某些位置无法访问新 VPS

某些位置无法访问新 VPS

首先,我对 VPS 这个东西还很陌生,我在 contabo.com 上有一个 Centos VPS。

我设置了一个网络服务器并开始托管一个网站。

我也尝试使用 bind 设置 dns 服务器,但无法使其工作,所以我使用了 freedns.afraid.org。

我可以通过 dsl 家用电脑访问该网站和 vps ip,但当我尝试使用我的 4G 平板电脑访问该网站时,却找不到该网站。

因此我做了一些测试,并发现从某些点无法访问它,您可以在此处检查:

watchmouse.com

并输入我的域名 dvdplaza.org 或 ip 193.37.152.191

必须位置给出 100% 的数据包错误。

无论是 ping VPS IP 还是 ping 域(dvdplaza.org),都会丢失数据包。

downforeveryoneorjustme.com/dvdplaza.org

这是 VPS 提供商的问题吗?

这是我的服务器配置的问题吗?

这是 freedns.afraid.org 的问题吗?

我询问了 vps 提供商,他们说他们会检查一下,但情况仍然一样。

你能访问我的网站吗?(请回答,仅用于检查)

有人可以帮我调试一下吗?

谢谢。

编辑:我在同一个 VPS 上也有一个 postfix+dovecot 邮件服务器,入站和出站邮件发送都没有错误。MX mail.dvdplaza.org

ACCEPT     tcp  --  anywhere             google-public-dns-b.google.com tcp spt:domain
ACCEPT     udp  --  anywhere             google-public-dns-b.google.com udp spt:domain
ACCEPT     tcp  --  anywhere             google-public-dns-a.google.com tcp dpt:domain
ACCEPT     udp  --  anywhere             google-public-dns-a.google.com udp dpt:domain
ACCEPT     tcp  --  anywhere             google-public-dns-a.google.com tcp spt:domain
ACCEPT     udp  --  anywhere             google-public-dns-a.google.com udp spt:domain
LOCALOUTPUT  all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:domain
ACCEPT     udp  --  anywhere             anywhere            udp spt:domain
ACCEPT     all  --  anywhere             anywhere
INVALID    tcp  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpts:tcpmux:65535
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpts:tcpmux:65535
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
LOGDROPOUT  all  --  anywhere             anywhere

Chain ALLOWIN (1 references)
target     prot opt source               destination
ACCEPT     all  --  bd650748.virtua.com.br  anywhere

Chain ALLOWOUT (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             bd650748.virtua.com.br

Chain DENYIN (1 references)
target     prot opt source               destination
DROP       all  --  177.3.146.160        anywhere
DROP       all  --  193.227.34.49        anywhere
DROP       all  --  dhcp-089-099-208-212.chello.nl  anywhere
DROP       all  --  14.63.224.220        anywhere
DROP       all  --  220.182.3.163        anywhere
DROP       all  --  110.172.52.34        anywhere
DROP       all  --  28.114.191.90.dyn.estpak.ee  anywhere
DROP       all  --  219.144.17.74        anywhere
DROP       all  --  192.151.145.42       anywhere
DROP       all  --  rrcs-70-60-185-231.central.biz.rr.com  anywhere
DROP       all  --  201-69-30-191.dial-up.telesp.net.br  anywhere
DROP       all  --  117.79.148.54        anywhere
DROP       all  --  162-17-233-89-static.hfc.comcastbusiness.net  anywhere     
DROP       all  --  mx.busap.com         anywhere
DROP       all  --  101.162.176.243      anywhere
DROP       all  --  CPE-121-216-59-226.lnse1.ken.bigpond.net.au  anywhere      
DROP       all  --  c-97f670d5.03-77-67626721.cust.bredbandsbolaget.se  anywhere
DROP       all  --  189-30-99-230.ccoce700.dsl.brasiltelecom.net.br  anywhere  
DROP       all  --  177.125.246.32       anywhere
DROP       all  --  187-123-108-35.cpeoco.viaembratel.net.br  anywhere         
DROP       all  --  b3d86532.virtua.com.br  anywhere
DROP       all  --  5.199.133.110        anywhere
DROP       all  --  220.178.18.67        anywhere
DROP       all  --  1112.globatel.ru     anywhere
DROP       all  --  ip187-86-17-197.anid.com.br  anywhere
DROP       all  --  crawl-66-249-78-47.googlebot.com  anywhere
DROP       all  --  61.155.177.58        anywhere
DROP       all  --  219.138.203.198      anywhere
DROP       all  --  bb27efd9.virtua.com.br  anywhere
DROP       all  --  mx.iniap.gob.ec      anywhere
DROP       all  --  95.141.28.77         anywhere
DROP       all  --  94.156.12.144        anywhere
DROP       all  --  114.80.224.90        anywhere
DROP       all  --  88-190-35-168.rev.dedibox.fr  anywhere
DROP       all  --  200-153-231-253.dsl.telesp.net.br  anywhere
DROP       all  --  host162-198-static.205-37-b.business.telecomitalia.it  anywhere
DROP       all  --  183.203.16.231       anywhere
DROP       all  --  host01.dbxmedia.com  anywhere
DROP       all  --  bade8fd6.virtua.com.br  anywhere
DROP       all  --  80.87.72.10          anywhere
DROP       all  --  2.25.198.76          anywhere
DROP       all  --  gateway.vikingserv.net  anywhere
DROP       all  --  253.233.15.37.dynamic.jazztel.es  anywhere
DROP       all  --  061093207014.ctinets.com  anywhere
DROP       all  --  200.195.70.4         anywhere

Chain DENYOUT (1 references)
target     prot opt source               destination
DROP       all  --  anywhere             177.3.146.160
DROP       all  --  anywhere             193.227.34.49
DROP       all  --  anywhere             dhcp-089-099-208-212.chello.nl
DROP       all  --  anywhere             14.63.224.220
DROP       all  --  anywhere             220.182.3.163
DROP       all  --  anywhere             110.172.52.34
DROP       all  --  anywhere             28.114.191.90.dyn.estpak.ee
DROP       all  --  anywhere             219.144.17.74
DROP       all  --  anywhere             192.151.145.42
DROP       all  --  anywhere             rrcs-70-60-185-231.central.biz.rr.com
DROP       all  --  anywhere             201-69-30-191.dial-up.telesp.net.br
DROP       all  --  anywhere             117.79.148.54
DROP       all  --  anywhere             162-17-233-89-static.hfc.comcastbusiness.net
DROP       all  --  anywhere             mx.busap.com
DROP       all  --  anywhere             101.162.176.243
DROP       all  --  anywhere             CPE-121-216-59-226.lnse1.ken.bigpond.net.au
DROP       all  --  anywhere             c-97f670d5.03-77-67626721.cust.bredbandsbolaget.se
DROP       all  --  anywhere             189-30-99-230.ccoce700.dsl.brasiltelecom.net.br
DROP       all  --  anywhere             177.125.246.32
DROP       all  --  anywhere             187-123-108-35.cpeoco.viaembratel.net.br
DROP       all  --  anywhere             b3d86532.virtua.com.br
DROP       all  --  anywhere             5.199.133.110
DROP       all  --  anywhere             220.178.18.67
DROP       all  --  anywhere             1112.globatel.ru
DROP       all  --  anywhere             ip187-86-17-197.anid.com.br
DROP       all  --  anywhere             crawl-66-249-78-47.googlebot.com
DROP       all  --  anywhere             61.155.177.58
DROP       all  --  anywhere             219.138.203.198
DROP       all  --  anywhere             bb27efd9.virtua.com.br
DROP       all  --  anywhere             mx.iniap.gob.ec
DROP       all  --  anywhere             95.141.28.77
DROP       all  --  anywhere             94.156.12.144
DROP       all  --  anywhere             114.80.224.90
DROP       all  --  anywhere             88-190-35-168.rev.dedibox.fr
DROP       all  --  anywhere             200-153-231-253.dsl.telesp.net.br
DROP       all  --  anywhere             host162-198-static.205-37-b.business.telecomitalia.it
DROP       all  --  anywhere             183.203.16.231
DROP       all  --  anywhere             host01.dbxmedia.com
DROP       all  --  anywhere             bade8fd6.virtua.com.br
DROP       all  --  anywhere             80.87.72.10
DROP       all  --  anywhere             061093207014.ctinets.com
DROP       all  --  anywhere             200.195.70.4

Chain INVALID (2 references)
target     prot opt source               destination
INVDROP    all  --  anywhere             anywhere            state INVALID
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN
INVDROP    tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN,RST
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,RST/FIN,RST
INVDROP    tcp  --  anywhere             anywhere            tcp flags:FIN,ACK/FIN
INVDROP    tcp  --  anywhere             anywhere            tcp flags:PSH,ACK/PSH
INVDROP    tcp  --  anywhere             anywhere            tcp flags:ACK,URG/URG
INVDROP    tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW

Chain INVDROP (10 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain LOCALINPUT (1 references)
target     prot opt source               destination
ALLOWIN    all  --  anywhere             anywhere
DENYIN     all  --  anywhere             anywhere

Chain LOCALOUTPUT (1 references)
target     prot opt source               destination
ALLOWOUT   all  --  anywhere             anywhere
DENYOUT    all  --  anywhere             anywhere

Chain LOGDROPIN (1 references)
target     prot opt source               destination
DROP       tcp  --  anywhere             anywhere            tcp dpt:bootps
DROP       udp  --  anywhere             anywhere            udp dpt:bootps
DROP       tcp  --  anywhere             anywhere            tcp dpt:bootpc
DROP       udp  --  anywhere             anywhere            udp dpt:bootpc
DROP       tcp  --  anywhere             anywhere            tcp dpt:sunrpc
DROP       udp  --  anywhere             anywhere            udp dpt:sunrpc
DROP       tcp  --  anywhere             anywhere            tcp dpt:auth
DROP       udp  --  anywhere             anywhere            udp dpt:auth
DROP       tcp  --  anywhere             anywhere            tcp dpts:epmap:netbios-ssn
DROP       udp  --  anywhere             anywhere            udp dpts:epmap:netbios-ssn
DROP       tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpt:microsoft-ds
DROP       tcp  --  anywhere             anywhere            tcp dpt:isakmp
DROP       udp  --  anywhere             anywhere            udp dpt:isakmp
DROP       tcp  --  anywhere             anywhere            tcp dpt:login
DROP       udp  --  anywhere             anywhere            udp dpt:who
DROP       tcp  --  anywhere             anywhere            tcp dpt:efs
DROP       udp  --  anywhere             anywhere            udp dpt:router
LOG        tcp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *TCP_IN Blocked* '
LOG        udp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *UDP_IN Blocked* '
LOG        icmp --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *ICMP_IN Blocked* '
DROP       all  --  anywhere             anywhere

Chain LOGDROPOUT (1 references)
target     prot opt source               destination
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *TCP_OUT Blocked* '
LOG        udp  --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *UDP_OUT Blocked* '
LOG        icmp --  anywhere             anywhere            limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *ICMP_OUT Blocked* '
DROP       all  --  anywhere             anywhere

答案1

根据快速提示,您的 DNS 提供商可能存在某种问题DNS 传播检查

我的建议是与您的提供商一起调查此问题并提交支持单。如果问题仍然存在,也许可以使用其他提供商进行调查(大多数域名注册商至少会为您提供基本的 DNS 功能)。

我说得太早了,似乎对于我自己的域,同一台服务器上的检查也失败了,所以 DNS 传播可能不是问题。

您能否检查 Web 服务器日志(您尚未提及正在使用哪个 Web 服务器)以验证连接是否已到达服务器?您也可以尝试使用 运行数据包捕获tcpdump,但您的 VPS 提供商可能禁止这样做。

从您的家庭网络 ping 您的 IP 是否可以工作(FWIW,我可以毫无问题地 ping IP,从英国来的响应时间一致,约为 130-140 毫秒)?

更多调试细节,看来端口 80 已关闭:

root@deploy-01:~# nmap -A dvdplaza.org

Starting Nmap 5.21 ( http://nmap.org ) at 2013-07-11 21:31 CEST
Nmap scan report for dvdplaza.org (193.37.152.191)
Host is up (0.011s latency).
rDNS record for 193.37.152.191: ip-191-152-37-193.static.contabo.net
Not shown: 969 filtered ports, 28 closed ports
PORT     STATE SERVICE VERSION
21/tcp   open  ftp     vsftpd 2.2.2
|_ftp-bounce: no banner
22/tcp   open  ssh     OpenSSH 5.3 (protocol 2.0)
9091/tcp open  http    Transmission BitTorrent management httpd (unauthorized)

您能验证一下您的 Web 服务器是否正在运行吗?试一试netstat -anp | grep 80(也可以尝试搜索“httpd”、“apache”)。

相关内容