of group entry!% k) g& o/ o9 f' h
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
9 j* l% O' d& [2021-06-29 19:50:09        Warning        kernel: run out of group entry!4 |# r. C$ N4 z# X) B3 [
2021-06-29 19:50:09        Warning        kernel: run out of group entry!2 R4 C' Y1 `! s; y' o- e& B
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
# E/ j& N" h% _# A8 ~, o2021-06-29 19:50:09        Warning        kernel: run out of group entry!
* Z# _/ k4 T+ _" p2021-06-29 19:50:09        Warning        kernel: run out of group entry!/ |& \* _! O! q  `* {
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
$ }" E3 ^0 F4 i# O0 X; I# @( _2021-06-29 19:50:09        Warning        kernel: run out of group entry!3 Z( U  E# M# G( ~# w5 \5 s
2021-06-29 19:50:09        Warning        kernel: run out of client entry!- m8 D# A9 Q! w2 n; f
2021-06-29 19:50:10        Warning        kernel: run out of group entry!
6 L8 h3 P, Y4 ?& m# X2 J3 A6 s2021-06-29 19:50:10        Warning        kernel: run out of group entry!
5 B7 N- f# ]" @# i' G' n2021-06-29 19:50:10        Warning        kernel: run out of client entry!
8 U0 E7 V, P8 T2021-06-29 19:50:10        Warning        kernel: run out of client entry!
/ v! r; R9 _+ H$ [3 ^- L5 W2021-06-29 19:50:10        Warning        kernel: run out of client entry!
. O9 }3 W# q. W2021-06-29 19:50:10        Warning        kernel: run out of group entry!
# j6 ]; B0 T+ n2021-06-29 19:50:10        Warning        kernel: run out of client entry!8 I4 h3 M3 |1 Q* ~
2021-06-29 19:50:10        Warning        kernel: run out of client entry!
3 B% c) [, Y* W9 p$ {2021-06-29 19:50:10        Warning        kernel: run out of group entry!! C2 D  t/ G1 a  E/ Q$ X
2021-06-29 19:50:11        Warning        kernel: run out of client entry!
$ c) d( S5 g: @& l  ^8 U  E2021-06-29 19:50:11        Warning        kernel: run out of client entry!
" `) ]* |( K9 ?3 ^0 J, A4 [2021-06-29 19:50:11        Warning        kernel: run out of client entry!
; [/ }$ a6 s" q4 v' r( s, ]: l1 l2021-06-29 19:50:11        Warning        kernel: run out of client entry!9 d: A5 E+ P$ ^' Z
2021-06-29 19:50:11        Warning        kernel: run out of group entry!
1 W7 B7 W- t4 w4 y( d# Y2021-06-29 19:50:11        Warning        kernel: run out of group entry!- T, N; z! z" g' k2 d2 n

$ E4 I& ]" R% m2 l8 a0 o1 _
回复

举报

gwaiter
 楼主| 发表于 2021-6-29 21:26:38 | 显示全部楼层
给各位认真研究问题的一个小福利,上面的问题虽然暂时没解决,但是我发现一个明显提升IPV6稳定性的设置方法,任何光猫xml文件里调整这几个值,如下:$ X% J+ U4 K1 `5 [5 l5 J
% S/ X. A: g. a; G- ^2 H
基本上IPV6就稳定不掉了,设备更新、获取IPV6地址速度也超快,具体这几个值什么作用呢?自行搜索一下,就不解释了。- {* O: x" c' J) g- ~9 [
电信默认的值太大,导致IPV6经常性的不稳定。
. S: b* @% \  R6 q# V! k- ?5 {7 o: T) [6 O" G
  <Value Name="DHCPV6S_REBIND_TIME" Value="120"/>) c' p. M# B$ r  C0 t8 x2 W: F* O5 e
  <Value Name="DHCPV6S_RENEW_TIME" Value="60"/>
" G4 T/ ]$ W" g, N+ z: J6 t
4 l6 ^9 ?. P) {  z" R  i2 `<Value Name="V6_ADVDEFAULTLIFETIME" Value="60"/>& E! d  [) |9 e
4 D( v* @" M( r
  <Value Name="V6_MINRTRADVINTERVAL" Value="30"/>
1 d. o6 j) S  ^ <Value Name="V6_MAXRTRADVINTERVAL" Value="40"/>
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:12:33 | 显示全部楼层
折腾半天,又找到一张桥接路由表了,看样子防火墙还真不止一个,但是这个表接口太多,不敢乱动,头大试了都加上ACCEPT不行,-t brouter 里全加DROP或ACCEPT也不行,还要继续研究" r! z# Y( r7 g$ j

+ n; j; k& k- u. S#ebtables -L
0 J/ }! b- g+ j# E8 {! g. ?Bridge table: filter: }. T0 q% A3 a9 j% }
4 t* y$ a* J, X% {9 q
Bridge chain: INPUT, entries: 5, policy: ACCEPT4 [3 |5 w+ L$ A- d4 F0 Y
-j BRWANs_BIND_LANs
; @8 b( e; {2 `5 `- `# ]5 ~-j br_wan& l! M" l2 Q$ N7 u% y) G
-p IPv4 --ip-proto udp --ip-sport 68 --ip-dport 67 -j dhcps_disable
* o1 x$ ]. }1 F$ q- x-j portmapping_igmp7 b6 P) G8 m+ `% z. [
-i wlan+ -j WLACL_INPUT, v, J% G! h7 [( Z% @) L0 u
) i3 x5 n2 h' ~- Z+ k! p
Bridge chain: FORWARD, entries: 10, policy: DROP
3 m+ d- Y( _! `4 _1 A! W-o veth+ -j ACCEPT4 Y( Y* l# h1 w' e" }6 Q. V3 `
-i veth+ -j ACCEPT# e" `' l: h6 y  H8 u1 j
-j disBCMC3 O; z! e& r, f) f8 ~9 V0 P0 H% c
-j wlan_block( J- g* Y( z2 Z5 }
-j br_pppoe
, c+ w- z3 W+ W+ y  \. ~-j macfilter_r8 `+ X' T$ _+ `" a
-j internet_accessright_b# o9 R) W- i5 F, y
-i wlan+ -j WLACL_FORWARD
% ~! Y8 _! u2 I4 {, a, _-j vlanmapping
" R0 P. n! T; F7 k7 n8 W-j portmapping
6 E; `" ]( [; i/ A3 [1 u8 R+ k8 d3 @9 {. k% y$ o4 m; R+ e# z9 r8 P3 A3 I; L
Bridge chain: OUTPUT, entries: 2, policy: ACCEPT) t! |/ Y/ D: I  Z$ t
-j BRWANs_BIND_LANs
  X. G# T* L8 W9 q2 g# Z-j br_wan_out
, S" K; f, h6 h0 |! E+ C: H6 T4 `* _& o4 Z
Bridge chain: BRWANs_BIND_LANs, entries: 2, policy: RETURN" Y# M  O1 `  U% [  @& |2 [
-p IPv6 -o eth0.3 -j DROP
. d6 l  d  M" y8 ~: M& l-p IPv6 -i eth0.3 -j DROP
5 f8 G* h& A, s5 P0 q. @
. M6 b+ K2 P# U3 h$ w, s0 jBridge chain: br_wan, entries: 1, policy: RETURN
& s9 v! J2 X3 O% A-i nas0_2 -j DROP
$ b% m# n0 I9 `+ a3 e$ R7 P' J! T1 H' l3 y. }% w3 m4 G, a
Bridge chain: br_wan_out, entries: 1, policy: RETURN: Q( l  l7 R8 Q$ h/ w* l
-o nas0_2 -j DROP4 B3 x3 F/ F* p
0 f) O+ J3 w. ~, Z
Bridge chain: wlan_block, entries: 0, policy: RETURN, a3 r0 J5 x. g) {+ @
' s0 E* t3 e) k1 n$ N; S; K4 s$ t
Bridge chain: br_pppoe, entries: 6, policy: RETURN/ _2 O0 F- l% O4 f/ o$ J
-p 802_1Q -i nas0_2 --vlan-encap PPP_DISC -j RETURN
# s' j6 ?" P/ @/ [+ ]) J-p 802_1Q -i nas0_2 --vlan-encap PPP_SES -j RETURN
; E0 r- d9 p0 w$ K! X: k$ _-p PPP_DISC -o nas0_2 -j RETURN
5 ?" J% Z1 T2 Q  L-p PPP_SES -o nas0_2 -j RETURN
7 p* R% K) J/ C4 O# e) V5 M$ _8 y' D-i nas0_2 -j DROP
; y, _( h( H9 W' C" ^9 V1 `# C3 t-o nas0_2 -j DROP
  H( I) B5 z# P: k
0 \" s# h7 }  T) a& H$ x3 `8 ~Bridge chain: macfilter_b, entries: 0, policy: ACCEPT
1 p0 O9 k/ d. q$ ^$ L+ y5 {3 |- X6 b
' |8 |- p" C4 A  A/ J0 z% lBridge chain: macfilter_r, entries: 0, policy: RETURN2 e2 K# O# @! x! C% V

$ r7 U" B7 a& mBridge chain: internet_accessright_b, entries: 0, policy: ACCEPT
$ i6 t1 @. }9 q( L2 k: i/ L' T- }, M( a7 g$ o5 ]
Bridge chain: disBCMC, entries: 3, policy: RETURN# P3 @$ l6 O6 B3 J+ }
-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type 130/0:255 -j RETURN
/ b+ j! V" \, {-d Broadcast -j DROP" U" f% e  I# q4 P. i0 E) t
-d Multicast -j DROP. ^, h0 \/ T6 d; s& P, F

5 b6 Z* }! V9 KBridge chain: dhcps_disable, entries: 1, policy: RETURN' w; j5 g0 |+ r+ ]' O8 h
-i eth0.3 -j DROP
9 P- N* I$ M) A6 L6 [
+ T$ |4 H! t- s$ S* n3 ]Bridge chain: portmapping_igmp, entries: 1, policy: RETURN
. q  _  Q* W0 }" o" |-p IPv4 -i eth0.3 --ip-proto igmp -j DROP+ [% M: y; t1 L
! p( z  `* |1 ]+ E
Bridge chain: WLACL_INPUT, entries: 0, policy: RETURN
9 K5 v+ ]  t0 B$ i, w+ }; k
( }6 n/ a+ V4 N4 HBridge chain: WLACL_FORWARD, entries: 0, policy: RETURN9 u$ P' F2 J8 d# x! ?

% E1 F. |/ H+ C5 L; W1 B8 _Bridge chain: vlanmapping, entries: 21, policy: DROP
+ [8 d( B. }1 T, G. X, t-i nas0_2 -j RETURN+ h- W2 F- P$ m# I& i% d
-i wlan1-vap6 -j RETURN: I2 o& x- f, @
-i wlan1-vap5 -j RETURN( E6 O, s2 [( d$ E  R
-i wlan1-vap4 -j RETURN! o5 q: L' l5 M' \8 b+ h1 v1 ~. @
-i wlan1-vap3 -j RETURN& e: h$ O. p7 P( }/ Z
-i wlan1-vap2 -j RETURN  \& f2 o$ e4 H* ^3 S
-i wlan1-vap1 -j RETURN: A! f0 W6 b4 B$ a
-i wlan1-vap0 -j RETURN3 n. Z8 y4 g4 @7 C5 I6 C, T
-i wlan1 -j RETURN
- A( j5 \: D; O* J+ a-i wlan0-vap6 -j RETURN" t0 N9 W# t  U* Q& X: W
-i wlan0-vap5 -j RETURN  T1 @5 k: z: N- a
-i wlan0-vap4 -j RETURN' F6 W: {. `6 u7 s
-i wlan0-vap3 -j RETURN
4 f- w# |3 I! D. M2 @/ W6 S6 H-i wlan0-vap2 -j RETURN* ?0 N+ F( ?) N) _1 R
-i wlan0-vap1 -j RETURN  |( M+ X4 h; x) ^# M( v. u& i
-i wlan0-vap0 -j RETURN
# b7 _) x* i' _& r3 ?5 e-i wlan0 -j RETURN$ v0 q0 N/ L, {6 X/ [
-i eth0.5 -j RETURN
0 M' R6 p% c7 @. e5 e" a-i eth0.4 -j RETURN$ q8 _' r- f% t- `  Y- J4 g
-i eth0.3 -j RETURN! c, a2 y- B4 P5 F+ B
-i eth0.2 -j RETURN
: }3 v* L( o2 @
5 h; {: _! b) uBridge chain: portmapping, entries: 8, policy: ACCEPT3 P; ~3 L5 O) ^6 n/ k3 R, ^
-i nas0_2 -o eth0.3 -j RETURN. _& o  _. N3 Q
-i eth0.3 -o nas0_2 -j RETURN
" r- [/ a/ [1 {: y  {4 b; B-i eth+ -o eth+ -j RETURN( t0 V+ [1 `6 ^  l
-i eth+ -o wlan+ -j RETURN+ V% m3 T) ^  s( S
-i wlan+ -o eth+ -j RETURN3 E! H+ j  g/ R- x( O
-i wlan+ -o wlan+ -j RETURN! c3 m1 k4 ^' o: {" G" G% V$ X3 L
-i eth0+ -j DROP
" Q: k1 B: ~! t) d7 S-i wlan+ -j DROP
6 {% ~5 [! D2 [
7 F+ n; E4 c  ~# Z) }) {& U# A1 u$ A$ R% D% Y
- F" k7 @" w: d5 K# l2 D5 W  H, J
#ebtables -t broute -L
1 {2 {0 r1 u; DBridge table: broute' l9 p. }% R* n

$ g' H, o, Y; B+ o4 WBridge chain: BROUTING, entries: 4, policy: ACCEPT
' C& D+ A; }* m) B% k2 W% ]-j broute_vlanmapping' @  ]! X$ N* g1 C2 b( J
-j vlanbinding. v& ?9 S: q" u' R: i7 Q  C& o. W
-j br_pppoe" f  a  h" Q: B# j1 c
-j qos_eb_rules0 f3 i; d+ c: r2 {
9 C- M0 t7 c3 p" h
Bridge chain: br_pppoe, entries: 1, policy: RETURN
2 B3 T, w. t' c- T-d 74:b7:b3:43:14:e8 -i nas0_2 -j DROP. J7 [0 W2 f7 Y7 @; G$ D# s8 J+ ?
' v( p1 A! d2 u
Bridge chain: broute_vlanmapping, entries: 0, policy: RETURN! `4 X( d! X* F0 M. O
) R, ?- ]8 w4 B, l3 x# t
Bridge chain: vlanbinding, entries: 0, policy: RETURN
$ t  T% b# I! s# _0 F& c5 t! [: T9 S" G
Bridge chain: broute_chain_eth0.2, entries: 0, policy: RETURN
3 m4 C5 u) J+ r) g
1 Q9 y& e2 l9 S; d1 f( ^2 MBridge chain: broute_chain_eth0.3, entries: 0, policy: RETURN
" u4 z# `, L  O. i/ G6 R' Q; F  k' R. K4 ^1 A+ |
Bridge chain: broute_chain_eth0.4, entries: 0, policy: RETURN( }, {( a& Z- @; X! X

* d& F+ D* @, ?! G* I. J( ]Bridge chain: broute_chain_eth0.5, entries: 0, policy: RETURN
6 f# i3 g' b- @& L# M" F- F2 D
: i9 L% \" P+ i# oBridge chain: broute_chain_wlan0, entries: 0, policy: RETURN
' y! |1 P' k3 u! [( u7 ?2 b* I- c" m* M3 c' f
Bridge chain: broute_chain_wlan0-vap0, entries: 0, policy: RETURN. U' B. {- I* p( U) N  V8 |
& E; f0 Z, Q2 q1 `2 F: n1 ]
Bridge chain: broute_chain_wlan0-vap1, entries: 0, policy: RETURN0 {" Q/ e" v/ C' N" V" S

) Q6 O1 A& K: \% z8 F) hBridge chain: broute_chain_wlan0-vap2, entries: 0, policy: RETURN* I6 [5 B. g5 x/ r8 P1 D6 P

/ I, U# S# X: R6 E  i/ u2 JBridge chain: broute_chain_wlan0-vap3, entries: 0, policy: RETURN
6 y* c/ ]5 x/ X
% v0 |6 R2 C3 ~7 a5 n3 [2 g2 i6 wBridge chain: broute_chain_wlan0-vap4, entries: 0, policy: RETURN
( J- V; K. R; n+ R6 v4 c' ?9 u- e/ `4 B7 i6 {4 t$ }
Bridge chain: broute_chain_wlan0-vap5, entries: 0, policy: RETURN; d. m* M7 c7 h2 Q$ ~* J, }
4 h) i( @. `- f$ X+ m; E1 D
Bridge chain: broute_chain_wlan0-vap6, entries: 0, policy: RETURN: t& U: a' g4 C, q

9 x9 z* {3 f. N3 ]+ m1 WBridge chain: qos_eb_rules, entries: 8, policy: RETURN
( x9 ~$ O. ?( g4 s! L-p IPv4 -i eth0.3 --ip-dst 255.255.255.255 -j mark --mark-or 0x100 --mark-target CONTINUE
; \7 W2 r+ B6 X) K2 D-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 5060 -j mark --mark-or 0x200 --mark-target CONTINUE
4 g& f% D2 g4 X9 Q0 w( f$ ^: Y-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 9000:9010 -j mark --mark-or 0x300 --mark-target CONTINUE
# I: @8 B' t2 L6 n-p IPv4 --ip-dst 192.168.111.34 -j mark --mark-or 0x400 --mark-target CONTINUE& T5 P% c: e2 y: P* r
-p IPv4 --ip-dst 255.255.255.255 -j mark --mark-or 0x500 --mark-target CONTINUE
2 n; E$ D( w! Y9 @-p IPv4 -j mark --mark-or 0x600 --mark-target CONTINUE/ U4 S- v& `9 L% t& V
-p IPv4 -j mark --mark-or 0x700 --mark-target CONTINUE
# T- y, Z# O0 P2 \1 B. ]-p IPv4 -j mark --mark-or 0x800 --mark-target CONTINUE
' a9 a2 R" t7 C5 c: N: @- q+ j7 l' x- a; h" Q

7 y) {' h& l7 n8 p
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:24:19 | 显示全部楼层
说到桥接表,那必须要有接口信息才好研究,接口信息如下:% B5 L0 N  m' x8 O
+ O' h  b; X3 \: F, }' H
#ip addr show5 p6 X: ]! n0 \
4 g! g9 v. ?7 }; R, w$ A& }
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN4 L3 ~4 D/ X  `+ F( g' X  f

- c5 @' I) g; A. H2 E9 a1 |    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002 q! p( Z, ~3 e; Q1 B' C- J

* x  T6 R9 x: V* {5 L/ p    inet 127.0.0.1/8 scope host lo
, ?; I$ [, B6 a" v) s) _/ m  R/ \2 d/ L/ U# q
       valid_lft forever preferred_lft forever) T/ W+ `* I. H" j& M* T
6 v0 J  b8 r0 }- G
2: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
8 E4 f0 I; b! f. F0 _6 j7 f  e/ t3 q$ Q/ o: F
    link/ether b6:be:c8:6b:52:f9 brd ff:ff:ff:ff:ff:ff! G2 _' K9 _* K2 `. e7 U+ p1 N
' Z' R6 G2 Z0 e' E, Y) ?0 G
3: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 328 F/ V4 M. P; L- x! R/ N: i

# ]+ V: n9 i! }0 I4 L% X2 s2 {& r    link/ether 9a:90:b4:6a:81:77 brd ff:ff:ff:ff:ff:ff
# S& Q1 O! A$ D% z4 G
: ]4 @$ X5 Y4 H3 x; u- F4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN qlen 1000* E1 k! ]6 ^+ q2 L' L5 @3 B
% |) i( p( j4 M" @
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff' b  A' J# }6 F4 s- U, j$ A

5 n% i' R! O7 k0 o% O5: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000( F. `3 ]  y% C+ i. ~

* v  d* F& }: L0 o4 _1 j4 W7 j    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
) n1 n- |( R0 j8 t* Z7 I' g9 ]
& z( _$ g7 Z* V1 g, |6: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000* c9 u  P9 R: \0 F0 c9 U( B

- }, `3 v- i# k' S    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff+ {+ b$ h: f% o$ v  Q0 u1 k5 r/ J2 z

$ L5 M% _& I. C" {: r8 i; t7: eth0.2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000( X& D- x% B" B! W

5 J) ?; Y/ F/ T( N" x; W    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
. b. T+ K7 S( ]- d' j: y$ R( d7 T; V* z' _7 S  Q9 J
8: eth0.3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
: `/ \1 t; y2 j  o7 A- z& u, E. J6 _( n0 Q- g9 d) i
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff$ ?) A1 {4 s/ m; f
) J" T) l4 j8 r3 I# P, x
9: eth0.4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
& i. J- t+ R$ T
- b4 B# z0 z; x; Z. {" Q! k: z* l- K    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff# |  F. l( L4 ?8 t: `

: s, L% j. p: S3 k10: eth0.5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000; L1 A. @3 ~7 i5 I& ]3 Y0 u

) F; S9 }2 h) f- U2 z# A- ?4 \1 X    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff) A# p# e9 u6 h6 P" c" G
+ m5 z5 V8 H9 o/ x1 E
11: eth0.6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
' t1 v) L/ T# \1 A
( e% ~3 v8 c5 |1 T& h% [    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
; B' V9 o1 x1 b! c. f# T3 N( p9 Y! ?* y, _, u+ t) e* I
12: nas0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
5 g  U$ i3 Q7 B) v& i+ i0 E% _
8 C0 D+ H. T# Z6 B/ O9 _; G    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
; M" j, V. Q0 }( s4 M* M3 ?! D+ X: y' v) G# w% }
13: pon0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000; L* k$ v1 k, t) `
" T* y, o8 V; k" n' a' A
    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff* V5 o) p# F* U& _5 H4 u
( X+ c4 d( e9 p# W" g
14: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
. q! K4 @% F- j4 h1 A  t1 W- e6 S
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff2 E4 s5 u6 a; R5 y
: I- L7 K, Z* L: A# s2 P8 D! G' ^
15: wlan0-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000" m  C  h6 K: T. U

" N7 x' @- A2 Y# g5 W: E8 Q    link/ether 82:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff5 q/ v: ?0 G$ j8 c4 t( Z7 ^

' ^& V0 d6 i! f16: wlan0-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000% Q* o( m% r3 ?) {! u( O

* J1 c8 T1 [8 ~3 K! r: X    link/ether 82:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
4 b" _8 |5 z5 v) B" h% r0 H( u& O& y+ P  w1 v6 l( V% K
17: wlan0-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000% l2 U' \! E9 W4 S: r$ R

" d! i) [/ {( ]. x$ D: r    link/ether 82:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff+ K0 `# {2 i7 h5 ~

: h* Z# j4 J/ P& V5 k5 }/ V18: wlan0-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
% W% H8 e: s2 W  P* F
; O- D0 ^" ?0 |% F7 r3 F* H. d    link/ether 82:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff2 K- q6 o4 m9 w8 g* g/ S/ f# H

  n1 C, F* S7 J/ _& e5 R19: wlan0-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
, v  C6 q; l- ?" u0 U2 ]' R; n2 u! ?, Q0 i  G
    link/ether 82:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff  u2 F7 K' Z( z& _9 Z/ R
; X3 q6 L/ ?9 {( c$ w9 m
20: wlan0-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10004 a3 Q! D. T5 ~6 o; I( L% u
% J/ f7 M0 }* ], _! k7 ^& i2 m% O
    link/ether 82:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff
" {+ m: x- `- X, i  G5 b4 g! p% E" P* l) L, o5 o# I) b1 \) e
21: wlan0-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
) L$ |9 Y' J3 H% X2 Y7 P" P- r8 V2 t% i6 |! E/ {
    link/ether 82:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff
9 H9 ]7 T3 U; N1 q1 i+ T3 X4 m& P% H- V1 |6 ]
22: wlan1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
, y* s+ t7 z& @9 }9 t  Z  t' f$ b7 Q7 F. y
    link/ether 74:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff% F; l/ v8 b* B
$ Z* Q7 o5 @% L
23: wlan1-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
0 K( l; u% ]/ f, H* e( E  |
( M6 h3 T! `+ k5 G    link/ether 8a:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
" [8 |; `# ?7 f6 V( j' o# y' Y5 f" \3 _) R6 K' \
24: wlan1-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
5 x4 q3 n: |# B. H2 L0 Q' Z1 W- u7 y
6 ?/ j0 q5 P% [, ]    link/ether 8a:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff/ w9 w8 ]3 ~: X- x+ ]

& z7 G5 @2 S1 F: U25: wlan1-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
2 j9 g. n' Q4 W: V; w
4 g  P1 Q: j' z3 a( |- m    link/ether 8a:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff
8 n, N0 x0 b. d! e9 V3 p& ?9 l9 d% L# g; r9 E. _2 O8 W
26: wlan1-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000+ W' k9 V7 w3 t. z
0 S9 Q. Q" Y" g( N1 b
    link/ether 8a:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff; v: u6 M$ h8 ^' F/ b

7 s% ?: W/ x* b# F27: wlan1-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10002 i  E9 m, |# I3 O7 ]0 P
) R% z! B# }% Y9 w- a0 \
    link/ether 8a:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff
. B# ?6 R. R* O0 T! M1 |* c4 w9 g( W' L6 A: v7 h9 b- W2 l+ \, @
28: wlan1-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
( W; m  C! c5 y6 L  T2 O( C/ u# Z2 `5 t3 t  u3 ?* A3 T" l
    link/ether 8a:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff
1 V) \6 g6 H7 S& l  }' i3 u% a/ ?5 e9 g4 a6 h1 O: R9 c6 ]8 Z
29: wlan1-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
5 U7 {* ~1 j* F2 X/ P; u. Z7 ^& ^
3 G; ]2 n! b8 Q: I# L    link/ether 8a:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff. l" p4 ~! p0 Z! q- T

* m: n8 R9 `, N! A( o2 A2 G$ ~5 c! B30: pwlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10001 Z" ]- X5 h: r: `5 S3 T5 S1 Y

) w" E+ R- c8 A    link/ether 00:e0:4c:81:96:96 brd ff:ff:ff:ff:ff:ff. r; z0 b4 a& x. h9 p
1 b2 L9 B+ s  c
31: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN( J, y, j4 p! F3 `+ b  A( y

8 x7 Z- g/ E  t/ X    link/sit 0.0.0.0 brd 0.0.0.0
9 r' n# [8 Y* g7 o. p# j3 l4 O, t% o9 _+ Q
32: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN2 [# h' f2 w" o$ |" u9 b
. r3 D" s0 R6 M5 d3 d( l( o
    link/tunnel6 :: brd ::
0 l3 {4 x" u! `. U4 m5 Q" G/ q$ p5 B- f6 d6 g
33: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP5 W2 y; j/ b3 @+ {. U

" b: B# }  _1 |6 {/ H    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
3 [9 _- C3 K/ k$ J7 X& D* l2 u3 r) N, y1 C- @; \
    inet 192.168.1.3/16 brd 192.168.255.255 scope global br0
. F6 c9 C( m+ ]0 M7 c  t' ?% z* I% U# y; ~2 I3 O
       valid_lft forever preferred_lft forever
/ K4 u: n" R+ ]8 k- y( _: i  f, e7 [1 g
    inet6 240e:3b2:2c12:6b40:76b7:b3ff:fe43:14e4/64 scope global6 Y6 U( y0 y  p8 w
/ Q- {# |  C' c7 o1 z% \
       valid_lft forever preferred_lft forever2 V9 B. e/ t! ]
# ^6 C' {; v& J" X. z! w) W) B
    inet6 fe80::1/64 scope link* I( d8 A& ^& W; ]+ R

7 t* g$ u' {% J6 P       valid_lft forever preferred_lft forever
* K/ y5 a% b( b' g/ u, Z9 O' ^+ F2 J' ~3 ~
34: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc noqueue state UNKNOWN
( P1 d& \! |! c! U; @% |( e% [; f/ R7 \8 Y
    link/ppp
& y& i( Q0 @5 V; p3 U& [# `+ A. h) p8 Y& b1 t8 e: P; {/ J
    inet 183.15.*.* peer 183.15.*.*/32 scope global ppp0//公网,后几位隐9 a" Q2 S3 R! P( j* G

; |/ f( Z+ O' O- i6 }* I; D3 W3 p- ~, R       valid_lft forever preferred_lft forever& T" i, o( u# a! d% |
/ V4 a6 N: M% B. ?: X6 ]8 I$ c
    inet6 240e:3b0:2c11:6451:*:*:*:*/64 scope global dynamic//公网,后几位隐
. @9 M2 \6 V/ U5 P. [7 X+ T; \+ u- A3 ]7 t4 E9 `) m
       valid_lft 2591961sec preferred_lft 604761sec2 R, H( K- N4 [2 f0 ~
1 Z2 p8 N% c/ _" k( [
    inet6 fe80::*:*:*:*/10 scope link//后几位隐  y+ c+ Z5 m4 Y' ]7 T) N' l% K' ~# w
7 \  w" \/ a# K
       valid_lft forever preferred_lft forever
  _3 W2 T5 r/ r' N& i6 E- ?9 g0 l  }0 @3 L; Z5 C" \
35: ppp1: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3* I' y; f3 S0 v8 S0 h$ V
2 l! `* g2 N) ~
    link/ppp1 \: i& R( A# C& s4 V
% T4 p" b4 q) K0 P; P
36: ppp2: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 30 q/ j' E& r5 t0 P  f7 N: T
" l& c3 @9 f% S# @, [: Q% w
    link/ppp
7 D* x2 z/ ^0 _, G+ f
4 `3 B3 ~7 A8 h37: ppp3: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3, ]& d4 v- [4 L( |, X; c; ?
; ~% R& h' s$ w# n- \& z
    link/ppp
: `8 R! h; @% |; O- s- H
) p% d) k+ e! k' o2 J, m6 B8 v' ]2 @  D38: ppp4: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3# M0 I8 G- r) B2 f: d0 o
5 n% O8 f$ I! p6 ^6 B
    link/ppp2 F( F! \' g% Z. x1 Q
: e/ b4 z: e* b
39: ppp5: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
8 P& A7 n6 O5 o6 P
5 P; k  B8 `5 a; y! l% L0 N+ g    link/ppp
, _: @/ h3 _4 d4 H1 ^  T, E% Y1 [% v! _- o# W; z, Q) P$ {
40: ppp6: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3. Z# X9 x# ]; ~" Q- K: x

* n6 O1 j/ Q8 ?9 c. A2 P9 T    link/ppp# q) P* x- d: D4 I! w0 B, ]" V
' H# n5 O/ E. r* n: Y, ?
41: ppp7: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3. |/ p* Q: G* f/ b$ `, X
) Z9 v% K+ w. P6 Q) o, z$ r# p
    link/ppp* Z: k" Y4 X' B; j* h8 {+ ?
# j" ^1 X4 V; n7 g% I1 ]
42: ppp8: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
: O) P" m  {  ^% e
& Q8 B# R" ?! A. K3 t: s! _    link/ppp& J/ `7 b8 D6 ?4 N6 G) n
, P' w' S. b! R+ @2 w/ |! r
43: ppp9: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 39 z! q- t! R. U; x3 S) C
, R8 B* `% q) p
    link/ppp0 C( B* q* K6 M6 T" C
! z* u2 f& q4 C% c2 u, o. P1 A  g
44: ppp10: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 39 A9 C/ L  f& k6 Q& f( F

, }" |- i8 b  `. J    link/ppp* [/ L$ [, i6 e) A
! f- c# l5 r. Y6 ^" z
45: ppp11: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
, T) o+ _2 P" N* D# @7 r$ G
( Q' }" Z& f" B  \$ [6 v3 U    link/ppp/ d9 f& O4 ~8 e; u: k; Y
4 L- {1 Y* m3 x7 x% P
46: ppp12: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
3 H. U7 S8 Z: i) p, G9 s. G* L6 J
) B; C5 M+ Z: V7 l; ], N    link/ppp
! z. J/ K' [1 U: ]; _$ f9 u8 A! Z8 S* K& V5 X4 }( V& Z% m
47: nas0_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc prio state UP qlen 10
: t5 `* {! J& u" w2 d1 I8 `, ^3 h/ ]+ M) P1 g
    link/ether 74:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
/ p1 G/ j" g% c5 O  E; r- [$ t- H6 U2 J
    inet 11.54.8.28/21 brd 11.54.15.255 scope global nas0_0  N( M% r+ v8 c1 g+ F" L2 f" m
. p7 i' O- c! b4 y* @1 F2 }* F
       valid_lft forever preferred_lft forever
" g1 m6 r/ z( n9 s$ ~7 B# _$ Y4 X6 G5 n: e, b
48: nas0_1: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10( Z" R" `0 U$ ]% R, j' @; W, i( ^
. O. l8 a1 J$ Y/ O/ x
    link/ether 74:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff! d( W' N- f( P( ]
+ n. Q, Q2 x$ V; }
49: nas0_2: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 10
2 q) M' y7 }( k( m( W1 N: [. I5 K. D: A& y  E( C
    link/ether 74:b7:b3:43:14:e8 brd ff:ff:ff:ff:ff:ff
- }+ {! `$ |. k  `! C' o
; n+ u. {/ T  P1 T50: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
" a0 A) v* s- n
) c3 H8 ~; G8 A6 Q/ H7 m' Q    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff0 ]* e# K5 d2 p# {" U

$ @- f4 ^$ W9 b    inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0
& x+ }+ X2 L- ?
: M1 |3 g3 y' N. q0 t) Q       valid_lft forever preferred_lft forever3 y  V& G" f& i5 L9 [0 y
2 D2 ]; [; y  ?2 y6 V
52: vethUOWDKC: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP qlen 1000
/ h+ `1 ^$ d! Y2 R+ a/ J! n7 j! P# j0 H' Q0 y* i
    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff; C7 M# r- w+ N9 r: v# j) W  t

' l: I, Z) @6 Z( N. Y  G
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:33:46 | 显示全部楼层
理论是研究完了,  V1 P" K9 f' \" H; X6 W3 ~
理论解决办法:就是要把公网接口ppp0和内网接口br0,桥接起来3 E3 G% O& J' [& l
那如果做IPV6路由也行,但IPV6是动态的,牵涉太多,所以还是桥接方案简单,因为2个接口是固定不变的
7 B) P* Y/ Y$ p- l7 I9 h4 e6 u再要研究一下桥接表。
回复

举报

13671758585
发表于 2023-8-19 00:19:14 | 显示全部楼层
IP6已经出来了吗
回复

举报

llluuuooozzz
发表于 2024-3-4 22:22:18 | 显示全部楼层
佩服楼主,我的PT928G也管不了ipv6防火墙,进Telnet查看ip6tables-save,发现有一条-A FORWARD -i ppp1 -j DROP,于是执行3 n+ w( I% s0 S+ K2 X. w4 }  {
ip6tables -D FWD_FIREWALL -i ppp1 -j DROP" M- w! h8 U- D7 M
终于正常了
回复

举报

12
返回列表 发新帖
*滑块验证:
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|小黑屋|宽带技术网 |网站地图 粤公网安备44152102000001号

GMT+8, 2025-6-19 10:29 , Processed in 0.030839 second(s), 3 queries , Redis On.

Powered by Discuz! X3.5 Licensed

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表