设为首页收藏本站
开启辅助访问 切换到窄版

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
宽带技术网»首页 ::::: 技 术 交 流 区 ::::: 『 光猫FTTx技术交流区 』 深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT ...
12
返回列表 发新帖
楼主: gwaiter

深圳电信IPV6外网无法访问电脑任何端口,友华光猫型号PT925G

[复制链接]
gwaiter
 楼主| 发表于 2021-6-29 19:52:49 | 显示全部楼层
开日志发现关键,run out先不管7 H8 @" I% _0 ?- m: f% ?8 n% K: z
那每当我从外网测试内网IPV6的时候就会出现下面的Warning
  s1 {4 I! x7 o0 O高手指导一下怎么解决,应该解决这个,网络就通了syslog: Ignoring non-LinkLocal MLD from :: received on br0/33
& F. t+ o3 b5 e2021-06-29 19:50:09        Warning        kernel: run out of client entry!
  b" j# F; U4 i& |' V  y( {# v0 [2021-06-29 19:50:09        Warning        kernel: run out of client entry!  H/ W  s5 e2 u+ b. \7 d' N9 P4 Y
2021-06-29 19:50:09        Warning        kernel: run out of client entry!
' o6 J3 ?) z" g/ w: }' l2021-06-29 19:50:09        Warning        kernel: run out of group entry!
/ |' _* T  |3 e# y7 t2021-06-29 19:50:09        Warning        kernel: run out of group entry!  m; S3 Y1 A& j; l7 _
2021-06-29 19:50:09        Warning        syslog: Ignoring non-LinkLocal MLD from :: received on br0/33. H  O6 X* O4 p' @! ?% z
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
, ~8 |* d+ `. y2021-06-29 19:50:09        Warning        kernel: run out of group entry!
. ]8 f) t) y- O  E9 b1 k- I1 p; D2 [2021-06-29 19:50:09        Warning        kernel: run out of group entry!' B. y& W+ w* O5 z* C
2021-06-29 19:50:09        Warning        kernel: run out of group entry!# b5 ?, y: Z1 j: f
2021-06-29 19:50:09        Warning        kernel: run out of group entry!
9 P& Z7 p* ^) |2021-06-29 19:50:09        Warning        kernel: run out of group entry!/ _! ~- z3 f) ]+ D
2021-06-29 19:50:09        Warning        kernel: run out of group entry!  w8 {6 a5 i9 D9 q' q
2021-06-29 19:50:09        Warning        kernel: run out of group entry!8 |& D4 }1 d3 r- X- _
2021-06-29 19:50:09        Warning        kernel: run out of group entry!# r. c( I7 s5 W7 _* Z6 W- q7 O
2021-06-29 19:50:09        Warning        kernel: run out of group entry!1 D6 P- D. ?1 ?4 R1 l& Z- \5 M
2021-06-29 19:50:09        Warning        kernel: run out of group entry!9 d4 |1 g" V3 W0 R
2021-06-29 19:50:09        Warning        kernel: run out of client entry!
. `( P5 K* t* F. x' }7 _( _  w2021-06-29 19:50:10        Warning        kernel: run out of group entry!
& k5 C; a" C/ A2021-06-29 19:50:10        Warning        kernel: run out of group entry!1 ?' t5 [3 @+ h4 k1 C. m
2021-06-29 19:50:10        Warning        kernel: run out of client entry!- P( n7 C. L: M8 v+ A
2021-06-29 19:50:10        Warning        kernel: run out of client entry!
4 V2 Z  ]' K* p( l2021-06-29 19:50:10        Warning        kernel: run out of client entry!" f8 V$ j# N* R% c* K; F% _
2021-06-29 19:50:10        Warning        kernel: run out of group entry!' \/ x7 s3 H1 m' i% T8 Z
2021-06-29 19:50:10        Warning        kernel: run out of client entry!
6 H# q3 b& e2 U- z- {8 E( c: B2021-06-29 19:50:10        Warning        kernel: run out of client entry!' {8 `( S. z0 Q) |* p! X
2021-06-29 19:50:10        Warning        kernel: run out of group entry!
- Z# o, |4 v1 h) T% v2021-06-29 19:50:11        Warning        kernel: run out of client entry!4 p/ E! b; {- E: R9 A
2021-06-29 19:50:11        Warning        kernel: run out of client entry!% @3 r, R- S5 Y' u( c
2021-06-29 19:50:11        Warning        kernel: run out of client entry!" ^, v, z7 G5 E" d- Y
2021-06-29 19:50:11        Warning        kernel: run out of client entry!6 w" ]$ A# c6 [$ X
2021-06-29 19:50:11        Warning        kernel: run out of group entry!
* i$ t. u1 J0 g9 |, K) s2021-06-29 19:50:11        Warning        kernel: run out of group entry!7 H- K6 U5 |9 e1 ?/ l9 v: |
* i$ N9 W; _/ P( a! D/ {
回复

举报

gwaiter
 楼主| 发表于 2021-6-29 21:26:38 | 显示全部楼层
给各位认真研究问题的一个小福利,上面的问题虽然暂时没解决,但是我发现一个明显提升IPV6稳定性的设置方法,任何光猫xml文件里调整这几个值,如下:
: x+ p" l/ }  n4 n2 d% k+ Y& r. R4 S3 K
基本上IPV6就稳定不掉了,设备更新、获取IPV6地址速度也超快,具体这几个值什么作用呢?自行搜索一下,就不解释了。- Y; @. z" i4 ]+ c8 Q( L
电信默认的值太大,导致IPV6经常性的不稳定。( i3 N- k0 c7 H; K3 j1 \5 T

, J' K: e% H+ e+ V& F6 Q3 ~5 e  <Value Name="DHCPV6S_REBIND_TIME" Value="120"/>
# ^0 A. t# n- t  <Value Name="DHCPV6S_RENEW_TIME" Value="60"/>
9 l" j: d  _# z  `- \4 M9 d: s+ Y% S+ O6 x' O4 {
<Value Name="V6_ADVDEFAULTLIFETIME" Value="60"/>
; D; _- N( C0 J! W% {4 Y' N, [. q: z$ n3 F  m% }0 a
  <Value Name="V6_MINRTRADVINTERVAL" Value="30"/>& O8 M# b2 g0 H& L. u7 Z( I8 s
<Value Name="V6_MAXRTRADVINTERVAL" Value="40"/>
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:12:33 | 显示全部楼层
折腾半天,又找到一张桥接路由表了,看样子防火墙还真不止一个,但是这个表接口太多,不敢乱动,头大试了都加上ACCEPT不行,-t brouter 里全加DROP或ACCEPT也不行,还要继续研究
( B0 f, J: z1 r/ g& u: e1 p/ p: n) q
; @# H3 O+ `+ n0 f8 {7 R#ebtables -L
+ G# R6 R, [$ }; ^Bridge table: filter, K# z& U. m1 t1 y2 a8 D9 n! u
- s; i) R6 R" ]7 `
Bridge chain: INPUT, entries: 5, policy: ACCEPT3 t" c8 s) c- a0 B; v
-j BRWANs_BIND_LANs3 B# j' o, [* L  n
-j br_wan
' _7 T, T( g2 {1 E1 L: e. ~3 \-p IPv4 --ip-proto udp --ip-sport 68 --ip-dport 67 -j dhcps_disable
' L; }1 \( U1 G1 z, x( U-j portmapping_igmp  Q; @, Y# l  V7 y# @9 E  l+ H
-i wlan+ -j WLACL_INPUT
0 ?# R0 g$ _" s& f. L/ B: s) ~9 j5 o1 w4 r) Y; L( X
Bridge chain: FORWARD, entries: 10, policy: DROP
% O0 H2 G) c- x* t1 e-o veth+ -j ACCEPT
. R  |6 Q. ]" a: r) \3 R/ h+ n-i veth+ -j ACCEPT
4 N4 t6 G7 d  `& c& x: a-j disBCMC: Z+ t- s# [7 E4 x$ Y' n% h
-j wlan_block8 O* n- a- I$ n4 V7 b6 r. J7 v1 V6 ^3 S
-j br_pppoe
4 ^3 @7 m' n. ~& ^# P/ a5 Z-j macfilter_r: h; M3 q6 P9 N& V3 F
-j internet_accessright_b3 j% {" Q4 K8 D
-i wlan+ -j WLACL_FORWARD4 j  S9 N$ T6 r. y/ k5 K# ]& R6 S6 w
-j vlanmapping! d/ i4 K) Y# |. f
-j portmapping
* ~5 ?- s/ W* b! f4 S; f# U* G: O8 p3 e' Y, @/ i
Bridge chain: OUTPUT, entries: 2, policy: ACCEPT$ t% H3 `) A  |2 E
-j BRWANs_BIND_LANs
& g( H. S5 X: U$ Y" a6 E-j br_wan_out. g7 h& `% K) z0 `7 d2 }

8 h0 {$ U% d) l  a0 CBridge chain: BRWANs_BIND_LANs, entries: 2, policy: RETURN2 H: X, F4 r2 T- P2 U& U+ A; w& l
-p IPv6 -o eth0.3 -j DROP6 Q" E5 k6 j" b5 u5 s1 Z
-p IPv6 -i eth0.3 -j DROP6 x6 a0 n6 t$ W

% Z% U# S! }4 T& nBridge chain: br_wan, entries: 1, policy: RETURN
+ V# Z0 D) D% A& G2 ]+ a-i nas0_2 -j DROP# w/ U3 d7 c+ ~' {" a4 {
3 D' o; ]4 Q* @7 ?8 |* x/ v
Bridge chain: br_wan_out, entries: 1, policy: RETURN
4 }; z* r& _, H- \0 b- g2 I( f-o nas0_2 -j DROP
+ A" `, k1 k$ q6 o; Q# l8 y( Q4 }; L% B5 F; c- s" W
Bridge chain: wlan_block, entries: 0, policy: RETURN+ r8 m, l6 o# L3 k; a# a
$ i5 y8 }, y# b
Bridge chain: br_pppoe, entries: 6, policy: RETURN
8 L+ k/ F, j3 a% C-p 802_1Q -i nas0_2 --vlan-encap PPP_DISC -j RETURN9 N7 |8 p5 S, a7 U9 U% L3 l' t
-p 802_1Q -i nas0_2 --vlan-encap PPP_SES -j RETURN- ?5 h" i# S; }7 F# s0 {
-p PPP_DISC -o nas0_2 -j RETURN
; u8 o# }+ R/ k% q( m. O0 o-p PPP_SES -o nas0_2 -j RETURN' q# }# {& c( ?5 u
-i nas0_2 -j DROP9 u! `  q! \, a) @5 G8 C
-o nas0_2 -j DROP
1 u% ^% }* q8 ^6 a" P
; g1 e& A' W6 pBridge chain: macfilter_b, entries: 0, policy: ACCEPT
& _  _+ @; M; T& c) e" V# R
3 k0 M3 [+ X& y; [/ jBridge chain: macfilter_r, entries: 0, policy: RETURN0 N: S, L6 u. m( z: E
/ Q( I+ s; K" T0 g' x5 D
Bridge chain: internet_accessright_b, entries: 0, policy: ACCEPT
1 f6 U, `5 e! Q0 T; J7 D& B# s6 c! ?, \. }6 U( N8 W
Bridge chain: disBCMC, entries: 3, policy: RETURN
7 j% ]% t8 a9 ?-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type 130/0:255 -j RETURN' B9 j! ~6 F+ R6 m1 J
-d Broadcast -j DROP8 y: s; `# ]1 k  H& F) W
-d Multicast -j DROP  i+ O- E  f% S, }6 b

9 s* \6 h* I( D- }+ yBridge chain: dhcps_disable, entries: 1, policy: RETURN
, x& Y3 J7 _! F& Y  X2 ?1 z/ X* n-i eth0.3 -j DROP
. i; V2 G7 y3 [8 @: G, K7 Y
$ @! e2 Z& K! G1 B& IBridge chain: portmapping_igmp, entries: 1, policy: RETURN/ f" G! k: o- n( Z' Z9 m- |' p: [
-p IPv4 -i eth0.3 --ip-proto igmp -j DROP3 J) b, a8 k" U: o: g
/ M' {$ |6 M& V/ s2 D" l2 t
Bridge chain: WLACL_INPUT, entries: 0, policy: RETURN1 r+ t" `, B. {" F* `9 l

3 [. O7 X( g$ z6 ~- OBridge chain: WLACL_FORWARD, entries: 0, policy: RETURN
6 y0 D) [4 b6 O# K* o- Z3 E
7 h, D) \* B8 PBridge chain: vlanmapping, entries: 21, policy: DROP3 K; b, G: {. `8 o) |, s
-i nas0_2 -j RETURN, A) r" U7 S8 z+ w5 L
-i wlan1-vap6 -j RETURN% R* {! H: ?+ p9 X( G! Q8 H
-i wlan1-vap5 -j RETURN0 b' f$ l# G( Y+ S# s) ?( n
-i wlan1-vap4 -j RETURN2 r+ r. ?, w  p+ @+ U/ r8 h
-i wlan1-vap3 -j RETURN; o! x' Y, J" i  J4 x0 C- L7 L
-i wlan1-vap2 -j RETURN
+ L: z. F2 y1 i( K-i wlan1-vap1 -j RETURN
- C; R! c# g* F( S, D: A$ U  t-i wlan1-vap0 -j RETURN+ L, g/ s4 O& d+ L: U; ~+ E* H
-i wlan1 -j RETURN3 s, \; |$ ?- _% A1 H
-i wlan0-vap6 -j RETURN  q  V" y7 H7 ]
-i wlan0-vap5 -j RETURN
0 @8 G- X2 o- A-i wlan0-vap4 -j RETURN
; z! k% y- c4 R" F-i wlan0-vap3 -j RETURN9 A, u/ l$ s4 @) |3 c8 r6 q0 w+ b
-i wlan0-vap2 -j RETURN
; T9 C* B7 ~4 c5 J$ s5 Z& @, y, O8 U-i wlan0-vap1 -j RETURN
1 W' E+ ?# f  y1 x0 `3 }) Z-i wlan0-vap0 -j RETURN
( }8 N* o" |/ k. _1 _2 G1 Y, K-i wlan0 -j RETURN  c, }3 k: k0 U7 U7 H5 z# y
-i eth0.5 -j RETURN
7 Q& d. w' q0 x7 Q8 W- S/ j% T-i eth0.4 -j RETURN
9 y: e* v, R7 b' I& l. q2 \8 [! R-i eth0.3 -j RETURN
( ?3 {1 T& D; o  ?9 U# C-i eth0.2 -j RETURN
7 p0 g! O# R5 B5 @" X6 O+ T- Y& m  {$ S
Bridge chain: portmapping, entries: 8, policy: ACCEPT/ i% b4 F1 n# K2 [& v7 z+ q
-i nas0_2 -o eth0.3 -j RETURN
! O6 ~* n, @' u4 s( c-i eth0.3 -o nas0_2 -j RETURN% p4 x6 x. t& R6 f9 W
-i eth+ -o eth+ -j RETURN. L7 c* c, v0 O
-i eth+ -o wlan+ -j RETURN
) r. u3 C- C* G7 N-i wlan+ -o eth+ -j RETURN8 }! v! A0 Y3 r6 C# B2 U
-i wlan+ -o wlan+ -j RETURN
. `) \1 G' T! ?5 t. E( D4 V-i eth0+ -j DROP
0 ]' |3 E; Q9 a" A; k8 w% z-i wlan+ -j DROP8 ~: m- j% s* n' c  P$ a* P- \7 P
1 ~3 @: r# v# S( T. w
# P+ m. S+ C: U- c, d1 o4 Z  K) l6 T

+ W8 c: L( V! c: S1 K" t#ebtables -t broute -L0 W7 w! A3 n/ I4 m
Bridge table: broute
$ \7 J$ W3 s' x# F, @4 O* `- }( \
& g- s3 x7 N' }* E: tBridge chain: BROUTING, entries: 4, policy: ACCEPT, Y6 |  D" X- U3 @3 }
-j broute_vlanmapping
. o$ e0 [5 G, e, h-j vlanbinding
% Z- w$ J- r6 r" T$ ^, @0 l6 U# ?-j br_pppoe$ l% U! |2 d+ C4 `# B, Z- A& M: Y( s
-j qos_eb_rules
( O* _/ L) C# Y
, [- L$ [+ p* C+ xBridge chain: br_pppoe, entries: 1, policy: RETURN
) }7 n3 b/ H7 }-d 74:b7:b3:43:14:e8 -i nas0_2 -j DROP3 H, [! V9 {2 I( v8 U( c
! l6 l$ R3 w- Y, F. [
Bridge chain: broute_vlanmapping, entries: 0, policy: RETURN
4 w, h8 r! Q& o. Q) m, ?+ D8 y2 N
6 j- F# M3 O, @) u4 B/ J  oBridge chain: vlanbinding, entries: 0, policy: RETURN& r4 x/ c% C6 L  {4 F$ f
$ H1 W( N- h% L, l
Bridge chain: broute_chain_eth0.2, entries: 0, policy: RETURN5 m6 E) w4 S2 Z3 Z( Q' b* ], k! F

; A( g, T+ i5 iBridge chain: broute_chain_eth0.3, entries: 0, policy: RETURN) p; p% U! ^& w6 p; o; l* x
- h* v, j3 K0 ~$ N
Bridge chain: broute_chain_eth0.4, entries: 0, policy: RETURN. L6 A3 X/ ^# r( F; s( R

/ x' u- p0 B4 L+ eBridge chain: broute_chain_eth0.5, entries: 0, policy: RETURN
- G, c0 F* F0 h. ]( r, C! ~1 O( r% n: a5 B
Bridge chain: broute_chain_wlan0, entries: 0, policy: RETURN0 P, F+ d- {" J% x3 c* f
5 i; L  {6 I! E. `, u1 p* u; [# b
Bridge chain: broute_chain_wlan0-vap0, entries: 0, policy: RETURN
& h8 L, h7 U+ G  ?& b3 L
; c" e+ d! X9 KBridge chain: broute_chain_wlan0-vap1, entries: 0, policy: RETURN
, N8 Z  [9 h/ Z
: y. w9 X5 |) E2 @Bridge chain: broute_chain_wlan0-vap2, entries: 0, policy: RETURN/ H# t5 P$ t0 ^% x$ w! M/ K

" e" n2 s# v& L! T4 F2 D' `Bridge chain: broute_chain_wlan0-vap3, entries: 0, policy: RETURN2 U( v' E7 \( W8 c- y
# d8 t8 ?/ b" L$ q
Bridge chain: broute_chain_wlan0-vap4, entries: 0, policy: RETURN: \5 b. {; F1 y5 r

7 N$ k/ |' x' O) G- t) p* W, eBridge chain: broute_chain_wlan0-vap5, entries: 0, policy: RETURN3 d& b/ V- @$ U0 B$ u' X

0 [9 J* K1 v9 w; M0 |6 WBridge chain: broute_chain_wlan0-vap6, entries: 0, policy: RETURN
# g( r; x- x, v' N. [7 n! N: @  b- Z* N' p: X! r$ l
Bridge chain: qos_eb_rules, entries: 8, policy: RETURN5 g7 G# w3 \: n' y' [6 B
-p IPv4 -i eth0.3 --ip-dst 255.255.255.255 -j mark --mark-or 0x100 --mark-target CONTINUE
0 g' N0 J; u  P- T' J3 ~4 V( X-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 5060 -j mark --mark-or 0x200 --mark-target CONTINUE
$ F( ]5 K. Z) _-p IPv4 --ip-dst 255.255.255.255 --ip-proto udp --ip-sport 9000:9010 -j mark --mark-or 0x300 --mark-target CONTINUE: }" r$ [' a3 c9 d3 x: H; q$ m
-p IPv4 --ip-dst 192.168.111.34 -j mark --mark-or 0x400 --mark-target CONTINUE
/ R# {; M2 ]* k1 `2 q-p IPv4 --ip-dst 255.255.255.255 -j mark --mark-or 0x500 --mark-target CONTINUE; n* @4 S% B0 P+ l
-p IPv4 -j mark --mark-or 0x600 --mark-target CONTINUE
5 b; |0 k( S& t-p IPv4 -j mark --mark-or 0x700 --mark-target CONTINUE
+ \) ^+ M$ H% w' Z-p IPv4 -j mark --mark-or 0x800 --mark-target CONTINUE
2 P2 S% ~% }5 E) H0 T
/ r0 T1 C4 V) b- Z7 Q! k4 y1 B( J% x$ G' U
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:24:19 | 显示全部楼层
说到桥接表,那必须要有接口信息才好研究,接口信息如下:1 K! t% r  @1 q. i2 Z) q1 z
* s5 j+ ?/ W1 Z* n$ Z
#ip addr show  D3 U. K) j4 F" A, m0 c
# B9 r$ h4 }$ A! B7 \/ J' e9 S2 c
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
  L: ]& I" u- B
& y6 L8 P% j4 Q! ]( B4 D& o    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
; [( `! l' L  V
) r: [8 `3 I3 {. n, D4 R    inet 127.0.0.1/8 scope host lo
$ |  l; s  {. r7 j0 z" p0 V
7 h. a/ D4 k# w& ]- i, R. s* \- h4 A       valid_lft forever preferred_lft forever* n' d6 t! k/ A

7 s0 ~- w' Y, F& y+ u$ J" @2: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 328 [# W9 v% ^8 Y0 H3 X' k6 z

2 U2 C9 j( m& I$ e, F  A. w6 a    link/ether b6:be:c8:6b:52:f9 brd ff:ff:ff:ff:ff:ff
# |% }; C9 s8 v! K' Y, Y
1 F4 Q4 c# E: z& S) d! J8 O3: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
( B9 @) ~5 T$ {5 L$ w4 q! H% S! f7 h7 E" K
    link/ether 9a:90:b4:6a:81:77 brd ff:ff:ff:ff:ff:ff
* F0 Y( x0 L$ U2 W6 b5 g, q- Y
! G6 f+ }% B5 e0 P. n: f4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN qlen 1000
3 W/ k, N! y2 t" a! F
, @5 a% E0 w& a3 ]0 B    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff  F+ Z1 A$ _# @6 h

4 D  Q7 I! F# D* }" g6 Z$ D5: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
$ e8 r: n% `/ U2 Z
7 {  m. G6 L3 m4 S/ E) U9 E    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
( a2 L2 ~* |% T6 P& K( C0 B1 e6 r8 l+ P+ A9 f9 r3 A
6: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
. v. T) p% b6 |( y" g0 Q
# [( D! ^+ W' v' \    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff& N9 O: }8 T  n+ ?) i' {. `# \
7 F" I4 I' Q: D
7: eth0.2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000
; s1 q; M) z# K/ o
* _, D4 P) J& W. C( E    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
/ R! x" J9 U8 e
4 _) X7 m: {! h7 F% S; C8: eth0.3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000" D' {( a1 q7 A8 I: K  R5 d
1 z- J7 n5 K1 n2 R* T
    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff9 d0 T3 L0 e' |" L. v
9 Y2 d, h2 a  Q# ]7 S. ]
9: eth0.4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000: V) j$ r1 H- ^, [1 e  K

; J5 K" N/ o3 {0 U    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
( \0 g  y% f7 K, ~  [/ Z& A3 W$ Y
; Y) {2 B6 j( B% }10: eth0.5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
/ d  [# h, j: K& m$ G& H$ k$ v% P. X
* E/ z& }  v0 v* h( \3 b" W# P, O    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
$ [' n6 a9 G( ^% u- Q& q& C9 D6 v, [$ C- [  {
11: eth0.6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10002 d7 V  B+ N! i9 |1 ?6 U. J7 D
4 `: P: {1 Y) Z/ m
    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff( c, y: L: d, ~. d6 K5 r+ I0 D
  _2 F& Y- j8 Z3 b' t
12: nas0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
* O: a4 `8 I4 E+ e" y# Q9 L: O  f+ F( a5 z3 R) c
    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff3 L6 [# B, u/ \9 |& k& x

+ y6 n& J& c% y3 L, s6 ?' }13: pon0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
, d7 A" u/ H' g! I: e
" S$ S9 `1 B2 S* D- C    link/ether 00:00:00:01:00:02 brd ff:ff:ff:ff:ff:ff
1 p" |6 ]5 x, [) b0 M4 a% S
+ H# a" {7 \! u14: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000( j' G0 x5 H2 X' I9 b

9 J* K7 |( J9 r, t( h    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff8 r% w( y) m5 z0 [1 ]& _! [
/ H3 {9 V- e& E! K
15: wlan0-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10005 L/ @% {3 }& w' ~: E9 T. c1 ~
& p% f, ?/ P( d5 _  n; y2 K
    link/ether 82:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff
, U2 c' g6 j9 L5 k1 T: l2 ^! F, Q- Y5 B9 e
16: wlan0-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000  \! J7 a8 k( X

3 y4 r3 m4 p1 c6 Z    link/ether 82:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
5 {5 c; M5 o! ?; i  b8 H! {" N' T- V+ s. C( u# j$ @9 h% q0 h
17: wlan0-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
2 E# q! a- i9 F; b" x2 C- k, D' f1 E1 P5 H6 y& R
    link/ether 82:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff
. i( C. i7 A% s- r0 z7 h& V
/ p( J$ G+ a5 {18: wlan0-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000. n: k8 \6 J' B/ k
  k- ]( Z- b& L& k$ [9 W! ?+ J) }
    link/ether 82:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff$ s9 E/ o: D( L6 A' ?" b* c
3 O0 |# r* ], n( q
19: wlan0-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 10001 x  S) d; I) v& z

" M/ V! a0 R/ p9 ~( S8 C$ G    link/ether 82:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff' k. j6 c& n4 d; l4 z3 e
3 T- N1 x$ u8 Q+ Q0 j/ h9 t
20: wlan0-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
3 d  ]" Q0 M6 W5 ^) Y6 U% U9 g! s
  t) t! _( V6 l    link/ether 82:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff$ J0 N9 J2 r' ]) E# t2 w

, n# J# z& w/ N; x1 B21: wlan0-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
1 P# n4 \( P& s9 j; X
4 B* W: k9 j, d1 B* {0 Y; k: a    link/ether 82:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff
: s7 L7 `; |; C
3 r; |7 s) G7 j1 {22: wlan1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
0 f) G2 ]9 l0 B' |5 S2 L1 D' F4 V' ~# t' C2 c4 F
    link/ether 74:b7:b3:43:14:e5 brd ff:ff:ff:ff:ff:ff' L& Z; o3 `4 H9 S

  N5 m, k. W5 T3 [23: wlan1-vap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
2 C4 J# x) Y7 R+ v* {( l" K& K
5 N3 i0 E8 ?& H/ Y. J. ]+ w    link/ether 8a:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
, m: J* c7 B! A0 H" o: z0 W* ?  E+ M6 j* _, j9 |
24: wlan1-vap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
7 U5 o7 ]/ H0 R& K9 N. A3 K& ^3 U- ~
    link/ether 8a:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff# k3 F% W' m8 f9 {' c* y
/ J* t0 r0 n) ~& \9 D
25: wlan1-vap2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000- E" U+ E3 B8 l) ~+ w  B5 ?
5 l6 C- c2 ]# S; V7 z
    link/ether 8a:b7:b3:43:14:e0 brd ff:ff:ff:ff:ff:ff
0 ]; f6 S# s. l2 t3 I
: T3 |& e0 i9 X& p& [% |" {* T3 Y26: wlan1-vap3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
4 ^2 T8 K/ v" Z2 L! b8 @. E
- q% H* O6 B+ u8 u7 [5 P    link/ether 8a:b7:b3:43:14:e1 brd ff:ff:ff:ff:ff:ff
6 y( p( t3 V- l1 ]
- A$ M  R& S. q6 l& I5 F27: wlan1-vap4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000% M% f: n  [* c# \4 ^, y

& [2 s9 \/ w+ Z" q    link/ether 8a:b7:b3:43:14:e2 brd ff:ff:ff:ff:ff:ff$ g3 Y' _4 I# `/ ^) g) ~0 n5 N4 a
7 }* z, A) ]2 \( M4 v3 m( Y3 o
28: wlan1-vap5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
1 O: f3 s- W. A' z& d3 F- ]" P
+ ^9 \6 @5 ?8 c; Q    link/ether 8a:b7:b3:43:14:e3 brd ff:ff:ff:ff:ff:ff+ \- f1 Z/ ~. y0 u

7 G/ t4 ]- e9 y$ q1 x9 Q/ g29: wlan1-vap6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000. q5 j8 J8 F2 P, {. W3 k
* S) @, z  W. x
    link/ether 8a:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff
1 o' u4 r' U5 z- }9 F, @6 x. L
$ X& z: k) [/ A9 d1 f30: pwlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
: k4 t1 e$ Z0 S7 I6 }( |  R5 v& K0 g9 k
    link/ether 00:e0:4c:81:96:96 brd ff:ff:ff:ff:ff:ff
8 S$ d3 ~+ A' [/ s/ _2 V) u0 m4 \+ _+ C; P4 K
31: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN- g: f  e4 o% ?" N/ r, o' d/ f
6 W2 N6 n  G2 q1 T
    link/sit 0.0.0.0 brd 0.0.0.0
  D/ Z( V3 U4 [. m7 p3 Z% q
" y! x6 I1 Y' Q+ v1 ]32: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN
- ~0 G1 x/ j* j. M0 j
7 B& N7 P8 z; H$ E+ _( w' O    link/tunnel6 :: brd ::7 e& B; x+ i7 q/ o& A

8 q3 W  ^* }9 B* f! l# p33: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
9 c3 H/ J* c( N5 i  v, E: y
0 V8 z8 X6 n( H* J    link/ether 74:b7:b3:43:14:e4 brd ff:ff:ff:ff:ff:ff1 ]% K/ h! y5 c. \) [

5 L$ d, S7 Q; l    inet 192.168.1.3/16 brd 192.168.255.255 scope global br09 ^+ X% d7 Y# ^4 }
4 M$ `/ l% u$ Z4 j( Y
       valid_lft forever preferred_lft forever
* c" J5 u  D/ r8 f1 i
  P2 I! Q/ I# w) R    inet6 240e:3b2:2c12:6b40:76b7:b3ff:fe43:14e4/64 scope global
$ _2 S6 A8 s- ~% J7 C0 H3 ?1 K5 s6 Y
7 ^& I2 q1 }6 e$ w' X       valid_lft forever preferred_lft forever
( k1 x; [, R& F
3 ~5 D& N$ c5 ~# v2 {0 }    inet6 fe80::1/64 scope link
4 {2 X; [) r, x; ?  W  a& t
! L  ?' y( O$ Y* o3 G0 J       valid_lft forever preferred_lft forever
- @* X/ G5 S/ m" ~+ h- h+ O$ w( a  e  _& ]  k$ d) N* x5 E, ?$ [
34: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc noqueue state UNKNOWN) W( J& _7 O5 y8 ~6 [) A

$ s" U* \7 @' W; ?    link/ppp- j2 l. k% ~, M+ {% o1 N" h  a

$ g2 e2 l: O8 \    inet 183.15.*.* peer 183.15.*.*/32 scope global ppp0//公网,后几位隐  ^3 e# C8 }9 |  a" B# Q/ ~& G7 |( I
; {/ c/ |+ u1 p* o4 ~+ t0 Q3 b: g9 a
       valid_lft forever preferred_lft forever
" |+ t) P6 d9 D. t5 X' t; I
  ?0 c3 ^! X1 F) {: t    inet6 240e:3b0:2c11:6451:*:*:*:*/64 scope global dynamic//公网,后几位隐
+ w: }. T* j1 M( T& i% V' G2 I% J% s6 P1 [, U& S3 f
       valid_lft 2591961sec preferred_lft 604761sec
+ a+ \4 Y7 f( k& \) Z8 h6 B" q+ ]  X; F1 B/ m
    inet6 fe80::*:*:*:*/10 scope link//后几位隐
, T: E5 O) n7 |$ ^9 A1 `& ~
, [" M2 M" y- h" l) l0 s; d" R0 Y! ~       valid_lft forever preferred_lft forever8 q+ j1 n: \# Z5 H2 m5 ^3 G7 ~
" Q' W4 x& M* I' Y5 m5 r1 b
35: ppp1: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3. V( Z; k/ N2 y
+ A( C/ g4 Z  ?+ J
    link/ppp9 N# @: M$ d) Q# }# R& Y/ m

  }4 r4 O0 y7 k4 K36: ppp2: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3' j8 f  q: e, Y& }6 D5 ?% c

5 d3 p, s0 C9 {( n! Z    link/ppp# ~. `1 `# y% m  d7 e! Z. m
  {3 d8 V/ c; d- ^- e
37: ppp3: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
, T5 P" E3 ^6 j8 Y
2 ?7 z9 r. `# V$ ~    link/ppp9 |* n6 L7 T( R/ B
" i# M; o% e1 M; C! n. ^
38: ppp4: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 35 I5 l: z# n# {+ {5 [- n
6 j3 L9 f! @0 O7 y6 C) {/ R& C8 b
    link/ppp( m' w2 m3 r4 ]6 d  h+ {, }( J$ H* w# D
: k3 q# C1 y: u+ L6 p
39: ppp5: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
( |' J7 C8 [4 k) S/ n# M# a, U1 X: e5 X
    link/ppp
5 S% v* k/ c4 }5 z# N8 z) e6 k5 Z1 v2 d) t6 C; |
40: ppp6: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3: \/ i" P$ I/ ?5 R8 I, v, u. b
8 w4 R! E4 n% O. P: ~6 y- _
    link/ppp
$ L, ~- t/ B/ V
1 a1 G" B; J+ r7 I9 ~41: ppp7: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3! T% c8 g3 }0 n

$ a6 E# c5 h7 u    link/ppp
7 }* p5 n4 u* y" w9 {1 i$ Q5 P: s' Z6 a/ |0 O' V  s
42: ppp8: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 38 N; P. `  ?! T+ u: t. ?' g; d
- U7 o/ j9 s) i" t
    link/ppp
9 {* Y& W8 M. {
6 r% ]+ t8 n0 N43: ppp9: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
/ `* t5 O6 N' a9 K3 d) e, }3 H) v5 y5 n0 F$ X
    link/ppp
( S& M3 @2 G/ J
5 y) O& [* r7 s6 N  k, v5 p44: ppp10: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
" o  v( ^) i& t9 A% l' N6 A! F* K. {6 n
    link/ppp
$ l; s" ]/ J, G" F0 y
# g# S4 q6 l) j/ @# [45: ppp11: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 3
, a% H7 t" }2 K: A5 d" m& z  ^/ b, y8 u* x" u0 _0 f
    link/ppp; X- m% O, I# B& o2 z+ h: i7 ~  ?

. B$ h8 [; o0 @2 A& [3 o3 ~46: ppp12: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32 h6 r, @0 {- j1 i% x3 @  @

, d6 S2 r, q  T& W    link/ppp1 R( a' R+ {- g2 M" V1 O

5 J& Q4 ^# O9 |- f/ v47: nas0_0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc prio state UP qlen 10+ m6 t* v1 @# {
- b$ u8 }, n0 m5 U  L7 n% y, d! U* h
    link/ether 74:b7:b3:43:14:e6 brd ff:ff:ff:ff:ff:ff
1 M: K& p+ k# [( P8 a
- j) n  k0 B( C% u. ?2 L+ z5 Z- v    inet 11.54.8.28/21 brd 11.54.15.255 scope global nas0_06 O- J* q- g" c
" `" ?  ~* d+ z6 Q4 q7 q
       valid_lft forever preferred_lft forever; F$ h) ]; h0 s$ {# [

+ n& N- o1 q, t/ b5 K6 i48: nas0_1: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10
, I/ @- Q) H0 P; R1 g$ o3 ]% G: w* f& P
    link/ether 74:b7:b3:43:14:e7 brd ff:ff:ff:ff:ff:ff  H8 m9 t# H. S+ Z' N/ q

6 }5 ]$ G: a$ F/ B: B# `% P49: nas0_2: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP qlen 10
# r2 G: }/ L! {  s
0 x; h6 J. y# j* M# ]    link/ether 74:b7:b3:43:14:e8 brd ff:ff:ff:ff:ff:ff
1 T3 [1 e9 G7 F* S& _! A4 _8 J
/ _; C7 v" b" @) h( L50: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP, w; T  @, d! y1 r/ p  {" @
* g* C" Z% ~3 w; O
    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff
. K" H5 n  A& _7 x. ~3 i4 c- s7 B+ x1 }" h$ B& V6 v8 S
    inet 10.0.3.1/24 brd 10.0.3.255 scope global lxcbr0
* }6 {" O- \+ k1 X7 }9 W' L& R( x# l( d* }. n. r
       valid_lft forever preferred_lft forever
9 k6 |2 n2 D, E; `% O" S8 a& N2 ^( c4 D" {
52: vethUOWDKC: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP qlen 1000+ C! [' C" E, S
7 [# P  g! j7 w: w" ]# X
    link/ether fe:84:ce:64:86:d8 brd ff:ff:ff:ff:ff:ff
% ~5 Y: @1 J5 |3 Z. G7 k8 O" ^3 Q# u/ J7 |0 A
回复

举报

gwaiter
 楼主| 发表于 2021-7-1 00:33:46 | 显示全部楼层
理论是研究完了,& ~! v5 H% T( W5 E+ m
理论解决办法:就是要把公网接口ppp0和内网接口br0,桥接起来& b. H" P! l# V+ B9 E
那如果做IPV6路由也行,但IPV6是动态的,牵涉太多,所以还是桥接方案简单,因为2个接口是固定不变的, T8 ?6 o: F* D" \$ x
再要研究一下桥接表。
回复

举报

13671758585
发表于 2023-8-19 00:19:14 | 显示全部楼层
IP6已经出来了吗
回复

举报

llluuuooozzz
发表于 2024-3-4 22:22:18 | 显示全部楼层
佩服楼主,我的PT928G也管不了ipv6防火墙,进Telnet查看ip6tables-save,发现有一条-A FORWARD -i ppp1 -j DROP,于是执行9 E- u( ]/ u) r+ ^
ip6tables -D FWD_FIREWALL -i ppp1 -j DROP
& \& y/ P& X: F6 r3 k2 [8 y终于正常了
回复

举报

12
返回列表 发新帖
*滑块验证:
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|小黑屋|宽带技术网 |网站地图 粤公网安备44152102000001号

GMT+8, 2025-6-18 17:40 , Processed in 0.030860 second(s), 3 queries , Redis On.

Powered by Discuz! X3.5 Licensed

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表