AlexGlebe's questions

试图随机添加规则

firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -s 192.168.0.0/16 -d 52.0.0.0/8 -p udp -m udp --dport 3478 -j DROP
firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -s 192.168.0.0/16 -d 52.0.0.0/8 --dport 3478 -j DROP

firewall-cmd 已发出success，进一步的操作会出错。

如何删除防火墙中的错误和错误的规则？

# firewall-cmd --reload
Error: COMMAND_FAILED: Direct: '/usr/sbin/iptables-restore -w -n'  
failed: iptables-restore v1.8.7 (legacy): unknown option "--dport"  
Error occurred at line: 5  
Try `iptables-restore -h' or 'iptables-restore --help' for more information.

禁用FirewallD，因为当您尝试启用它时，SSH访问被禁用。有必要以某种方式更可靠地纠正这种情况，而无需亲自出现在服务器上。

在 Ubuntu 18.04 服务器上，该站点在 ipv6 地址处不可见。

https://ipv4.sklad.rus/index.php- 作品

https://ipv6.sklad.rus/index.php- 不

找了半天原因，没找到。仅适用于虚拟 Windows。原因可能在任何地方，请询问更多信息。

歌剧

无法访问此站点

https://ipv6.sklad.rus/index.php上的网页可能暂时关闭，或者它可能已永久移动到新网址。

ERR_INVALID_ARGUMENT

火狐

黑屏

$ nslookup ipv6.sklad.rus
Server:         192.168.0.72
Address:        192.168.0.72#53

Name:   ipv6.sklad.rus
Address: fe80::5 (сетевая сервера II)
Name:   ipv6.sklad.rus
Address: fe80::9 (сетевая сервера I)

虚拟 Windows 火狐：

工作正常

> nslookup ipv6.sklad.rus

?? : unknown
address : 192.168.0.72 (сервер)

?? : ipv6.sklad.rus
addresses : fe80::9 (сетевая сервера I)
            fe80::5 (сетевая сервера II)

/etc/apache2/sites-available/sklad.rus.conf

<IfModule mod_ssl.c>
    NameVirtualHost *:443
    <VirtualHost *:443>
            ServerAdmin admin@sklad.rus
            ServerName sklad.rus
            ServerAlias ipv4.sklad.rus ipv6.sklad.rus
            DocumentRoot /var/www/sklad.rus/public_html

            <Directory />
                    Options FollowSymLinks
                    AllowOverride None
            </Directory>
            <Directory  /var/www/sklad.rus/public_html>
                    Options Indexes FollowSymLinks MultiViews
                    AllowOverride All
                    Order allow,deny
                    allow from xxxx:xxxx:xxxx:xxxx::/64
                    allow from 192.168.0
                    allow from 192.168.1
                    allow from xxx.xxx
                    allow from xxx.xxx.xxx.xxx
                    allow from 127.0.0.1
                    allow from xxxx:xxxx:xxxx:xxxx::5
                    allow from fe80::/16
                    Require local
                    Require ip xxxx:xxxx:xxxx:xxxx::/64
                    Require ip 192.168.0
                    Require ip 192.168.1
                    Require ip xxx.xxx
                    Require ip xxx.xxx.xxx.xxx
                    Require ip 127.0.0.1
                    Require ip xxxx:xxxx:xxxx:xxxx::5
                    Require ip fe80::/16
           </Directory>
           ...

平

$ ping -I eth0 ipv6.sklad.rus
PING ipv6.sklad.rus(fe80::9 (fe80::9)) from fe80::948b:8c30:898f:e014%eth0 eth0: 56 data bytes
64 bytes from fe80::9%eth0 (fe80::9%eth0): icmp_seq=1 ttl=64 time=0.439 ms
64 bytes from fe80::9%eth0 (fe80::9%eth0): icmp_seq=2 ttl=64 time=0.211 ms
...

痕迹

$ sudo traceroute -i eth0 ipv6.sklad.rus
traceroute to ipv6.sklad.rus (fe80::9), 30 hops max, 80 byte packets
 1  fe80::9%eth0 (fe80::9%eth0)  0.233 ms  0.141 ms  0.097 ms

服务器上route说：

$ route -6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
localhost6.localdomain6/128    [::]                       U    256 1     0 lo
xxxx:xxxx:xxxx:xxxx::/64        [::]                       U    256 1     0 enp3s0
xxxx:xxxx:xxxx:xxxx::/64        [::]                       U    1024 1     0 enp2s0
xxxx:xxxx:xxxx:xxxx::/64        [::]                       U    1024 1     0 enp3s0
fe80::/64                      [::]                       U    256 2     1 enp3s0
fe80::/64                      [::]                       U    256 4   219 enp2s0
[::]/0                         fe80::6e3b:6bff:fedb:5ada  UG   1024 4  2434 enp2s0
[::]/0                         fe80::6e3b:6bff:fedb:5adc  UG   1024 4  2661 enp3s0
localhost6.localdomain6/128    [::]                       Un   0   5 21635 lo
xxxx:xxxx:xxxx:xxxx::/128       [::]                       Un   0   2     0 enp2s0
xxxx:xxxx:xxxx:xxxx::/128       [::]                       Un   0   2     0 enp3s0
xxxx:xxxx:xxxx:xxxx::5/128      [::]                       Un   0   2     0 enp3s0
xxxx:xxxx:xxxx:xxxx:523e:aaff:fe16:8646/128 [::]                       Un   0   2     0 enp3s0
xxxx:xxxx:xxxx:xxxx:ca60:ff:fe61:62c3/128 [::]                       Un   0   3  1176 enp2s0
fe80::/128                     [::]                       Un   0   2     0 enp3s0
fe80::/128                     [::]                       Un   0   2     0 enp2s0
sklad.rus/128                  [::]                       Un   0   3     1 enp3s0
sklad.rus/128                  [::]                       Un   0   5   268 enp2s0
fe80::523e:aaff:fe16:8646/128  [::]                       Un   0   4  7098 enp3s0
fe80::ca60:ff:fe61:62c3/128    [::]                       Un   0   3  4981 enp2s0
ff00::/8                       [::]                       U    256 4  6317 enp3s0
ff00::/8                       [::]                       U    256 4 54257 enp2s0
[::]/0                         [::]                       !n   -1  1     5 lo

Nastasia想问：https ://ru.stackoverflow.com/questions/1280905/Checking-for-out-of-int/1280957#1280957

我正在通过std::atoi()将string转换为int，但是string可以超出int值的范围（内部string可以大于2 147 483 647）

我想通过字符数来检查，如果超过 7 个，以便给出错误，然后逐个字符地检查字符串的最大数量。如果我执行算术运算，就会出现问题，出现越界。如何正确检查数字是否超出其值范围？

我试着这样回答：

有两因素身份验证之类的东西。在我们的例子中，从字符串中读取数字，转换为新字符串，然后进行比较。

# include <string>
# include <sstream>
# include <iostream>
bool isBADstrtoint(std::string const & st,int & in) {
    int i = std::atoi(st.c_str());
    std::stringstream ss;
    ss << i;
std:: cout<<"ss.str = '"<<ss.str()<<"'"<<std::endl;
    if (st == ss.str()) {
        in = i ;
        return false ; }
    return true ; }

int main(){
    int i;
    std::string st = "12345678901";
    if( isBADstrtoint(st,i))
      std::cout<<"st = '"<<st <<"' is bad"<<std::endl;  
    else
      std::cout<<"i = "<<i <<std::endl;
}

仅适用于整数，不接受指数。

ss.str = '-539222987'
st = '12345678901' is bad

使用算术运算时，您应该已经立即自己检查溢出。

int x, y , s ;
s = x + y ;
if ( y > 0 )
  if ( s > x )
    Ok
  else 
    Bad
else
  if ( y < 0 )
    if ( s < x )
      Ok
    else
      Bad

但我的回答被否决了。他们说，对于不能表示这种类型数字的字符串，编译器可以返回任何数字，进一步执行并不能保证使用这个返回值的程序代码的进度。

加数也是一样。如果发生溢出，编译器在比较相等==或<.

这是一个真实的例子，当 UB 发生时，int 类型的行为就好像它可以表示的值的范围比它实际的范围要大。–沃洛洛

#include <iostream>
#include <limits>
#include <type_traits>
using std::cout;
using std::endl;

int main()
{
  volatile int tmp = std::numeric_limits<int>::max();
  
  int a = tmp;
  
  cout << "a+1 > a: " << ( int(a+1) > a ) << endl;
  
  cout << "a+1:     " << int(a+1)      << endl;
  cout << "a:       " << a             << endl;
}

g++ -std=c++2a -O3 -Wall -pedantic -pthread main.cpp && ./a.out
a+1 > a: 1
a+1:     -2147483648
a:       2147483647

如何检查字符串中的数字是否可以通过int类型正确提供？

有一个类具有恒定的秘密字段。这个秘密是由远程功能设置的。以后如何设置这个常数值？或者也许有某种方法可以稍后调用构造函数？

class C {
public :
  C(std::string const & );
  ~C(void);
private :
  std::string const pass ;
} ;

void SetPassword(C&);

int main(){

  C c;
  // error: no matching function for call to ‘C::C()’

  SetPassword(c);
}

这个问题是由于杀死了我的回答而引起的

https://ru.stackoverflow.com/questions/1267199/What-is-used-and-looks-in-code-of-C-link-to-pointer/1267218

问题 ：

阅读 C++ 中的引用和指针 引用、指针引用是什么样的，它们在 C 中是如何使用的？

回答 ：

// обычная переменная
int i = 1 ;

// указатель
int * const p = & i ;

// ссылка
* p ;

// по ссылке присвоить значение
* p = 2 ;

我们用 来检查变量的类型，并用 来typeid创建相同类型的新变量decltype。

# include <utility>
# include <iostream>
# include <typeinfo>
int main ( ) {
    int i = 0 ;
    int * p = & i ;
    int & s = i ;
    std::cout<<"typeid(i).name()=="<<typeid(i).name()<<std::endl;
    std::cout<<"typeid(p).name()=="<<typeid(p).name()<<std::endl;
    std::cout<<"typeid(s).name()=="<<typeid(s).name()<<std::endl;
    std::cout<<"typeid(*p).name()=="<<typeid(*p).name()<<std::endl;
    // decltype(s) s2 ; // error: 's2' declared as reference but not initialized
    // decltype(*p) pp2 ; // error: 'pp2' declared as reference but not initialized
}

印刷 ：

typeid(i).name()==i
typeid(p).name()==Pi
typeid(s).name()==i
typeid(*p).name()==i

为什么编译器说*p这是一个链接，但是这个网站的所有大师都说不是。

我读了英文问题：https ://stackoverflow.com/questions/48388510/generally-is-dereference-pointer-expression-results-a-reference-type/48388647#48388647 ，什么都不懂（后来出现了）。

取消引用指针会产生一个指向类型的左值表达式，该类型指定指向的对象或函数。它不产生参考。*pi是类型的左值int。

在编写程序的过程中，添加了头文件，如果头文件发生了变化，有时会忘记添加文件重新编译的跟踪。我写了一个双重健忘控制：

header1.h：

# ifndef CONTROLheader1h
# error not CONTROLheader1h
# endif
...

header2.h：

# ifndef CONTROLheader2h
# error not CONTROLheader2h
# endif
...

来源.c：

# define CONTROLheader1h
# define CONTROLheader2h
...
# include <header1.h>
# include <header2.h>

然后我手动跟踪Makefile忘了是否添加依赖：

生成文件：

source.o : source.c header1.h header2.h
...

问题：什么是方便的拼写选项Makefile，以免忘记依赖关系。

有时接触不良会导致一个磁盘与 raid5 阵列断开连接。现在我拿不回光盘了。错误弹出。什么是无效论点？

# mdadm /dev/md/2 --add /dev/sda5 
mdadm: add new device failed for /dev/sda5 as 3: Invalid argument

# mdadm --brief /dev/md2                     
/dev/md2: 857.19GiB raid5 3 devices, 0 spares. Use mdadm --detail for more detail.

# cat /proc/mdstat                  
Personalities : [raid6] [raid5] [raid4] 
md2 : active raid5 sdb5[4] sdc2[2]
      898834048 blocks super 1.0 level 5, 64k chunk, algorithm 2 [3/2] [_UU]
      
md0 : active raid5 sdb3[1] sda6[4] sdc1[3]
      976768512 blocks super 1.0 level 5, 128k chunk, algorithm 2 [3/3] [UUU]
      bitmap: 2/4 pages [8KB], 65536KB chunk

unused devices: <none>

# mdadm --detail /dev/md2       
/dev/md2:
           Version : 1.0
     Creation Time : Tue May 31 14:33:33 2016
        Raid Level : raid5
        Array Size : 898834048 (857.19 GiB 920.41 GB)
     Used Dev Size : 449417024 (428.60 GiB 460.20 GB)
      Raid Devices : 3
     Total Devices : 2
       Persistence : Superblock is persistent

       Update Time : Sat Oct 31 17:50:30 2020
             State : clean, degraded 
    Active Devices : 2
   Working Devices : 2
    Failed Devices : 0
     Spare Devices : 0

            Layout : left-symmetric
        Chunk Size : 64K

Consistency Policy : resync

              Name : any:2
              UUID : c4c80dbb:9b5cd068:fe33283e:63397104
            Events : 2813

    Number   Major   Minor   RaidDevice State
       -       0        0        0      removed
       4       8       21        1      active sync   /dev/sdb5
       2       8       34        2      active sync   /dev/sdc2

第二次尝试：

# dd if=/dev/zero of=/dev/sda5 bs=1M count=200
200+0 records in
200+0 records out
209715200 bytes (210 MB, 200 MiB) copied, 2.12945 s, 98.5 MB/s

# mdadm /dev/md2 --add /dev/sda5 
mdadm: add new device failed for /dev/sda5 as 3: Invalid argument

# dmesg
[ 8463.999268] md: sda5 does not have a valid v1.0 superblock, not importing!
[ 8463.999274] md: md_import_device returned -22

在网络内部，我连接到路由器，一切正常。

user@himik:~$ ssh -p 12345 -i ~/.ssh/id_rsa_mikro abcdef@192.168.0.1
[abcdef@MikroG] > 

屋子里一片寂静：

alex@linux-5y4f:~> ssh -p 12345 -i ~/.ssh/id_rsa_mikro abcdef@195.18.18.18

路由器挂在专用地址上，ssh 连接到网络内的服务器，但不是路由器本身。有些事情需要解决。不知该如何。

/ip 防火墙 nat

add action=src-nat chain=srcnat comment=Internet out-interface=bridge1WAN \
 to-addresses=195.18.18.18
add action=dst-nat chain=dstnat comment=\
 "80=HTML,443=HTMLS,58259=SSH trans to 1.2" dst-port=80,443,58259 \
 in-interface=bridge1WAN protocol=tcp to-addresses=192.168.1.2
add action=src-nat chain=srcnat comment="HTMLS Server answer to 1.1" \
 dst-address=192.168.1.2 dst-port=80,443,58259 protocol=tcp src-address=\
 !192.168.0.0/16 to-addresses=192.168.1.1
add action=dst-nat chain=dstnat comment="MySql to server second net" \
 dst-port=23801 in-interface=bridge1WAN protocol=tcp to-addresses=\
 192.168.1.2 to-ports=3306
add action=src-nat chain=srcnat dst-address=192.168.1.2 dst-port=3306 \
 protocol=tcp to-addresses=192.168.1.1
add action=dst-nat chain=dstnat comment=\
 "HTTPS From Local Net to Public IP -> masque to 1.2" dst-address=\
 195.18.18.18 dst-port=80,443 protocol=tcp src-address=192.168.0.0/16 \
 to-addresses=192.168.1.2
add action=src-nat chain=srcnat dst-address=192.168.1.2 dst-port=80,443 \
 protocol=tcp src-address=192.168.0.0/16 to-addresses=192.168.1.1
add action=dst-nat chain=dstnat comment="alex ssh" dst-port=14396 \
 in-interface=bridge1WAN protocol=tcp to-addresses=192.168.0.10
add action=masquerade chain=srcnat dst-address=192.168.1.0/24 src-address=\
 192.168.0.0/24
add action=masquerade chain=srcnat dst-address=192.168.0.0/24 src-address=\
 192.168.1.0/24
add action=dst-nat chain=dstnat comment="silent wifi ssh" dst-port=51491 \
 in-interface=bridge1WAN protocol=tcp to-addresses=192.168.0.8
add action=dst-nat chain=dstnat comment="tan wifi ssh" dst-port=11357 \
 in-interface=bridge1WAN protocol=tcp to-addresses=192.168.0.9
add action=dst-nat chain=dstnat comment="Mikrotik from internet outside" \
 dst-port=12345 in-interface=bridge1WAN protocol=tcp to-addresses=192.168.1.1

/ip 防火墙过​​滤器

add action=accept chain=input comment="Good connections" connection-state=established,related
add action=drop chain=input comment="Kill bad" connection-state=invalid
add action=accept chain=input comment="Ping me" protocol=icmp
add action=drop chain=input comment="Kill all inputs" in-interface-list=!LAN log=yes
add action=accept chain=forward comment="Good transit" \
  connection-state=established,related,untracked
add action=drop chain=forward comment="Bad transit" connection-state=invalid
add action=drop chain=forward comment="drop all from WAN to LAN" \
  connection-nat-state=!dstnat connection-state=new in-interface=bridge1WAN
add action=accept chain=forward comment="to MySQL pass from WAN" \
  dst-port=3306 in-interface=bridge1WAN protocol=tcp
add action=accept chain=forward ipsec-policy=in,ipsec
add action=accept chain=forward ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward connection-state=established,related

/ip 服务

set www address=192.168.0.0/16,fe80::/64 port=18671
set ssh port=12345
set www-ssl address=192.168.0.0/16,fe80::/64 certificate=Webfig 
disabled=no port=16190

我正常敲第一张牌：

$ ping -I enp2s0 192.168.0.160
PING 192.168.0.160 (192.168.0.160) from 192.168.0.72 enp2s0: 56(84) bytes of data.
64 bytes from 192.168.0.160: icmp_seq=1 ttl=64 time=0.338 ms

我敲了第二声沉默：

$ ping -I enp3s0 192.168.0.160
PING 192.168.0.160 (192.168.0.160) from 192.168.0.65 enp3s0: 56(84) bytes of data.
^C
--- 192.168.0.160 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4097ms

IPv6通过：

$ ping -I enp3s0 fe80::94a1:4767:1eb0:555d
PING fe80::94a1:4767:1eb0:555d(fe80::94a1:4767:1eb0:555d) from fe80::523e:aaff:fe16:8646%enp3s0 enp3s0: 56 data bytes
64 bytes from fe80::94a1:4767:1eb0:555d%enp3s0: icmp_seq=1 ttl=64 time=0.331 ms

传入的 ipv4 敲门有时会通过，有时不会：

$ ping -I eth1 192.168.0.65              
PING 192.168.0.65 (192.168.0.65) from 192.168.0.160 eth1: 56(84) bytes of data.
^C
--- 192.168.0.65 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6137ms

或者

$ ping -I eth1 192.168.0.65
PING 192.168.0.65 (192.168.0.65) from 192.168.0.160 eth1: 56(84) bytes of data.
64 bytes from 192.168.0.65: icmp_seq=1 ttl=64 time=0.180 ms

传入 ipv6 正常：

$ ping6 -I eth1 fe80::523e:aaff:fe16:8646
PING fe80::523e:aaff:fe16:8646(fe80::523e:aaff:fe16:8646) from fe80::94a1:4767:1eb0:555d%eth1 eth1: 56 data bytes
64 bytes from fe80::523e:aaff:fe16:8646%eth1: icmp_seq=1 ttl=64 time=0.312 ms

我错误地配置了一些东西。请说明原因。以及如何解决它。

$ ip地址

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether c8:60:00:61:62:c3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.72/24 brd 192.168.0.255 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 2a03:e2c0:bde:5555:ca60:ff:fe61:62c3/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 2591906sec preferred_lft 604706sec
    inet6 2a03:e2c0:bde:5555::5/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::ca60:ff:fe61:62c3/64 scope link 
       valid_lft forever preferred_lft forever
3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 50:3e:aa:16:86:46 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.65/24 brd 192.168.0.255 scope global enp3s0
       valid_lft forever preferred_lft forever
    inet6 2a03:e2c0:bde:5555:523e:aaff:fe16:8646/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 2591906sec preferred_lft 604706sec
    inet6 fe80::523e:aaff:fe16:8646/64 scope link 
       valid_lft forever preferred_lft forever
    inet6 fe80::230:4fff:fe40:709/64 scope link 
       valid_lft forever preferred_lft forever
4: wlp4s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 6c:6a:77:30:9d:5a brd ff:ff:ff:ff:ff:ff

$ ip路由

default via 192.168.0.1 dev enp2s0 proto static 
default via 192.168.0.1 dev enp3s0 proto static 
default via 192.168.0.1 dev enp3s0 proto static metric 100 
192.168.0.0/24 dev enp2s0 proto kernel scope link src 192.168.0.72 
192.168.0.0/24 dev enp3s0 proto kernel scope link src 192.168.0.65 
192.168.0.0/24 via 192.168.0.1 dev enp2s0 proto static metric 50 

$ ipl

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether c8:60:00:61:62:c3 brd ff:ff:ff:ff:ff:ff
3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 50:3e:aa:16:86:46 brd ff:ff:ff:ff:ff:ff
4: wlp4s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 6c:6a:77:30:9d:5a brd ff:ff:ff:ff:ff:ff

$ cat /etc/netplan/50-cloud-init.yaml

    ethernets:
        enp2s0:
            addresses: [192.168.0.72/24,"2a03:e2c0:bde:5555::5/64"]
            gateway4: 192.168.0.1
            nameservers:
              addresses: [8.8.8.8,8.8.4.4,"2001:4860:4860::8888","2001:4860:4860::8844"]
            dhcp4: no
            routes:
              - to: 192.168.0.0/24
                via: 192.168.0.1
                metric: 50
        enp3s0:
            addresses: [192.168.0.65/24, "fe80::523e:aaff:fe16:8646/64", "2a03:e2c0:bde:5555:523e:aaff:fe16:8646/64"]
            gateway6: "2a03:e2c0:bde::1"
            dhcp4: no
            gateway4: 192.168.0.1
            nameservers:
              addresses: [8.8.8.8,8.8.4.4,"2001:4860:4860::8888","2001:4860:4860::8844"]
            dhcp6: no
            routes:
              - to: 0.0.0.0/0
                via: 192.168.0.1
                metric: 100
  version: 2

在gbg的回答之后，临时解决方案是：

# оставил только ipv6
        enp3s0:
            addresses: [ "fe80::523e:aaff:fe16:8646/64", "2a03:e2c0:bde:5555:523e:aaff:fe16:8646/64"]
            gateway6: "2a03:e2c0:bde::1"
            nameservers:
              addresses: ["2001:4860:4860::8888","2001:4860:4860::8844"]
            dhcp6: no