Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google Cloud Platform - CentOS 6, 连接成功, 能打开网页, 但是重启后失效的问题. #181

Open
zhaoleimxd opened this issue Apr 25, 2020 · 0 comments
Open

Google Cloud Platform - CentOS 6, 连接成功, 能打开网页, 但是重启后失效的问题. #181

zhaoleimxd opened this issue Apr 25, 2020 · 0 comments

Comments

@zhaoleimxd
Copy link

zhaoleimxd commented Apr 25, 2020
edited
Loading

环境:
Google Cloud Platform 谷歌云
System: CentOS6
Kernel: 2.6.32-504.3.3.el6.x86_64

症状:
安装成功,连接成功,NAT转发成功,能打开网页,但是重启服务器后,使用ipsec start启动服务,连接成功,却无法打开网页。

研究结果:
发现在安装脚本的iptables_check函数中调用了sysctl --system,仔细观察了一下,GCP的CentOS6除了系统自带的/etc/sysctl.conf以外,还自带了一个文件: /etc/sysctl.d/11-gce-network-security.conf。这俩文件都是net.ipv4.ip_forward=0,而脚本自己生成了一个/etc/sysctl.d/10-ipsec.conf。也就是这三个文件得一起应用才行。

解决方案:
有两种解决方案
一、系统启动后运行sysctl --system,可以添加到/etc/rc.local的最后一行中,系统启动后自动执行。
二、手动修改以下三个文件:
1) /etc/sysctl.conf
2) /etc/sysctl.d/11-gce-network-security.conf
3) /etc/sysctl.d/10-ipsec.conf
确保这三个配置文件中都是net.ipv4.ip_forward=1

还有一个设置要改动,但未确认有没有关系。
谷歌云控制台 > VPC网络 > default > 修改 > 动态路由模式 修改为 全局,然后保存。
@zhaoleimxd zhaoleimxd changed the title Google Cloud Platform - CentOS 6, 连接成功, NAT转发成功, 能打开网页, 但是重启后失效的问题. Google Cloud Platform - CentOS 6, 连接成功, 能打开网页, 但是重启后失效的问题. Apr 25, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zhaoleimxd