pfSense 上的 IPSec IKEv2:“已解析信息请求 2 [N(AUTH_FAILED)]”

网络工程 虚拟专用网 ipsec ikev2
2022-02-11 00:01:46

我正在尝试在 pfSense 上设置 IPSec IKEv2 VPN 网络。pfsense 直接位于调制解调器后面。我通过静态 IP 地址连接到它。没有双重NAT。我遵循了本教程:

netgate IKEv2 教程

连接不起作用。尝试连接到防火墙的 android 的 pfSense 日志:

    Sep 6 07:59:03  charon  97494   07[NET] <1> received packet: from 109.42.113.240[49837] to xxx.xxx.xxx.xxx[500] (650 bytes)
Sep 6 07:59:03  charon  97494   07[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(REDIR_SUP) ]
Sep 6 07:59:03  charon  97494   07[CFG] <1> looking for an IKEv2 config for xxx.xxx.xxx.xxx...109.42.113.240
Sep 6 07:59:03  charon  97494   07[CFG] <1> candidate: xxx.xxx.xxx.xxx...0.0.0.0/0, ::/0, prio 1052
Sep 6 07:59:03  charon  97494   07[CFG] <1> found matching ike config: xxx.xxx.xxx.xxx...0.0.0.0/0, ::/0 with prio 1052
Sep 6 07:59:03  charon  97494   07[IKE] <1> 109.42.113.240 is initiating an IKE_SA
Sep 6 07:59:03  charon  97494   07[IKE] <1> IKE_SA (unnamed)[1] state change: CREATED => CONNECTING
Sep 6 07:59:03  charon  97494   07[CFG] <1> selecting proposal:
Sep 6 07:59:03  charon  97494   07[CFG] <1> proposal matches
Sep 6 07:59:03  charon  97494   07[CFG] <1> received proposals: IKE:AES_CBC_256/AES_CBC_128/HMAC_SHA2_512_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/HMAC_SHA1_96/PRF_HMAC_SHA2_512/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/PRF_HMAC_SHA1/MODP_2048_256/ECP_384/ECP_256/MODP_2048/MODP_1536, IKE:AES_GCM_16_256/AES_GCM_16_128/PRF_HMAC_SHA2_512/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/PRF_HMAC_SHA1/MODP_2048_256/ECP_384/ECP_256/MODP_2048/MODP_1536
Sep 6 07:59:03  charon  97494   07[CFG] <1> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Sep 6 07:59:03  charon  97494   07[CFG] <1> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Sep 6 07:59:03  charon  97494   07[CFG] <1> received supported signature hash algorithms: sha256 sha384 sha512
Sep 6 07:59:03  charon  97494   07[IKE] <1> remote host is behind NAT
Sep 6 07:59:03  charon  97494   07[IKE] <1> DH group MODP_2048_256 unacceptable, requesting MODP_2048
Sep 6 07:59:03  charon  97494   07[ENC] <1> generating IKE_SA_INIT response 0 [ N(INVAL_KE) ]
Sep 6 07:59:03  charon  97494   07[NET] <1> sending packet: from xxx.xxx.xxx.xxx[500] to 109.42.113.240[49837] (38 bytes)
Sep 6 07:59:03  charon  97494   07[IKE] <1> IKE_SA (unnamed)[1] state change: CONNECTING => DESTROYING
Sep 6 07:59:03  charon  97494   07[NET] <2> received packet: from 109.42.113.240[49837] to xxx.xxx.xxx.xxx[500] (650 bytes)
Sep 6 07:59:03  charon  97494   07[ENC] <2> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(REDIR_SUP) ]
Sep 6 07:59:03  charon  97494   07[CFG] <2> looking for an IKEv2 config for xxx.xxx.xxx.xxx...109.42.113.240
Sep 6 07:59:03  charon  97494   07[CFG] <2> candidate: xxx.xxx.xxx.xxx...0.0.0.0/0, ::/0, prio 1052
Sep 6 07:59:03  charon  97494   07[CFG] <2> found matching ike config: xxx.xxx.xxx.xxx...0.0.0.0/0, ::/0 with prio 1052
Sep 6 07:59:03  charon  97494   07[IKE] <2> 109.42.113.240 is initiating an IKE_SA
Sep 6 07:59:03  charon  97494   07[IKE] <2> IKE_SA (unnamed)[2] state change: CREATED => CONNECTING
Sep 6 07:59:03  charon  97494   07[CFG] <2> selecting proposal:
Sep 6 07:59:03  charon  97494   07[CFG] <2> proposal matches
Sep 6 07:59:03  charon  97494   07[CFG] <2> received proposals: IKE:AES_CBC_256/AES_CBC_128/HMAC_SHA2_512_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/HMAC_SHA1_96/PRF_HMAC_SHA2_512/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/PRF_HMAC_SHA1/MODP_2048/MODP_2048_256/ECP_384/ECP_256/MODP_1536, IKE:AES_GCM_16_256/AES_GCM_16_128/PRF_HMAC_SHA2_512/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/PRF_HMAC_SHA1/MODP_2048/MODP_2048_256/ECP_384/ECP_256/MODP_1536
Sep 6 07:59:03  charon  97494   07[CFG] <2> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Sep 6 07:59:03  charon  97494   07[CFG] <2> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Sep 6 07:59:03  charon  97494   07[CFG] <2> received supported signature hash algorithms: sha256 sha384 sha512
Sep 6 07:59:03  charon  97494   07[IKE] <2> remote host is behind NAT
Sep 6 07:59:03  charon  97494   07[CFG] <2> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Sep 6 07:59:03  charon  97494   07[IKE] <2> sending cert request for "CN=CApfSense, C=DE, ST=SH, L=Kiel"
Sep 6 07:59:03  charon  97494   07[ENC] <2> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Sep 6 07:59:03  charon  97494   07[NET] <2> sending packet: from xxx.xxx.xxx.xxx[500] to 109.42.113.240[49837] (489 bytes)
Sep 6 07:59:03  charon  97494   07[NET] <2> received packet: from 109.42.113.240[58932] to xxx.xxx.xxx.xxx[4500] (352 bytes)
Sep 6 07:59:03  charon  97494   07[ENC] <2> parsed IKE_AUTH request 1 [ IDi CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(ADD_6_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Sep 6 07:59:03  charon  97494   07[CFG] <2> looking for peer configs matching xxx.xxx.xxx.xxx[%any]...109.42.113.240[mobile]
Sep 6 07:59:03  charon  97494   07[CFG] <2> candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Sep 6 07:59:03  charon  97494   07[CFG] <con-mobile|2> selected peer config 'con-mobile'
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> initiating EAP_IDENTITY method (id 0x00)
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> processing INTERNAL_IP4_ADDRESS attribute
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> processing INTERNAL_IP4_DNS attribute
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> peer supports MOBIKE
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> got additional MOBIKE peer address: 2a00:20:7001:d583:88d0:45b0:8275:ddf7
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> got additional MOBIKE peer address: 2a00:20:70ce:7c05:b6b3:d5fb:adc5:c902
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> authentication of 'xxx.xxx.xxx.xxx' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> sending end entity cert "CN=pfSense, C=DE, ST=SH, L=Kiel"
Sep 6 07:59:03  charon  97494   07[ENC] <con-mobile|2> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Sep 6 07:59:03  charon  97494   07[NET] <con-mobile|2> sending packet: from xxx.xxx.xxx.xxx[4500] to 109.42.113.240[58932] (1472 bytes)
Sep 6 07:59:03  charon  97494   07[NET] <con-mobile|2> received packet: from 109.42.113.240[58932] to xxx.xxx.xxx.xxx[4500] (80 bytes)
Sep 6 07:59:03  charon  97494   07[ENC] <con-mobile|2> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Sep 6 07:59:03  charon  97494   07[ENC] <con-mobile|2> generating INFORMATIONAL response 2 [ N(AUTH_FAILED) ]
Sep 6 07:59:03  charon  97494   07[NET] <con-mobile|2> sending packet: from xxx.xxx.xxx.xxx[4500] to 109.42.113.240[58932] (80 bytes)
Sep 6 07:59:03  charon  97494   07[IKE] <con-mobile|2> IKE_SA con-mobile[2] state change: CONNECTING => DESTROYING

问题似乎在这些方面:

Sep 6 07:59:03  charon  97494   07[ENC] <con-mobile|2> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Sep 6 07:59:03  charon  97494   07[ENC] <con-mobile|2> generating INFORMATIONAL response 2 [ N(AUTH_FAILED) ]

这是什么意思,我应该在哪里寻找设置错误?显然这是一个身份验证问题。证书有问题吗?还有什么可能的原因?(证书当然也安装在我的手机上)我还尝试连接一个同样失败的 Windows 客户端。

看起来密钥交换首先失败(“生成 IKE_SA_INIT 响应 0 [ N(INVAL_KE) ]”),然后在第二次尝试时成功。为什么?

RFC5996 规定:“在 IKE_AUTH 交换中发生的所有错误,无论出于何种原因导致身份验证失败(无效的共享密钥、无效的 ID、不受信任的证书颁发者、吊销或过期的证书等)都应该导致 AUTHENTICATION_FAILED 通知。”

ID 和共享密钥是什么意思?

 [if] => mvneta0.4092
                [descr] => OPT
                [switchif] => switch0.port1
            )

        [opt2] => Array
            (
                [descr] => MANAGEMENT
                [if] => mvneta0.5
                [enable] =>
                [ipaddr] => 10.168.5.1
                [subnet] => 24
                [spoofmac] =>
            )

        [opt3] => Array
            (
                [descr] => IOT
                [if] => mvneta0.10
                [enable] =>
                [ipaddr] => 10.168.10.1
                [subnet] => 24
                [spoofmac] =>
            )

        [opt4] => Array
            (
                [descr] => NAS
                [if] => mvneta0.20
                [enable] =>
                [spoofmac] =>
                [ipaddr] => 10.168.20.1
                [subnet] => 24
            )

        [opt5] => Array
            (
                [descr] => VPN
                [if] => mvneta0.30
                [enable] =>
                [ipaddr] => 10.168.30.1
                [subnet] => 24
                [spoofmac] =>
            )

        [opt6] => Array
            (
                [descr] => GUEST
                [if] => mvneta0.40
                [enable] =>
                [ipaddr] => 172.16.40.1
                [subnet] => 24
                [spoofmac] =>
            )

    )

[staticroutes] =>
[dhcpd] => Array
    (
        [lan] => Array
            (
                [enable] =>
                [range] => Array
                    (
                        [from] => 10.168.1.1
                        [to] => 10.168.1.254
                    )

                [dhcpleaseinlocaltime] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
            )

        [opt2] => Array
            (
                [range] => Array
                    (
                        [from] => 10.168.5.1
                        [to] => 10.168.5.9
                    )

                [enable] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
                [dhcpleaseinlocaltime] =>
                [staticmap] => Array
                    (
                        [0] => Array
                            (
                                [mac] => f0:d5:bf:7d:43:99
                                [cid] =>
                                [ipaddr] => 10.168.5.11
                                [hostname] =>
                                [descr] => Christoph Laptop - WLAN
                                [filename] =>
                                [rootpath] =>
                                [defaultleasetime] =>
                                [maxleasetime] =>
                                [gateway] =>
                                [domain] =>
                                [domainsearchlist] =>
                                [ddnsdomain] =>
                                [ddnsdomainprimary] =>
                                [ddnsdomainkeyname] =>
                                [ddnsdomainkey] =>
                                [tftp] =>
                                [ldap] =>
                            )

                    )

            )

        [opt3] => Array
            (
                [range] => Array
                    (
                        [from] => 10.168.10.11
                        [to] => 10.168.10.99
                    )

                [enable] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
                [dhcpleaseinlocaltime] =>
                [staticmap] => Array
                    (
                        [0] => Array
                            (
                                [mac] => 5c:f3:70:58:ec:c9
                                [cid] =>
                                [ipaddr] => 10.168.10.101
                                [hostname] =>
                                [descr] => Scanner (Brother)
                                [filename] =>
                                [rootpath] =>
                                [defaultleasetime] =>
                                [maxleasetime] =>
                                [gateway] =>
                                [domain] =>
                                [domainsearchlist] =>
                                [ddnsdomain] =>
                                [ddnsdomainprimary] =>
                                [ddnsdomainkeyname] =>
                                [ddnsdomainkey] =>
                                [tftp] =>
                                [ldap] =>
                            )

                    )

            )

        [opt4] => Array
            (
                [range] => Array
                    (
                        [from] => 10.168.20.11
                        [to] => 10.168.20.99
                    )

                [enable] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
                [dhcpleaseinlocaltime] =>
                [staticmap] => Array
                    (
                        [0] => Array
                            (
                                [mac] => 00:11:32:5e:eb:41
                                [cid] =>
                                [ipaddr] => 10.168.20.100
                                [hostname] =>
                                [descr] => NAS
                                [filename] =>
                                [rootpath] =>
                                [defaultleasetime] =>
                                [maxleasetime] =>
                                [gateway] =>
                                [domain] =>
                                [domainsearchlist] =>
                                [ddnsdomain] =>
                                [ddnsdomainprimary] =>
                                [ddnsdomainkeyname] =>
                                [ddnsdomainkey] =>
                                [tftp] =>
                                [ldap] =>
                            )

                    )

            )

        [opt5] => Array
            (
                [range] => Array
                    (
                        [from] => 10.168.30.11
                        [to] => 10.168.30.99
                    )

                [enable] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
                [dhcpleaseinlocaltime] =>
            )

        [opt6] => Array
            (
                [range] => Array
                    (
                        [from] => 172.16.40.11
                        [to] => 172.16.40.99
                    )

                [enable] =>
                [failover_peerip] =>
                [defaultleasetime] =>
                [maxleasetime] =>
                [netmask] =>
                [gateway] =>
                [domain] =>
                [domainsearchlist] =>
                [ddnsdomain] =>
                [ddnsdomainprimary] =>
                [ddnsdomainsecondary] =>
                [ddnsdomainkeyname] =>
                [ddnsdomainkeyalgorithm] => hmac-md5
                [ddnsdomainkey] =>
                [mac_allow] =>
                [mac_deny] =>
                [ddnsclientupdates] => allow
                [tftp] =>
                [ldap] =>
                [nextserver] =>
                [filename] =>
                [filename32] =>
                [filename64] =>
                [rootpath] =>
                [numberoptions] =>
                [dhcpleaseinlocaltime] =>
            )

    )

[dhcpdv6] => Array
    (
        [lan] => Array
            (
                [enable] =>
                [range] => Array
                    (
                        [from] => ::1000
                        [to] => ::2000
                    )

                [ramode] => assist
                [rapriority] => medium
            )

    )

[snmpd] => Array
    (
        [syslocation] =>
        [syscontact] =>
        [rocommunity] => public
    )

[diag] => Array
    (
        [ipv6nat] => Array
            (
                [ipaddr] =>
            )

    )

[syslog] => Array
    (
        [filterdescriptions] => 1
    )

[nat] => Array
    (
        [outbound] => Array
            (
                [mode] => automatic
            )

    )

[filter] => Array
    (
        [rule] => Array
            (
                [0] => Array
                    (
                        [type] => pass
                        [ipprotocol] => inet
                        [descr] => Default allow LAN to any rule
                        [interface] => lan
                        [tracker] => 0100000101
                        [source] => Array
                            (
                                [network] => lan
                            )

                        [destination] => Array
                            (
                                [any] =>
                            )

                    )

                [1] => Array
                    (
                        [type] => pass
                        [ipprotocol] => inet6
                        [descr] => Default allow LAN IPv6 to any rule
                        [interface] => lan
                        [tracker] => 0100000102
                        [source] => Array
                            (
                                [network] => lan
                            )

                        [destination] => Array
                            (
                                [any] =>
                            )

                    )

                [2] => Array
                    (
                        [id] =>
                        [tracker] => 1630477503
                        [type] => pass
                        [interface] => enc0
                        [ipprotocol] => inet
                        [tag] =>
                        [tagged] =>
                        [max] =>
                        [max-src-nodes] =>
                        [max-src-conn] =>
                        [max-src-states] =>
                        [statetimeout] =>
                        [statetype] => keep state
                        [os] =>
                        [source] => Array
                            (
                                [any] =>
                            )

                        [destination] => Array
                            (
                                [any] =>
                            )

                        [descr] =>
                        [updated] => Array
                            (
                                [time] => 1630477503
                                [username] => admin@10.168.5.11 (Local Datab                                                                                                                                                             ase)
                            )

                        [created] => Array
                            (
                                [time] => 1630477503
                                [username] => admin@10.168.5.11 (Local Datab                                                                                                                                                             ase)
                            )

                    )

                [3] => Array
                    (
                        [id] =>
                        [tracker] => 1612988883
                        [type] => pass
                        [interface] => opt2
                        [ipprotocol] => inet
                        [tag] =>
                        [tagged] =>
                        [max] =>
                        [max-src-nodes] =>
                        [max-src-conn] =>
                        [max-src-states] =>
                        [statetimeout] =>
                        [statetype] => keep state
                        [os] =>
                        [source] => Array
                            (
                                [any] =>
                            )

                        [destination] => Array
                            (
                                [any] =>
                            )

                        [descr] => Allow all to all
                        [updated] => Array
                            (
                                [time] => 1612988883
                                [username] => admin@192.168.1.106 (Local Dat                                                                                                                                                             abase)
                            )

                        [created] => Array
                            (
                                [time] => 1612988883
                                [username] => admin@192.168.1.106 (Local Dat                                                                                                                                                             abase)
                            )

                    )

                [4] => Array
                    (
                        [id] =>
                        [tracker] => 1613586931
                        [type] => pass
                        [interface] => opt3
                        [ipprotocol] => inet
                        [tag] =>
                        [tagged] =>
                        [max] =>
                        [max-src-nodes] =>
                        [max-src-conn] =>
                        [max-src-states] =>
                        [statetimeout] =>
                        [statetype] => keep state
                        [os] =>
                        [source] => Array
                            (
                                [address] => 10.168.10.101
                            )

                        [destination] => Array
                            (
                                [network] => opt4
                            )

                        [descr] => Allow scanner to NAS
                        [updated] => Array
                            (
                                [time] => 1613586931
                                [username] => admin@10.168.5.4 (Local Databa                                                                                                                                                             se)
                            )

                        [created] => Array
                            (
                                [time] => 1613586931
                                [username] => admin@10.168.5.4 (Local Databa                                                                                                                                                             se)
                            )

                    )
1个回答

ID 和共享密钥是什么意思?

ID 是对等方用来标识自己的任何内容。它可以是主机名、地址、证书

共享秘密本质上是一个密码——只有对等方知道并且可以用来验证身份或加密数据的密码。

其它你可能感兴趣的问题
上一篇根据适当的标准,我应该使用哪种以太网电缆护套颜色? 下一篇IPv4 服务类型和 IPv6 流量类别是否相互等效,或者流量类别是 IPv6 特定的?