[Linux] Ubuntu 22.04 ufw 방화벽 설정 후 ssh port 22: Operation timed out 해결

문제 상황)

환경 : Mac M1 VMware Fusion Player에서 Ubuntu 22.04 OS인 VM

 

sudo ufw disable 명령어 입력 후 재시작 후 ssh 접속 불가와, ip가 사라지는 현상 발생

kubernetes clustering 구성을 위해 방화벽 비활성화 시도함

root@master:~# sudo ufw disable
Firewall stopped and disabled on system startup

root@master:~# sudo ufw status
Status: inactive

 

재시작 후 ssh 접속 불가

ssh root@172.16.133.4
ssh: connect to host 172.16.133.4 port 22: Operation timed out

---

시도했던 방법 & 해결 과정)

ifconfig 명령어, ip add 명령어로 ip 확인하기

net-tools 미설치 시, ip add 명령어를 통해 ip를 확인할 수 있음 → ens 160에 ip가 있었는 데, 없어짐 

 

기존에 고정 IP 받아오는 설정을 했었지만, ip를 못 받아오는 문제로 인해  ssh 접근도 안됨

vi /etc/netplan/00-installer-config.yaml

 

다시 한번 고정 IP 설정을 하기 위해 sudo netplan apply 명령어를 시도했지만, command가 없다고 뜸

 

 

sudo ifconfig ens160 up 명령어를 통해 수동으로 네트워크 인터페이스를  활성화하여, 다시 IP를 할당받을 수 있도록 함

여기서 ens160은 사용자의 네트워크 인터페이스 이름임, ip add 명령어를 통해 확인 가능함

 

sudo dhclient -v 명령어를 통해 dhcp 클라이언트를 다시 시작하여 ip 주소를 재할당 받음

ifconfig 명령어로 ip 조회해 보니 172.16.133.133으로 dhcp로 동적 IP를 받아와 짐을 알 수 있음

 

dhcp로 받아온 동적 IP로 ssh로 접속 성공

ssh root@172.16.133.133

root@172.16.133.133's password:
Last login: Tue Feb 27 05:30:52 2024

root@master:~#

 

root@master:~# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.133.133  netmask 255.255.255.0  broadcast 172.16.133.255
        inet6 fe80::20c:29ff:fe6c:42ff  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:6c:42:ff  txqueuelen 1000  (Ethernet)
        RX packets 174  bytes 20077 (20.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 163  bytes 18139 (18.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 46  memory 0x3fe00000-3fe20000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 864  bytes 66890 (66.8 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 864  bytes 66890 (66.8 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

고정 IP 설정하기 

netplan 패키지 설치 오류 

root@master:~# netplan
-bash: netplan: command not found


root@master:~# apt install netplan
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package netplan is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'netplan' has no installation candidate

 

패키지 목록 최신 상태로 업데이트 후 해결

root@master:~# apt-get update
root@master:~# apt-get upgrade

root@master:~# apt-get install netplan.io

root@master:~# netplan
You need to specify a command
usage: /usr/sbin/netplan  [-h] [--debug]  ...

Network configuration in YAML

options:
  -h, --help  show this help message and exit
  --debug     Enable debug messages

Available commands:

    help      Show this help message
    apply     Apply current netplan config to running system
    generate  Generate backend specific configuration files from /etc/netplan/*.yaml
    get       Get a setting by specifying a nested key like "ethernets.eth0.addresses", or "all"
    info      Show available features
    ip        Retrieve IP information from the system
    set       Add new setting by specifying a dotted key=value pair like ethernets.eth0.dhcp4=true
    rebind    Rebind SR-IOV virtual functions of given physical functions to their driver
    status    Query networking state of the running system
    try       Try to apply a new netplan config to running system, with automatic rollback

 

netplan config 파일 고정 IP 받아오도록 수정 후 netplan apply로 적용

root@master:~# vi /etc/netplan/00-installer-config.yaml

# This is the network config written by 'subiquity'
network:
  version: 2
  ethernets:
    ens160:
      addresses:
      - 172.16.133.4/24
      routes:
      - to: default
        via: 172.16.133.2
      nameservers:
        addresses: [8.8.8.8]

root@master:~# sudo netplan apply

 

다시 고정 IP 받아와 짐을 확인함

결론 ufw disable은 신중히 하기!!!

root@master:~# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.133.4  netmask 255.255.255.0  broadcast 172.16.133.255
        inet6 fe80::20c:29ff:fe6c:42ff  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:6c:42:ff  txqueuelen 1000  (Ethernet)
        RX packets 6323  bytes 4289553 (4.2 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3689  bytes 453266 (453.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 46  memory 0x3fe00000-3fe20000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 972  bytes 76239 (76.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 972  bytes 76239 (76.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0