Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

默认服务端开启了IPV6监听,但是没有监听IPV4,所有客户端无法连接 #3235

Closed
1 of 11 tasks
fschenkun22 opened this issue Jan 2, 2023 · 5 comments
Closed
1 of 11 tasks

默认服务端开启了IPV6监听,但是没有监听IPV4,所有客户端无法连接 #3235

fschenkun22 opened this issue Jan 2, 2023 · 5 comments

Comments

@fschenkun22
Copy link

Bug Description

服务器配置如下:

[common]
bind_port = 17000
token = 123456

使用Linux 命令 netstat -ant 查看端口占用情况

[root@first ~]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     
tcp        0      0 172.24.209.225:36876    100.100.15.4:443        TIME_WAIT  
tcp6       0      0 ::1:25                  :::*                    LISTEN     
tcp6       0      0 :::17000                :::*                    LISTEN

只能看到监听了tcp6的端口 ,但是ipv4的默认没有监听,所以所有客户端都无法进行连接。
文档中没有发现对应监听IPV4 或者 IPV6 的配置项

frpc Version

0.46.0

frps Version

0.46.0

System Architecture

linux/amd64 ;Linux first 3.10.0-1160.71.1.el7.x86_64 #1 SMP Tue Jun 28 15:37:28 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

Configurations

server端配置:

[common]
bind_port = 17000

客户端配置:

[common]
server_addr = "my server ip"
server_port = 17000
token = 123456

[desk]
type = tcp
local_ip = 127.0.0.1
local_port = 3389
remote_port = 43389

Logs

客户端连接时超时,因为服务端没有监听IPV4 所以出现超时

2023/01/02 11:08:06 [W] [service.go:133] login to server failed: dial tcp "my server ip":17000: i/o timeout
dial tcp "my server ip":17000: i/o timeout

Steps to reproduce

  1. 因为这个现象只在我这个环境下产生,所以无法确定是否能还原此问题

...

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
@superzjg
Copy link

superzjg commented Jan 2, 2023

日志信息中出现的"my server ip"字样,我感到很困惑,能解释一下吗?猜测日志信息如果你贴上来没有进行修改,那么配置的server_addr = "my server ip"并不是你为了暴露隐私而改的,而是就是这样设置的(那么肯定连不上)。

@fschenkun22
Copy link
Author

就是隐私 “my server ip” 替代了我现在真实ip 加了引号

@superzjg
Copy link

superzjg commented Jan 3, 2023
edited
Loading

netstat -ant

就是隐私 “my server ip” 替代了我现在真实ip 加了引号

我也用命令netstat -ant看了,确实跟你说的情况一致,只有:::54235 LISTEN,但是我的frpc可以通过ipv4的54235端口连接,连接以后再次使用命令可看到有一个格式为::ffff:175.0.XX.XX:54235 ESTABLISHED状态的连接,这种格式有点特殊,其中175.0.XX.XX为ipv4地址。并且另外的服务,比如frps的仪表盘端口和filebrowser的监听也是同样的显示,但是平时使用都是ipv4连接。所以不能以此命令显示的为准。

@Becods
Copy link
Contributor

Becods commented Jan 5, 2023

尝试将net.ipv6.bindv6only设置为0

通常情况下 go 绑定的 tcp6ipv6ipv4 都可以被访问到的

nodejs/node#9390

https://stackoverflow.com/questions/20657650/socket-listener-for-ipv6-and-ipv4

@cinling
Copy link

cinling commented Feb 11, 2023
edited
Loading

以前我也遇到过类似的情况,我碰到的原因是服务器的防火墙或网关禁止这个端口的访问,可以尝试开放端口或关闭防火墙来解决
原因并不是因为 frps 只监听 ipv6(tcp6)导致的,而是因为端口无法访问,显示 tcp6,用ipv4的地址也是可以连接的

希望可以帮到其他人

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fschenkun22 @cinling @Becods @superzjg