tunint1
トンネルインターフェイスにIPアドレスが割り当てられているホストがあります。このインターフェイスを介してpingしようとすると、応答は表示されませんが、tsharkを使用してキャプチャできるICMPパケット(要求と応答)があります。問題は、pingコマンドがこれらのICMPパケットを考慮しない理由と、この問題を解決する方法です。
フラット:
desktopuser@desktop:~$ ping -I tunint1 ya.ru
PING ya.ru (87.250.250.242) from 60.60.0.1 tunint1: 56(84) bytes of data.
^C
--- ya.ru ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8219ms
tsharkでキャプチャ:
desktopuser@desktop:~$ sudo tshark -i tunint1
Running as user "root" and group "root". This could be dangerous.
Capturing on 'tunint1'
1 07:27:53,679603780 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=1/256, ttl=64
2 07:27:53,788377518 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=1/256, ttl=53 (request in 1)
3 07:27:54,730464037 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=2/512, ttl=64
4 07:27:54,832966645 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=2/512, ttl=53 (request in 3)
5 07:27:55,754464273 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=3/768, ttl=64
6 07:27:55,809589662 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=3/768, ttl=53 (request in 5)
7 07:27:56,778472734 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=4/1024, ttl=64
8 07:27:56,842580324 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=4/1024, ttl=53 (request in 7)
9 07:27:57,802464734 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=5/1280, ttl=64
10 07:27:57,875565627 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=5/1280, ttl=53 (request in 9)
11 07:27:58,827464430 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=6/1536, ttl=64
12 07:27:58,904626014 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=6/1536, ttl=53 (request in 11)
13 07:27:59,851471889 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=7/1792, ttl=64
14 07:27:59,947978524 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=7/1792, ttl=53 (request in 13)
15 07:28:00,874467413 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=8/2048, ttl=64
16 07:28:00,930381305 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=8/2048, ttl=53 (request in 15)
17 07:28:01,899461748 60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request id=0x6571, seq=9/2304, ttl=64
18 07:28:01,981439474 87.250.250.242 → 60.60.0.1 ICMP 84 Echo (ping) reply id=0x6571, seq=9/2304, ttl=53 (request in 17)
^C18 packets captured
設定されている場合:
desktopuser@desktop:~$ ifconfig
enp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.23.17.21 netmask 255.255.0.0 broadcast 10.23.255.255
inet6 fe80::94c6:8e21:7835:ce7c prefixlen 64 scopeid 0x20<link>
ether a8:a1:59:3e:9e:7a txqueuelen 1000 (Ethernet)
RX packets 36260578 bytes 39566996759 (39.5 GB)
RX errors 0 dropped 2 overruns 0 frame 0
TX packets 31232948 bytes 28182106819 (28.1 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 69867276 bytes 3197422953678 (3.1 TB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 69867276 bytes 3197422953678 (3.1 TB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tunint1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 60.60.0.1 netmask 255.255.255.0 destination 60.60.0.1
inet6 fe80::6bb4:1b6f:113c:786b prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 28 bytes 2352 (2.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 2640 (2.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
路線:
desktopuser@desktop:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.23.0.1 0.0.0.0 UG 100 0 0 enp6s0
10.23.0.0 0.0.0.0 255.255.0.0 U 100 0 0 enp6s0
60.60.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tunint1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enp6s0
desktopuser@desktop:~$ ip route
default via 10.23.0.1 dev enp6s0 proto static metric 100
10.23.0.0/16 dev enp6s0 proto kernel scope link src 10.23.17.21 metric 100
60.60.0.0/24 dev tunint1 proto kernel scope link src 60.60.0.1
169.254.0.0/16 dev enp6s0 scope link metric 1000
IPテーブル:
desktopuser@desktop:~$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
desktopuser@desktop:~$ sudo iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT