卓:0.0.0.0/0 和 ::/0 是什么意思?
AWS: What does 0.0.0.0/0 and ::/0 mean?
在安全组中,我添加的每个入端口,都添加了两条规则,一条是0.0.0.0/0,一条是::/0。它们分别是什么意思?
The default route in Internet Protocol Version 4 (IPv4) is designated
as the zero-address 0.0.0.0/0 in CIDR notation, often called the
quad-zero route. The subnet mask is given as /0, which effectively
specifies all networks, and is the shortest match possible.
另一个用于 IPv6
AWS 文档
A security group acts as a virtual firewall for your instance to
control inbound and outbound traffic. When you launch an instance in a
VPC, you can assign the instance to up to five security groups.
Security groups act at the instance level, not the subnet level.
Therefore, each instance in a subnet in your VPC could be assigned to
a different set of security groups. If you don't specify a particular
group at launch time, the instance is automatically assigned to the
default security group for the VPC.
For each security group, you add rules that control the inbound
traffic to instances, and a separate set of rules that control the
outbound traffic.
您的 VPC 的默认安全组
Your VPC automatically comes with a default security group. Each EC2
instance that you launch in your VPC is automatically associated with
the default security group if you don't specify a different security
group when you launch the instance.
The following table describes the default rules for a default security
group.
进站
Source The security group ID (sg-xxxxxxxx)
Protocol All
Port Range All
Comments Allow inbound traffic from instances assigned to the same security group.
出站
Destination 0.0.0.0/0
Protocol All
Port Range All
Comments Allow all outbound IPv4 traffic.
Destination ::/0
Protocol All
Port Range All
Comments Allow all outbound IPv6 traffic. This rule is added by default if you create a VPC with an IPv6 CIDR block or if you associate an IPv6 CIDR block with your existing VPC.
0.0.0.0/0,::/0 - 表示源可以是任何 ip 地址,表示接受来自任何系统的请求,0.0.0.0/0 表示 ipv4,::/0 表示 ipv6。要了解 CIDR(无类 Inter-Domain 路由)表示,请观看此视频 - https://www.youtube.com/watch?v=1xsmbe5s6j0
0.0.0.0/0 指所有 IPv4 地址,::/0 指所有 IPv6 地址。
0.0.0.0 表示来自 local system
或来自 anywhere 的任何 IP internet
可以访问。
与路由table中指定的already
相比everything else
其他。
当我们添加 /0
用于 IPv4 而 ::/0
用于 IPv6 被称为 CIDR
回到您的 AWS 部分,当您定义 0.0.0.0/0 or ::/0 时,这意味着所有 IPv4 和 IPv6 范围分别可以访问您的 AWS 服务。
IPv4 的范围来自 0.0.0.0 to 255.255.255.255 where as IPv6 have 2^128 个地址。
一个IP地址是由32位组成的,斜线就是告诉你有多少位用来标识网段,剩下的位用来标识主机。例如,255.0.0.0/8 告诉您 8 位用于网络,24 位用于主机,因此您可能有 16777214 个可能的 IP 来自 255 网络。
在符号 0.0.0.0/0 的情况下,这意味着您不使用任何网络标识符,因此您拥有完整的 32 位 IP,这意味着所有可能的 IP,这意味着允许所有请求。
在安全组中,我添加的每个入端口,都添加了两条规则,一条是0.0.0.0/0,一条是::/0。它们分别是什么意思?
The default route in Internet Protocol Version 4 (IPv4) is designated as the zero-address 0.0.0.0/0 in CIDR notation, often called the quad-zero route. The subnet mask is given as /0, which effectively specifies all networks, and is the shortest match possible.
另一个用于 IPv6
AWS 文档
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign the instance to up to five security groups. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC could be assigned to a different set of security groups. If you don't specify a particular group at launch time, the instance is automatically assigned to the default security group for the VPC.
For each security group, you add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.
您的 VPC 的默认安全组
Your VPC automatically comes with a default security group. Each EC2 instance that you launch in your VPC is automatically associated with the default security group if you don't specify a different security group when you launch the instance.
The following table describes the default rules for a default security group.
进站
Source The security group ID (sg-xxxxxxxx)
Protocol All
Port Range All
Comments Allow inbound traffic from instances assigned to the same security group.
出站
Destination 0.0.0.0/0
Protocol All
Port Range All
Comments Allow all outbound IPv4 traffic.
Destination ::/0
Protocol All
Port Range All
Comments Allow all outbound IPv6 traffic. This rule is added by default if you create a VPC with an IPv6 CIDR block or if you associate an IPv6 CIDR block with your existing VPC.
0.0.0.0/0,::/0 - 表示源可以是任何 ip 地址,表示接受来自任何系统的请求,0.0.0.0/0 表示 ipv4,::/0 表示 ipv6。要了解 CIDR(无类 Inter-Domain 路由)表示,请观看此视频 - https://www.youtube.com/watch?v=1xsmbe5s6j0
0.0.0.0/0 指所有 IPv4 地址,::/0 指所有 IPv6 地址。
0.0.0.0 表示来自 local system
或来自 anywhere 的任何 IP internet
可以访问。
与路由table中指定的already
相比everything else
其他。
当我们添加 /0
用于 IPv4 而 ::/0
用于 IPv6 被称为 CIDR
回到您的 AWS 部分,当您定义 0.0.0.0/0 or ::/0 时,这意味着所有 IPv4 和 IPv6 范围分别可以访问您的 AWS 服务。
IPv4 的范围来自 0.0.0.0 to 255.255.255.255 where as IPv6 have 2^128 个地址。
一个IP地址是由32位组成的,斜线就是告诉你有多少位用来标识网段,剩下的位用来标识主机。例如,255.0.0.0/8 告诉您 8 位用于网络,24 位用于主机,因此您可能有 16777214 个可能的 IP 来自 255 网络。
在符号 0.0.0.0/0 的情况下,这意味着您不使用任何网络标识符,因此您拥有完整的 32 位 IP,这意味着所有可能的 IP,这意味着允许所有请求。