Tocmai am schimbat o interfață ethernet pe serverul meu ubuntu 20 pentru a fi gestionată de managerul de rețea (ceilalți erau deja gestionați de acesta, acesta a fost rătăcit)
Problema se pare acum că accesul este limitat la/de la acest server
Am aceste subrețele:
- 10.0.3.x (unde este serverul meu dns)
- 10.0.1.x (unde este serverul meu)
- 10.0.21.x (unde este computerul meu personal)
Everythign intern ar trebui să aibă acces la subrețeaua 10.0.3.x, iar 10.0.21.x ar trebui să aibă acces la subrețeaua 10.0.1.x
În prezent:
De pe computerul meu personal:
- Nu pot face ping la serverul meu / acces la aplicațiile găzduite de pe acesta (portul 8443) / ssh (22) la el
- Totuși, pot accesa gateway-ul care se află pe aceeași subrețea.
De pe serverul meu:
- Pot da ping la 10.0.3.x
- Nu pot da ping la 10.0.21.x
- Pot să pun ping (și să rezolv) google.com
De pe alte dispozitive din rețeaua 10.0.1.x
- Poate face ping cu succes la server.
Pe server am ufw dezactivat, așa că nu se efectuează, iar înainte de a migra interfața pentru a fi gestionată de managerul de rețea, obișnuiam să aveam acces la aceasta, așa că, deși am un firewall între ele, acesta nu a fost schimbat și nu are nicio noutate reguli în vigoare.
Există ceva ce am omis atunci când migrez la managerul de rețea, care este necesar pentru a permite accesul la alte subrețele?
Notă:
Serverul are mai multe adaptoare, inclusiv cele pe 10.0.1.x și 10.0.3.x, deci rutele tipărite de traseu avea deja mapări pentru acele subrețele. obisnuiam nmtui pentru a adăuga rute personalizate la 10.0.21.x pentru a trece prin adaptorul 10.0.1.x.
-- Câteva gropi care ar putea ajuta la înțelegere ---
sudo ufw status
Stare: inactiv
afișează linkul ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state modul NECUNOSCUT DEFAULT grup implicit qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq stare UP mod DEFAULT grup implicit qlen 1000
link/ether ac:1f:6b:6e:0f:c2 brd ff:ff:ff:ff:ff:ff
3: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq stare UP mod DEFAULT grup implicit qlen 1000
link/ether ac:1f:6b:6e:0f:c3 brd ff:ff:ff:ff:ff:ff
4: enx00e04c68024d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:e0:4c:68:02:4d brd ff:ff:ff:ff:ff:ff
5: enx00e04c6802c0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT grup implicit qlen 1000
link/ether 00:e0:4c:68:02:c0 brd ff:ff:ff:ff:ff:ff
6: enx0050b6bf0651: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:50:b6:bf:06:51 brd ff:ff:ff:ff:ff:ff
7: enx00e04c6802cd: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:e0:4c:68:02:cd brd ff:ff:ff:ff:ff:ff
8: enx00e04c6802cc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:e0:4c:68:02:cc brd ff:ff:ff:ff:ff:ff
9: enx0050b6bf06c1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:50:b6:bf:06:c1 brd ff:ff:ff:ff:ff:ff
10: enx0050b6befcb3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:50:b6:be:fc:b3 brd ff:ff:ff:ff:ff:ff
11: enx0050b6bf070c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 1000
link/ether 00:50:b6:bf:07:0c brd ff:ff:ff:ff:ff:ff
12: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT grup implicit qlen 1000
link/ether 52:54:00:d8:cf:13 brd ff:ff:ff:ff:ff:ff
13: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 stare mod DOWN DEFAULT grup implicit qlen 1000
link/ether 52:54:00:d8:cf:13 brd ff:ff:ff:ff:ff:ff
14: br-7e213162e029: <NO-CARRIER, BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT grup implicit
link/ether 02:42:c5:b7:58:a5 brd ff:ff:ff:ff:ff:ff
15: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT grup implicit
link/ether 02:42:a1:90:34:12 brd ff:ff:ff:ff:ff:ff
16: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT grup implicit qlen 1000
link/ether 52:54:00:e3:66:84 brd ff:ff:ff:ff:ff:ff
17: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr1 stare mod DOWN DEFAULT grup implicit qlen 1000
link/ether 52:54:00:e3:66:84 brd ff:ff:ff:ff:ff:ff
18: macvtap0@enx00e04c6802cc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:4e:b9:ee brd ff:ff:ff:ff:ff:ff
19: macvtap1@enx0050b6bf070c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:50:04:24 brd ff:ff:ff:ff:ff:ff
20: macvtap2@enx00e04c68024d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:4e:2a:55 brd ff:ff:ff:ff:ff:ff
21: macvtap3@enx00e04c6802cd: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:03:1d:21 brd ff:ff:ff:ff:ff:ff
22: macvtap4@enx0050b6bf06c1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:ed:71:0b brd ff:ff:ff:ff:ff:ff
23: macvtap5@enx0050b6befcb3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT grup implicit qlen 500
link/ether 52:54:00:68:40:57 brd ff:ff:ff:ff:ff:ff
traseu
Tabelul de rutare IP al nucleului
Destination Gateway Genmask Flags Metric Ref Utilizare Iface
implicit _gateway 0.0.0.0 UG 101 0 0 enx00e04c6802cd
implicit _gateway 0.0.0.0 UG 102 0 0 enx00e04c6802cc
implicit _gateway 0.0.0.0 UG 103 0 0 enx0050b6befcb3
implicit _gateway 0.0.0.0 UG 105 0 0 eno3
implicit _gateway 0.0.0.0 UG 106 0 0 enx0050b6bf06c1
implicit _gateway 0.0.0.0 UG 107 0 0 enx0050b6bf070c
implicit _gateway 0.0.0.0 UG 109 0 0 enx00e04c68024d
10.0.1.0 0.0.0.0 255.255.255.0 U 105 0 0 eno3
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1
10.0.3.0 0.0.0.0 255.255.255.0 U 106 0 0 enx0050b6bf06c1
10.0.3.0 0.0.0.0 255.255.255.0 U 107 0 0 enx0050b6bf070c
10.0.10.0 0.0.0.0 255.255.255.0 U 101 0 0 enx00e04c6802cd
10.0.20.0 0.0.0.0 255.255.255.192 U 5 0 0 eno3
10.0.21.0 0.0.0.0 255.255.255.192 U 5 0 0 eno3
10.0.60.0 0.0.0.0 255.255.255.0 U 109 0 0 enx00e04c68024d
10.0.70.0 0.0.0.0 255.255.255.0 U 103 0 0 enx0050b6befcb3
10.0.90.0 0.0.0.0 255.255.255.0 U 102 0 0 enx00e04c6802cc
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-7e213162e029
192.168.123.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
starea dispozitivului nmcli
CONEXIUNEA STARE TIP DISPOZIT
enx00e04c6802cd ethernet conectat Conexiune prin cablu 10
eno3 ethernet conectat Conexiune prin cablu 1
enx0050b6befcb3 ethernet conectat Conexiune prin cablu 3
enx0050b6bf06c1 ethernet conectat Conexiune prin cablu 5
enx0050b6bf070c ethernet conectat Conexiune prin cablu 6
enx00e04c68024d ethernet conectat Conexiune prin cablu 7
enx00e04c6802cc ethernet conectat Conexiune prin cablu 9
br-7e213162e029 pod conectat br-7e213162e029
docker0 bridge conectat docker0
virbr0 pod conectat virbr0
virbr1 pod conectat virbr1
eno4 ethernet deconectat --
enx0050b6bf0651 ethernet deconectat --
enx00e04c6802c0 Ethernet indisponibil --
loopback negestionat --
macvtap0 macvlan negestionat --
macvtap1 macvlan negestionat --
macvtap2 macvlan negestionat --
macvtap3 macvlan negestionat --
macvtap4 macvlan negestionat --
macvtap5 macvlan negestionat --
virbr0-nic tun negestionat --
virbr1-nic tun negestionat --
