Я пытаюсь заставить свой сервер CentOS v7 запустить IPv6. Root работает, он может пинговать с помощью "ping6 ipv6.google.com", и ifconfig выглядит отлично; я вижу строки:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 149.202.217.90 netmask 255.255.255.0 broadcast 149.202.217.255
inet6 fe80::ec4:7aff:fec4:d912 prefixlen 64 scopeid 0x20<link>
inet6 2001:41d0:1000:1c5a:: prefixlen 64 scopeid 0x0<global>
Но как непривилегированный пользователь я не могу выполнить ping ipv6 и не вижу адресов inet6 в ifconfig.
Что происходит? Почему мои пользователи не видят те же интерфейсы, настроенные так же, как root?
[редактировать]
Как и было запрошено, ip a s
и ping6 -c1 ipv6.google.com
результат:
корень
[root@rabbit ~]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 2001:41d0:1000:1c5a::/64 scope global
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 5e:63:58:37:5d:30 brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN
link/ether 32:ad:47:94:1f:b1 brd ff:ff:ff:ff:ff:ff
4: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
link/ether 7e:52:08:a5:1a:dd brd ff:ff:ff:ff:ff:ff
5: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
link/ether 3e:ba:b9:d1:09:3b brd ff:ff:ff:ff:ff:ff
6: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 0c:c4:7a:c4:d9:12 brd ff:ff:ff:ff:ff:ff
inet 149.202.217.90/24 brd 149.202.217.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2001:41d0:1000:1c5a::/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ec4:7aff:fec4:d912/64 scope link
valid_lft forever preferred_lft forever
7: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 0c:c4:7a:c4:d9:13 brd ff:ff:ff:ff:ff:ff
8: teql0: <NOARP> mtu 1500 qdisc noop state DOWN qlen 100
link/void
9: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/ipip 0.0.0.0 brd 0.0.0.0
10: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
11: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN
link/tunnel6 :: brd ::
[root@rabbit ~]# ping6 -c1 ipv6.google.com
PING ipv6.google.com(par03s15-in-x0e.1e100.net) 56 data bytes
64 bytes from par03s15-in-x0e.1e100.net: icmp_seq=1 ttl=57 time=6.61 ms
--- ipv6.google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 6.615/6.615/6.615/0.000 ms
пользователь (предварительный)
[pryormic@rabbit ~]$ ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 2001:41d0:1000:1c5a::/64 scope global
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN
link/ether 5e:63:58:37:5d:30 brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN
link/ether 32:ad:47:94:1f:b1 brd ff:ff:ff:ff:ff:ff
4: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
link/ether 7e:52:08:a5:1a:dd brd ff:ff:ff:ff:ff:ff
5: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN qlen 32
link/ether 3e:ba:b9:d1:09:3b brd ff:ff:ff:ff:ff:ff
6: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 0c:c4:7a:c4:d9:12 brd ff:ff:ff:ff:ff:ff
inet 149.202.217.90/24 brd 149.202.217.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2001:41d0:1000:1c5a::/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ec4:7aff:fec4:d912/64 scope link
valid_lft forever preferred_lft forever
7: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 0c:c4:7a:c4:d9:13 brd ff:ff:ff:ff:ff:ff
8: teql0: <NOARP> mtu 1500 qdisc noop state DOWN qlen 100
link/void
9: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/ipip 0.0.0.0 brd 0.0.0.0
10: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
11: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN
link/tunnel6 :: brd ::
[pryormic@rabbit ~]$ ping6 -c1 ipv6.google.com
ping: icmp open socket: Operation not permitted
[править2]
Я добавил вывод ifconfig ниже:
корень
[root@rabbit ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 149.202.217.90 netmask 255.255.255.0 broadcast 149.202.217.255
inet6 fe80::ec4:7aff:fec4:d912 prefixlen 64 scopeid 0x20<link>
inet6 2001:41d0:1000:1c5a:: prefixlen 64 scopeid 0x0<global>
ether 0c:c4:7a:c4:d9:12 txqueuelen 1000 (Ethernet)
RX packets 12131475 bytes 2122218137 (1.9 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1113935 bytes 690582284 (658.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 0c:c4:7a:c4:d9:13 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6632 bytes 1169904 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
inet6 2001:41d0:1000:1c5a:: prefixlen 64 scopeid 0x0<global>
loop txqueuelen 0 (Local Loopback)
RX packets 332704 bytes 448694222 (427.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 332704 bytes 448694222 (427.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
пользователь (предварительный)
[pryormic@rabbit ~]$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 149.202.217.90 netmask 255.255.255.0 broadcast 149.202.217.255
ether 0c:c4:7a:c4:d9:12 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 0c:c4:7a:c4:d9:13 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 0 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
решение1
Следующая команда должна предоставить пользователям возможность использовать ping6
. Запустите как root
setcap cap_net_raw+ep /usr/bin/ping