有一个新的 Azure Linux VM (Ubuntu 22.04 LTS x64),具有以下两个网络接口卡 (NIC):
eth0
Mac Address: 00:22:48:8f:ba:bf
Private IPV4 Address: 10.0.0.4
Public IPV4 Address: 20.25.226.73
Private IPV6 Address: abc:abc:abc:abc::6
Public IPV6 Address: 2a01:111:f100:1000::9d37:d42b
eth1
Mac Address: 00:22:48:8f:64:21
Private IPV4 Address: 10.0.0.14
Public IPV4 Address: 172.183.16.91
Private IPV6 Address: abc:abc:abc:abc::16
Public IPV6 Address: 2603:1030:603::324
两个网卡都使用 vnet 子网 10.0.0.0/24 和 abc:abc:abc:abc::/64,并且都使用允许 22/80/443/3389/ICMP 端口的防火墙入站规则。
根据在 Azure Linux 虚拟机中配置多个网络接口 (https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration? tabs=1subnet%2Cubuntu),我设置了以下 /etc/netplan/50-cloud-init.yaml 文件:
network:
ethernets:
eth0:
dhcp4: true
dhcp4-overrides: &id001
route-metric: 100
dhcp6: true
dhcp6-overrides: *id001
match:
driver: hv_netvsc
macaddress: 00:22:48:8f:ba:bf
set-name: eth0
routes:
- to: 10.0.0.0/24
via: 10.0.0.1
metric: 100
table: 200
- to: 0.0.0.0/0
via: 10.0.0.1
table: 200
routing-policy:
- from: 10.0.0.4/32
table: 200
- to: 10.0.0.4/32
table: 200
eth1:
dhcp4: true
dhcp4-overrides: &id002
route-metric: 200
dhcp6: true
dhcp6-overrides: *id002
match:
driver: hv_netvsc
macaddress: 00:22:48:8f:64:21
set-name: eth1
routes:
- to: 10.0.0.0/24
via: 10.0.0.1
metric: 200
table: 201
- to: 0.0.0.0/0
via: 10.0.0.1
table: 201
routing-policy:
- from: 10.0.0.14/32
table: 201
- to: 10.0.0.14/32
table: 201
version: 2
应用上述 yaml 文件后,两个 IPV4 地址上的所有内容都运行良好,例如互相 ping 通并将网站链接到它们。
对于公共 IPV6 地址,事情很复杂。正如什么是 Azure 虚拟网络的 IPv6 的限制部分所述 (https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/ipv6-overview):“ICMPv6 不是目前在网络安全组中受支持。”我们不能使用“ping6”命令,而是需要使用另一种方法来测试公共IPV6地址的可用性。其中一种方法是使用“telnet -6 ipv6.telnetmyip.com”命令。
Trying 2600:1f16:227:6200::100...
Connected to ipv6.telnetmyip.com.
The escape character is '^]'.
{
"comment": "## Your IP Address is 2a01:111:f100:1000::9d37:d42b (51152) ##",
"family": "ipv6",
"ip": "2a01:111:f100:1000::9d37:d42b",
"port": "51152",
"protocol": "telnet",
"version": "v1.3.0",
"website": "https://github.com/packetsar/checkmyip",
"sponsor": "Sponsored by ConvergeOne, https://www.convergeone.com/"
}
Connection closed by foreign host.
很好,系统使用 eth0 的公共 IPV6 地址运行良好。这意味着我不需要修改 YAML 文件中 eth0 的任何内容。
Trying 2600:1f16:227:6200::100...
Connected to ipv6.telnetmyip.com.
The escape character is '^]'.
{
"comment": "## Your IP Address is 2a01:111:f100:1000::9d37:d42b (55926) ##",
"family": "ipv6",
"ip": "2a01:111:f100:1000::9d37:d42b",
"port": "55926",
"protocol": "telnet",
"version": "v1.3.0",
"website": "https://github.com/packetsar/checkmyip",
"sponsor": "Sponsored by ConvergeOne, https://www.convergeone.com/"
}
Connection closed by foreign host.
哎呀!它不识别 eth1 的公共 IPV6 地址,而是使用 eth0 的公共 IPV6 地址
那么,如何编辑 YAML 文件以使 eth1 的公共 IPV6 地址可用?
(我尝试将问题抛给 ChatGPT 4 和 Claude 2,但他们的答案都不起作用。)
经过多次尝试,我想我已经找到了解决方案。以下是修改后的 YAML 文件:
network:
ethernets:
eth0:
dhcp4: true
dhcp4-overrides: &id001
route-metric: 100
dhcp6: true
dhcp6-overrides: *id001
match:
driver: hv_netvsc
macaddress: 00:22:48:8f:ba:bf #The Exact MAC Address
set-name: eth0
routes:
#IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
- to: 10.0.0.0/24
via: 10.0.0.1
metric: 100
table: 200
- to: 0.0.0.0/0
via: 10.0.0.1
table: 200
#IPV6
- to: abc:abc:abc:abc::/64 #Or "fe80::/64" as the Command "ip -6 route" Output
via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
metric: 100
table: 200
- to: ::/0
via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
table: 200
routing-policy:
#IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
- from: 10.0.0.4/32 #Exact Internal Static IPV4 Address
table: 200
- to: 10.0.0.4/32 #Exact Internal Static IPV4 Address
table: 200
#IPV6
- from: abc:abc:abc:abc::6/128 #Exact Internal Static IPV6 Address
table: 200
- to: abc:abc:abc:abc::6/128 #Exact Internal Static IPV6 Address
table: 200
eth1:
dhcp4: true
dhcp4-overrides: &id002
route-metric: 200
dhcp6: true
dhcp6-overrides: *id002
match:
driver: hv_netvsc
macaddress: 00:22:48:8f:64:21 #The Exact MAC Address
set-name: eth1
routes:
#IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
- to: 10.0.0.0/24
via: 10.0.0.1
metric: 200
table: 201
- to: 0.0.0.0/0
via: 10.0.0.1
table: 201
#IPV6
- to: abc:abc:abc:abc::/64 #Or "fe80::/64" as the Command "ip -6 route" Output
via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
metric: 200
table: 201
- to: ::/0
via: fe80::1234:5678:9abc #Use "ip -6 route" to Find the Default Gateway of IPV6
table: 201
routing-policy:
#IPV4, Refer to https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/linux-vm-multiple-virtual-network-interfaces-configuration?tabs=1subnet%2Cubuntu
- from: 10.0.0.14/32 #Exact Internal Static IPV4 Address
table: 201
- to: 10.0.0.14/32 #Exact Internal Static IPV4 Address
table: 201
#IPV6
- from: abc:abc:abc:abc::16/128 #Exact Internal Static IPV6 Address
table: 201
- to: abc:abc:abc:abc::16/128 #Exact Internal Static IPV6 Address
table: 201
version: 2
正如我之前评论的,“telnetmyip.com”将始终使用 eth0,无论是 IPV4 还是 IPV6。因此,我更改为将域名链接到 eth0 和 eth1 上的 IPV4 和 IPV6 地址,例如“eth0ipv4.example.com”、“eth0ipv6.example.com”、“eth1ipv4.example.com”和“eth1ipv6.example”。 com”。另外,我在 Windows 客户端计算机上使用 PsPing 方法 (https://learn.microsoft.com/en-us/sysinternals/downloads/psping) 来测试此 Ubuntu Server (22.04 LTS)。
现在让我们看看结果。
1.在 IPV4 上 PsPing eth0
C:\PSTools>psping -4 eth0ipv4.example.com:443
PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP connect to 20.25.226.73:443:
5 iterations (warmup 1) ping test:
Connecting to 20.25.226.73:443 (warmup): from 192.168.1.8:65313: 231.25ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65314: 206.61ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65315: 217.29ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65316: 213.11ms
Connecting to 20.25.226.73:443: from 192.168.1.8:65317: 212.49ms
TCP connect statistics for 20.25.226.73:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 206.61ms, Maximum = 217.29ms, Average = 212.37ms
2.在 IPV6 上 PsPing eth0
C:\PSTools>psping -6 eth0ipv6.example.com:443
PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP connect to 2a01:111:f100:1000::9d37:d42b:443:
5 iterations (warmup 1) ping test:
Connecting to 2a01:111:f100:1000::9d37:d42b:443 (warmup): from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65323: 289.15ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65324: 265.27ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65325: 262.48ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65326: 267.85ms
Connecting to 2a01:111:f100:1000::9d37:d42b:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65327: 268.38ms
TCP connect statistics for 2a01:111:f100:1000::9d37:d42b:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 262.48ms, Maximum = 268.38ms, Average = 266.00ms
3.在 IPV4 上 PsPing eth1
C:\PSTools>psping -4 eth1ipv4.example.com:443
PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP connect to 172.183.16.91:443:
5 iterations (warmup 1) ping test:
Connecting to 172.183.16.91:443 (warmup): from 192.168.1.8:65318: 209.25ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65319: 216.23ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65320: 214.06ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65321: 239.47ms
Connecting to 172.183.16.91:443: from 192.168.1.8:65322: 231.35ms
TCP connect statistics for 172.183.16.91:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 214.06ms, Maximum = 239.47ms, Average = 225.28ms
4.在 IPV6 上 PsPing eth1
C:\PSTools>psping -6 eth1ipv6.example.com:443
PsPing v2.12 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2023 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP connect to 2603:1030:603::324:443:
5 iterations (warmup 1) ping test:
Connecting to 2603:1030:603::324:443 (warmup): from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65328: 211.58ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65329: 206.49ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65330: 230.37ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65331: 217.74ms
Connecting to 2603:1030:603::324:443: from 2409:8a55:2a8:99f0:352a:40f8:76b4:e729:65332: 204.68ms
TCP connect statistics for 2603:1030:603::324:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 204.68ms, Maximum = 230.37ms, Average = 214.82ms
现在一切都很好!