ktctl connect 显示成功后，k8s集群的ip和ping通，但是通过端口访问不行

Question

ktctl connect 显示成功后，k8s集群的ip和ping通，但是通过端口访问不行

DavidLei08 opened this issue 2 years ago · 0 comments

Describe the bug
本地使用无线网，k8s集群宿主机是通的
启动成功后，k8s集群中的pod的ip 是可以ping通但是通过端口无法访问成功
C:\windows\system32>ping 100.232.105.175

正在 Ping 100.232.105.175 具有 32 字节的数据:
来自 100.232.105.175 的回复: 字节=32 时间<1ms TTL=64
来自 100.232.105.175 的回复: 字节=32 时间<1ms TTL=64
来自 100.232.105.175 的回复: 字节=32 时间<1ms TTL=64
来自 100.232.105.175 的回复: 字节=32 时间<1ms TTL=64

100.232.105.175 的 Ping 统计信息:
数据包: 已发送 = 4，已接收 = 4，丢失 = 0 (0% 丢失)，
往返行程的估计时间(以毫秒为单位):
最短 = 0ms，最长 = 0ms，平均 = 0ms

curl 提示链接被重置
C:\windows\system32>curl http://100.232.105.175:11000/mesh/agent/state
curl: (56) Recv failure: Connection was reset

Log
启动日志如下
9:35AM INF Using cluster context kubernetes-admin@kubernetes (kubernetes)
9:35AM INF KtConnect 0.3.7 start at 16240 (windows amd64)
9:35AM INF Fetching cluster time ...
9:35AM INF Using tun2socks mode
9:35AM INF Successful create config map kt-connect-shadow-rrlzu
9:35AM INF Deploying shadow pod kt-connect-shadow-rrlzu in namespace default
9:35AM INF Waiting for pod kt-connect-shadow-rrlzu ...
9:35AM INF Pod kt-connect-shadow-rrlzu is ready
9:35AM INF Port forward local:1579 -> pod kt-connect-shadow-rrlzu:22 established
9:35AM INF Socks proxy established
2023/02/21 09:35:58 Using existing driver 0.14
2023/02/21 09:35:58 Creating adapter
9:35AM INF Tun device KtConnectTunnel is ready
9:35AM INF Adding route to 10.233.0.0/16
9:35AM INF Adding route to 100.232.0.0/16
9:35AM INF Adding route to 172.30.128.0/17
9:36AM INF Adding route to 172.30.64.0/18
9:36AM INF Adding route to 172.30.32.0/19
9:36AM INF Adding route to 172.30.16.0/20
9:36AM INF Adding route to 172.30.0.0/21
9:36AM INF Adding route to 172.30.8.0/22
9:36AM INF Adding route to 172.30.14.0/23
9:36AM INF Adding route to 172.30.12.0/24
9:36AM INF Adding route to 172.30.13.128/25
9:36AM INF Adding route to 172.30.13.0/26
9:36AM INF Adding route to 172.30.13.96/27
9:36AM INF Adding route to 172.30.13.64/28
9:36AM INF Adding route to 172.30.13.80/29
9:36AM INF Adding route to 172.30.13.92/30
9:36AM INF Adding route to 172.30.13.90/31
9:36AM INF Adding route to 172.30.13.89/32
9:36AM INF Adding route to 172.31.200.110/32
9:36AM INF Route to tun device completed
9:36AM INF Setting up dns in local mode
9:36AM INF Port forward local:10541 -> pod kt-connect-shadow-rrlzu:53 established
9:36AM INF Setup local DNS with upstream [tcp:127.0.0.1:10541 udp:192.168.75.14:53]
9:36AM INF Creating udp dns on port 53
9:36AM WRN Failed to lookup www.microsoft.com. (6) in dns (127.0.0.1:10541) error=EOF
9:36AM WRN Failed to lookup iflytek.com. (6) in dns (127.0.0.1:10541) error=EOF
9:36AM WRN Failed to lookup hfdc.iflytek.com. (1) in dns (127.0.0.1:10541) error=EOF
9:36AM INF ---------------------------------------------------------------
9:36AM INF All looks good, now you can access to resources in the kubernetes cluster
9:36AM INF ---------------------------------------------------------------
9:36AM WRN Failed to lookup chaolei.iflytek.com. (6) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59897->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.dyhospital.com. (1) in dns (127.0.0.1:10541) error=EOF
9:36AM WRN Failed to lookup chaolei.iflytek.com. (6) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59898->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup mtalk.google.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59900->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup content-autofill.googleapis.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59899->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup chaolei.iflytek.com. (6) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59901->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup mtalk.google.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59904->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup content-autofill.googleapis.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:59905->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:61421->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56942->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56943->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56946->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56947->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup 0.0.233.10.in-addr.arpa. (6) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56948->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup client.wns.windows.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56951->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56952->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup 0.0.233.10.in-addr.arpa. (6) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56954->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56953->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56955->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56956->127.0.0.1:10541: i/o timeout"
9:36AM WRN Failed to lookup wpad.iflytek.com. (1) in dns (127.0.0.1:10541) error="read tcp 127.0.0.1:56957->127.0.0.1:10541: i/o timeout"

Environment (please complete the following information):

OS: [(windows10 amd64 ]
Kubernetes [v1.21.12/linux/amd64]
KT Version [ktctl_0.3.7]

Additional context
route print
C:\windows\system32>route print

接口列表
13...........................WireGuard Tunnel
22...54 05 db 86 32 73 ......Intel(R) Ethernet Connection (10) I219-V
3...00 ff 07 a1 fa 70 ......Hillstone Virtual Network Adapter
16...00 ff aa bb cc dd ......Gateway NC Adapter
24...00 ff da b8 04 7a ......TAP-Windows Adapter V9
11...c8 e2 65 e1 2f 45 ......Microsoft Wi-Fi Direct Virtual Adapter
23...ca e2 65 e1 2f 44 ......Microsoft Wi-Fi Direct Virtual Adapter #2
9...c8 e2 65 e1 2f 44 ......Intel(R) Wi-Fi 6 AX201 160MHz
5...00 ff 27 b3 34 0d ......Sangfor SSL VPN CS Support System VNIC
21...c8 e2 65 e1 2f 48 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1

IPv4 路由表

活动路由:
网络目标网络掩码网关接口跃点数
0.0.0.0 0.0.0.0 10.41.156.1 10.41.157.217 45
10.41.156.0 255.255.254.0 在链路上 10.41.157.217 301
10.41.157.217 255.255.255.255 在链路上 10.41.157.217 301
10.41.157.255 255.255.255.255 在链路上 10.41.157.217 301
10.233.0.0 255.255.0.0 10.233.0.0 10.233.0.0 258
10.233.0.0 255.255.255.255 在链路上 10.233.0.0 258
100.232.0.0 255.255.0.0 100.232.0.0 10.233.0.0 258
100.232.0.0 255.255.255.255 在链路上 10.233.0.0 258
127.0.0.0 255.0.0.0 在链路上 127.0.0.1 331
127.0.0.1 255.255.255.255 在链路上 127.0.0.1 331
127.255.255.255 255.255.255.255 在链路上 127.0.0.1 331
172.30.0.0 255.255.248.0 172.30.0.0 10.233.0.0 258
172.30.0.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.8.0 255.255.252.0 172.30.8.0 10.233.0.0 258
172.30.8.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.12.0 255.255.255.0 172.30.12.0 10.233.0.0 258
172.30.12.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.0 255.255.255.192 172.30.13.0 10.233.0.0 258
172.30.13.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.64 255.255.255.240 172.30.13.64 10.233.0.0 258
172.30.13.64 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.80 255.255.255.248 172.30.13.80 10.233.0.0 258
172.30.13.80 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.89 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.90 255.255.255.254 172.30.13.90 10.233.0.0 258
172.30.13.90 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.92 255.255.255.252 172.30.13.92 10.233.0.0 258
172.30.13.92 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.96 255.255.255.224 172.30.13.96 10.233.0.0 258
172.30.13.96 255.255.255.255 在链路上 10.233.0.0 258
172.30.13.128 255.255.255.128 172.30.13.128 10.233.0.0 258
172.30.13.128 255.255.255.255 在链路上 10.233.0.0 258
172.30.14.0 255.255.254.0 172.30.14.0 10.233.0.0 258
172.30.14.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.16.0 255.255.240.0 172.30.16.0 10.233.0.0 258
172.30.16.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.32.0 255.255.224.0 172.30.32.0 10.233.0.0 258
172.30.32.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.64.0 255.255.192.0 172.30.64.0 10.233.0.0 258
172.30.64.0 255.255.255.255 在链路上 10.233.0.0 258
172.30.128.0 255.255.128.0 172.30.128.0 10.233.0.0 258
172.30.128.0 255.255.255.255 在链路上 10.233.0.0 258
172.31.200.110 255.255.255.255 在链路上 10.233.0.0 258
224.0.0.0 240.0.0.0 在链路上 127.0.0.1 331
224.0.0.0 240.0.0.0 在链路上 10.41.157.217 301
224.0.0.0 240.0.0.0 在链路上 10.233.0.0 258
255.255.255.255 255.255.255.255 在链路上 127.0.0.1 331
255.255.255.255 255.255.255.255 在链路上 10.41.157.217 301
255.255.255.255 255.255.255.255 在链路上 10.233.0.0 258

永久路由:
网络地址网络掩码网关地址跃点数
10.233.0.0 255.255.0.0 10.233.0.0 默认
100.232.0.0 255.255.0.0 100.232.0.0 默认
172.30.128.0 255.255.128.0 172.30.128.0 默认
172.30.64.0 255.255.192.0 172.30.64.0 默认
172.30.32.0 255.255.224.0 172.30.32.0 默认
172.30.16.0 255.255.240.0 172.30.16.0 默认
172.30.0.0 255.255.248.0 172.30.0.0 默认
172.30.8.0 255.255.252.0 172.30.8.0 默认
172.30.14.0 255.255.254.0 172.30.14.0 默认
172.30.12.0 255.255.255.0 172.30.12.0 默认
172.30.13.128 255.255.255.128 172.30.13.128 默认
172.30.13.0 255.255.255.192 172.30.13.0 默认
172.30.13.96 255.255.255.224 172.30.13.96 默认
172.30.13.64 255.255.255.240 172.30.13.64 默认
172.30.13.80 255.255.255.248 172.30.13.80 默认
172.30.13.92 255.255.255.252 172.30.13.92 默认
172.30.13.90 255.255.255.254 172.30.13.90 默认
172.30.13.89 255.255.255.255 172.30.13.89 默认
172.31.200.110 255.255.255.255 172.31.200.110 默认

IPv6 路由表

活动路由:
接口跃点数网络目标网关
1 331 ::1/128 在链路上
9 301 fe80::/64 在链路上
13 261 fe80::/64 在链路上
9 301 fe80::6175:bcea:5c0b:17a2/128
在链路上
13 261 fe80::c15e:9860:b70d:68d6/128
在链路上
1 331 ff00::/8 在链路上
9 301 ff00::/8 在链路上
13 261 ff00::/8 在链路上

永久路由:
无

ipconfig
C:\windows\system32>ipconfig

Windows IP 配置

未知适配器 KtConnectTunnel:

连接特定的 DNS 后缀 . . . . . . . :
本地链接 IPv6 地址. . . . . . . . : fe80::bcdb:d3ae:f132:137%13
IPv4 地址 . . . . . . . . . . . . : 10.233.0.0
子网掩码 . . . . . . . . . . . . : 255.255.0.0
IPv4 地址 . . . . . . . . . . . . : 100.232.0.0
子网掩码 . . . . . . . . . . . . : 255.255.0.0
IPv4 地址 . . . . . . . . . . . . : 172.30.0.0
子网掩码 . . . . . . . . . . . . : 255.255.248.0
IPv4 地址 . . . . . . . . . . . . : 172.30.8.0
子网掩码 . . . . . . . . . . . . : 255.255.252.0
IPv4 地址 . . . . . . . . . . . . : 172.30.12.0
子网掩码 . . . . . . . . . . . . : 255.255.255.0
IPv4 地址 . . . . . . . . . . . . : 172.30.13.0
子网掩码 . . . . . . . . . . . . : 255.255.255.192
IPv4 地址 . . . . . . . . . . . . : 172.30.13.64
子网掩码 . . . . . . . . . . . . : 255.255.255.240
IPv4 地址 . . . . . . . . . . . . : 172.30.13.80
子网掩码 . . . . . . . . . . . . : 255.255.255.248
IPv4 地址 . . . . . . . . . . . . : 172.30.13.89
子网掩码 . . . . . . . . . . . . : 255.255.255.255
IPv4 地址 . . . . . . . . . . . . : 172.30.13.90
子网掩码 . . . . . . . . . . . . : 255.255.255.254
IPv4 地址 . . . . . . . . . . . . : 172.30.13.92
子网掩码 . . . . . . . . . . . . : 255.255.255.252
IPv4 地址 . . . . . . . . . . . . : 172.30.13.96
子网掩码 . . . . . . . . . . . . : 255.255.255.224
IPv4 地址 . . . . . . . . . . . . : 172.30.13.128
子网掩码 . . . . . . . . . . . . : 255.255.255.128
IPv4 地址 . . . . . . . . . . . . : 172.30.14.0
子网掩码 . . . . . . . . . . . . : 255.255.254.0
IPv4 地址 . . . . . . . . . . . . : 172.30.16.0
子网掩码 . . . . . . . . . . . . : 255.255.240.0
IPv4 地址 . . . . . . . . . . . . : 172.30.32.0
子网掩码 . . . . . . . . . . . . : 255.255.224.0
IPv4 地址 . . . . . . . . . . . . : 172.30.64.0
子网掩码 . . . . . . . . . . . . : 255.255.192.0
IPv4 地址 . . . . . . . . . . . . : 172.30.128.0
子网掩码 . . . . . . . . . . . . : 255.255.128.0
IPv4 地址 . . . . . . . . . . . . : 172.31.200.110
子网掩码 . . . . . . . . . . . . : 255.255.255.255
默认网关. . . . . . . . . . . . . :

以太网适配器以太网 2: