V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
工单节点使用指南
• 请用平和的语言准确描述你所遇到的问题
• 厂商的技术支持和你一样也是有喜怒哀乐的普通人类,尊重是相互的
• 如果是关于 V2EX 本身的问题反馈,请使用 反馈 节点
xaviertoo
V2EX  ›  全球工单系统

钉钉在 ipv6 环境下出现访问问题, h5.dingtalk.com 解析错误。

  •  
  •   xaviertoo · 2023-02-16 11:01:29 +08:00 · 1196 次点击
    这是一个创建于 625 天前的主题,其中的信息可能已经有所发展或是发生改变。

    钉钉在 ipv6 环境下出现访问问题。多个页面依赖 h5.dingtalk.com ,如“工作台”页等。域名解析到 2401:b180:2000:60::f 并不能正确返回。 阿里同学 toB 环境多考虑 ipv6 的使用场景。

    1 条回复    2023-03-16 14:04:27 +08:00
    zealot
        1
    zealot  
       2023-03-16 14:04:27 +08:00
    方便的话可以发一下 curl 命令输出结果,我这边实测是可以的
    (绑 IPv6 host 验证 OK:2401:b180:2000:60::f h5.dingtalk.com

    ``` $ curl -6 -v https://h5.dingtalk.com/status.taobao
    * Trying [2401:b180:2000:60::f]:443...
    * Connected to h5.dingtalk.com (2401:b180:2000:60::f) port 443 (#0)
    * ALPN: offers h2
    * ALPN: offers http/1.1
    * CAfile: /etc/ssl/cert.pem
    * CApath: none
    * (304) (OUT), TLS handshake, Client hello (1):
    * (304) (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
    * ALPN: server accepted h2
    * Server certificate:
    * subject: C=CN; ST=ZheJiang; L=HangZhou; O=Alibaba (China) Technology Co., Ltd.; CN=*.dingtalk.com
    * start date: Apr 12 01:56:07 2022 GMT
    * expire date: May 14 01:56:06 2023 GMT
    * subjectAltName: host "h5.dingtalk.com" matched cert's "*.dingtalk.com"
    * issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Organization Validation CA - SHA256 - G2
    * SSL certificate verify ok.
    * Using HTTP2, server supports multiplexing
    * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
    * h2h3 [:method: GET]
    * h2h3 [:path: /status.taobao]
    * h2h3 [:scheme: https]
    * h2h3 [:authority: h5.dingtalk.com]
    * h2h3 [user-agent: curl/7.86.0]
    * h2h3 [accept: */*]
    * Using Stream ID: 1 (easy handle 0x14e813400)
    > GET /status.taobao HTTP/2
    > Host: h5.dingtalk.com
    > user-agent: curl/7.86.0
    > accept: */*
    >
    * Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
    < HTTP/2 200
    < server: Tengine
    < date: Thu, 16 Mar 2023 06:02:49 GMT
    < content-length: 0
    < accept-ranges: bytes
    < etag: W/"0-1678781644000"
    < last-modified: Tue, 14 Mar 2023 08:14:04 GMT
    < cache-control: no-cache
    < content-security-policy-report-only: default-src 'self';style-src 'self' 'unsafe-inline' dev.g.alicdn.com g.alicdn.com at.alicdn.com *.test.youku.com *.taobao.net webapi.amap.com;script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' *.dingtalk.com *.cnzz.com *.alicdn.com market.wapa.taobao.com dev.g.alicdn.com g.alicdn.com ynuf.alipay.com log.mmstat.com s.tbcdn.cn vip.laiwang.com wswukong.laiwang.com local.alipcsec.com:6691 *.taobao.net cfd.aliyun.com restapi.amap.com webapi.amap.com tce.taobao.com cfall.aliyun.com gw.alipayobjects.com ynuf.aliapp.org;connect-src 'self' *.dingtalk.com ynuf.alipay.com dev.g.alicdn.com g.alicdn.com retcode.taobao.com dingtalk-cspase-sh.oss-cn-shanghai.aliyuncs.com dingtalk-cspase-sz.oss-cn-shenzhen.aliyuncs.com arms-retcode.aliyuncs.com arms-retcode.aliyuncs.com gm.mmstat.com ynuf.aliapp.org wss://acs.wapa.taobao.com wss://acs.m.taobao.com aliliving.alicdn.com wgo.mmstat.com dtliving.alicdn.com hd.mmstat.com uc.gre alilive.alicdn.com *.mobgslb.tbcache.com *.mmstat.com px.effirst.com;frame-src 'self' h5.m.taobao.com qiye.aliyun.com log.laiwang.com dev.g.alicdn.com g.alicdn.com login.dingtalk.com login2.dingtalk.com *.dingtalk.com mailsso.mxhichina.com wvjbscheme: alipaybridge: alipaymonitor: ynuf.aliapp.org cn-hangzhou-dap.cloud.alipay.com cn-hangzhou-cap.cloud.alipay.com auth.cloud.alipay.com;font-src 'self' at.alicdn.com dev.g.alicdn.com g.alicdn.com data: *.taobao.net i.alicdn.com;img-src 'self' data: http: fourier.taobao.com *.dingtalk.com *.aliimg.com *.alicdn.com *.mmstat.com ynuf.alipay.com arms-retcode.aliyuncs.com pin.aliyun.com fourier.alibaba.com retcode.taobao.com *.cnzz.com dingtalk-cspase-sh.oss-cn-shanghai.aliyuncs.com dingtalk-cspase-sz.oss-cn-shenzhen.aliyuncs.com restapi.amap.com landray.dingtalkapps.com restapi.amap.com image.uczzd.cn;media-src 'self' *.dingtalk.com cloud.video.taobao.com videocdn.taobao.com dev.g.alicdn.com g.alicdn.com tbm-auth.alicdn.com alilive.alicdn.com aliliving.alicdn.com blob:;worker-src 'self' blob:;report-uri https://csp.dingtalk.com/csp;
    ```
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   951 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 20:30 · PVG 04:30 · LAX 13:30 · JFK 16:30
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.