IPV6链路地址分类

Aggregate global unicast address
可聚集全球单播地址 001x xxxx xxxx xxxx::
2400 0010 0100 0000 0000
2400:6180:0:d0::47f:1001/64
2400:6180:0:d0:0000:0000:47f:1001/64
#ping6 2400:6180:0:d0:0000:0000:47f:1001
PING 2400:6180:0:d0:0000:0000:47f:1001(2400:6180:0:d0::47f:1001) 56 data bytes
64 bytes from 2400:6180:0:d0::47f:1001: icmp_seq=1 ttl=64 time=3.23 ms

Unspecified address
IPv6中的未指定地址即0:0:0:0:0:0:0:0/128 或者::/128

Loopack address
IPv6中的环回地址即0:0:0:0:0:0:0:1/128 或者::1/128 相当于IPv4中的127.0.0.1/8,主要用于设备给自己发送报文。
#ping6 ::1
PING ::1(::1) 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.041 ms
64 bytes from ::1: icmp_seq=2 ttl=64 time=0.046 ms

Link Local Address 链路本地地址 FE80::/10(最高10位值为1111111010)(1111 1110 1000 0000)唯一本地单播地址
链路本地地址是IPv6中的应用范围受限制的地址类型,只能在连接到同一本地链路的节点之间使用。似于ipv4中,当DHCP分配失败时自动生成的类似于169.254.0.0/16这样的地址,凡是源地址或目的地址中含有link-local address的报文,路由器都不应当转发它,这样的报文只能在一个LAN中互通。

(ULA,unique local address)唯一区域地址FC00::/7(最高7位值为1111110) (1111 1100 0000 0000)
唯一本地地址是另一种应用范围受限的地址,它仅能在一个站点内使用。由于本地站点地址的废除(RFC3879),唯一本地地址被用来代替本地站点地址(RFC4193)
唯一本地地址的作用类似于IPv4中的私网地址,任何没有申请到提供商分配的全球单播地址的组织机构都可以使用唯一本地地址。

IPv6的组播与IPv4相同,用来标识一组接口,一般这些接口属于不同的节点。IPv6组播地址的前缀是FF00::/8
IPv6中没有为任播规定单独的地址空间,任播地址和单播地址使用相同的地址空间。

Server1:inet6 addr: fe80::250:56ff:fe90:32d8/64 Scope:Link
Server2:inet6 addr: fe80::250:56ff:fe90:4625/64 Scope:Link

#ping6 fe80::250:56ff:fe90:4625
connect: Invalid argument

ping6 -I eth0 fe80::250:56ff:fe90:4625
PING fe80::250:56ff:fe90:4625(fe80::250:56ff:fe90:4625) from fe80::250:56ff:fe90:32d8 eth0: 56 data bytes
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=1 ttl=64 time=2.02 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=2 ttl=64 time=0.169 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=3 ttl=64 time=0.147 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=4 ttl=64 time=0.224 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=5 ttl=64 time=0.187 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=6 ttl=64 time=0.172 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=7 ttl=64 time=0.157 ms
64 bytes from fe80::250:56ff:fe90:4625: icmp_seq=8 ttl=64 time=0.153 ms

ping6 -I enp0s3 fe80::1
PING fe80::1(fe80::1) from fe80::1 enp0s3: 56 data bytes
64 bytes from fe80::1: icmp_seq=1 ttl=64 time=0.017 ms
64 bytes from fe80::1: icmp_seq=2 ttl=64 time=0.030 ms
64 bytes from fe80::1: icmp_seq=3 ttl=64 time=0.032 ms

Google to the rescue, you have to specify the network interface you want to use to send the packet. It’s ok ping6 has a -I parameter that allows you to select the one you want, and you also find that there is a weird syntax that allows you to do that inline
fe80 (1)

fe80 (2)

CentOS 6.x 安装cacti-0.8.8 使用SNMPv2 监控服务器

CentOS 6.x 安装cacti-0.8.8 使用SNMPv2 监控服务器

Cacti是一套基于PHP,MySQL,SNMP及RRDTool开发的网络流量监测图形分析工具。Cacti是通过 snmpget来获取数据,使用 RRDtool绘画图形。
首先需要安装配置运行环境
Nginx/1.9.14
PHP5.6.20 PHP需要支持SNMP(php-snmp)
Mysql5.6.30 Cacti导入数据库的时候,数据库格式要是utf8 (-DDEFAULT_CHARSET=utf8)或者使用phpMyAdmin导入特定格式

Cacti
http://www.cacti.net/
http://docs.cacti.net/manual:088:1_installation.1_install_unix.5_install_and_configure_cacti

安装准备
yum -y install rrdtool-devel net-snmp* epel-release
sudo rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
wget http://www.cacti.net/downloads/cacti-0.8.8g.tar.gz;tar -zxvf cacti-0.8.8g.tar.gz;mv cacti-0.8.8g cacti;

vi /home/www/web/cacti/include/config.php //编辑配置文件
mysql>/home/www/web/cacti/cacti.sql; //导入cacti数据库文件,数据库需要utf8格式

测试采集
/usr/local/php/bin/php /home/wwwroot/default/cacti/poller.php

PHP Warning: system() has been disabled for security reasons in /home/www/web/cacti/lib/poller.php on line 141
PHP Warning: exec() has been disabled for security reasons in /home/www/web/cacti/lib/poller.php on line 129
PHP Warning: popen() has been disabled for security reasons in /home/www/web/cacti/lib/rrd.php on line 52

开放被禁用的函数exec() popen() system()
vim /usr/local/php/etc/php.ini

设置定时任务 crontab -e
*/5 * * * * /usr/local/php/bin/php /home/wwwroot/default/cacti/poller.php > /dev/null 2>&1

防火墙设置
iptables -I INPUT -p udp --dport 161 -j ACCEPT;service iptables save;service iptables restart;
iptables -I OUTPUT -p udp --dport 161 -j ACCEPT;service iptables save;service iptables restart;

增加 cacti 用户以用来写入rrd和log目录的数据,否则就会生成不了图片
[root@Cacti ~]#useradd -M -s /sbin/nologin cacti
[root@Cacti ~]#cd /home/wwwroot/default/cacti
[root@Cacti ~]#chown -R cacti rra/ log/

tail /home/wwwroot/default/cacti/log/cacti.log #查看日志文件
cd /home/wwwroot/default/cacti/rra/ #保存的图形数据

SNMPv2