首先,我对 VPS 这个东西还很陌生,我在 contabo.com 上有一个 Centos VPS。
我设置了一个网络服务器并开始托管一个网站。
我也尝试使用 bind 设置 dns 服务器,但无法使其工作,所以我使用了 freedns.afraid.org。
我可以通过 dsl 家用电脑访问该网站和 vps ip,但当我尝试使用我的 4G 平板电脑访问该网站时,却找不到该网站。
因此我做了一些测试,并发现从某些点无法访问它,您可以在此处检查:
watchmouse.com
并输入我的域名 dvdplaza.org 或 ip 193.37.152.191
必须位置给出 100% 的数据包错误。
无论是 ping VPS IP 还是 ping 域(dvdplaza.org),都会丢失数据包。
downforeveryoneorjustme.com/dvdplaza.org
这是 VPS 提供商的问题吗?
这是我的服务器配置的问题吗?
这是 freedns.afraid.org 的问题吗?
我询问了 vps 提供商,他们说他们会检查一下,但情况仍然一样。
你能访问我的网站吗?(请回答,仅用于检查)
有人可以帮我调试一下吗?
谢谢。
编辑:我在同一个 VPS 上也有一个 postfix+dovecot 邮件服务器,入站和出站邮件发送都没有错误。MX mail.dvdplaza.org
ACCEPT tcp -- anywhere google-public-dns-b.google.com tcp spt:domain
ACCEPT udp -- anywhere google-public-dns-b.google.com udp spt:domain
ACCEPT tcp -- anywhere google-public-dns-a.google.com tcp dpt:domain
ACCEPT udp -- anywhere google-public-dns-a.google.com udp dpt:domain
ACCEPT tcp -- anywhere google-public-dns-a.google.com tcp spt:domain
ACCEPT udp -- anywhere google-public-dns-a.google.com udp spt:domain
LOCALOUTPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp spt:domain
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT all -- anywhere anywhere
INVALID tcp -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:tcpmux:65535
ACCEPT udp -- anywhere anywhere state NEW udp dpts:tcpmux:65535
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
LOGDROPOUT all -- anywhere anywhere
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- bd650748.virtua.com.br anywhere
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere bd650748.virtua.com.br
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 177.3.146.160 anywhere
DROP all -- 193.227.34.49 anywhere
DROP all -- dhcp-089-099-208-212.chello.nl anywhere
DROP all -- 14.63.224.220 anywhere
DROP all -- 220.182.3.163 anywhere
DROP all -- 110.172.52.34 anywhere
DROP all -- 28.114.191.90.dyn.estpak.ee anywhere
DROP all -- 219.144.17.74 anywhere
DROP all -- 192.151.145.42 anywhere
DROP all -- rrcs-70-60-185-231.central.biz.rr.com anywhere
DROP all -- 201-69-30-191.dial-up.telesp.net.br anywhere
DROP all -- 117.79.148.54 anywhere
DROP all -- 162-17-233-89-static.hfc.comcastbusiness.net anywhere
DROP all -- mx.busap.com anywhere
DROP all -- 101.162.176.243 anywhere
DROP all -- CPE-121-216-59-226.lnse1.ken.bigpond.net.au anywhere
DROP all -- c-97f670d5.03-77-67626721.cust.bredbandsbolaget.se anywhere
DROP all -- 189-30-99-230.ccoce700.dsl.brasiltelecom.net.br anywhere
DROP all -- 177.125.246.32 anywhere
DROP all -- 187-123-108-35.cpeoco.viaembratel.net.br anywhere
DROP all -- b3d86532.virtua.com.br anywhere
DROP all -- 5.199.133.110 anywhere
DROP all -- 220.178.18.67 anywhere
DROP all -- 1112.globatel.ru anywhere
DROP all -- ip187-86-17-197.anid.com.br anywhere
DROP all -- crawl-66-249-78-47.googlebot.com anywhere
DROP all -- 61.155.177.58 anywhere
DROP all -- 219.138.203.198 anywhere
DROP all -- bb27efd9.virtua.com.br anywhere
DROP all -- mx.iniap.gob.ec anywhere
DROP all -- 95.141.28.77 anywhere
DROP all -- 94.156.12.144 anywhere
DROP all -- 114.80.224.90 anywhere
DROP all -- 88-190-35-168.rev.dedibox.fr anywhere
DROP all -- 200-153-231-253.dsl.telesp.net.br anywhere
DROP all -- host162-198-static.205-37-b.business.telecomitalia.it anywhere
DROP all -- 183.203.16.231 anywhere
DROP all -- host01.dbxmedia.com anywhere
DROP all -- bade8fd6.virtua.com.br anywhere
DROP all -- 80.87.72.10 anywhere
DROP all -- 2.25.198.76 anywhere
DROP all -- gateway.vikingserv.net anywhere
DROP all -- 253.233.15.37.dynamic.jazztel.es anywhere
DROP all -- 061093207014.ctinets.com anywhere
DROP all -- 200.195.70.4 anywhere
Chain DENYOUT (1 references)
target prot opt source destination
DROP all -- anywhere 177.3.146.160
DROP all -- anywhere 193.227.34.49
DROP all -- anywhere dhcp-089-099-208-212.chello.nl
DROP all -- anywhere 14.63.224.220
DROP all -- anywhere 220.182.3.163
DROP all -- anywhere 110.172.52.34
DROP all -- anywhere 28.114.191.90.dyn.estpak.ee
DROP all -- anywhere 219.144.17.74
DROP all -- anywhere 192.151.145.42
DROP all -- anywhere rrcs-70-60-185-231.central.biz.rr.com
DROP all -- anywhere 201-69-30-191.dial-up.telesp.net.br
DROP all -- anywhere 117.79.148.54
DROP all -- anywhere 162-17-233-89-static.hfc.comcastbusiness.net
DROP all -- anywhere mx.busap.com
DROP all -- anywhere 101.162.176.243
DROP all -- anywhere CPE-121-216-59-226.lnse1.ken.bigpond.net.au
DROP all -- anywhere c-97f670d5.03-77-67626721.cust.bredbandsbolaget.se
DROP all -- anywhere 189-30-99-230.ccoce700.dsl.brasiltelecom.net.br
DROP all -- anywhere 177.125.246.32
DROP all -- anywhere 187-123-108-35.cpeoco.viaembratel.net.br
DROP all -- anywhere b3d86532.virtua.com.br
DROP all -- anywhere 5.199.133.110
DROP all -- anywhere 220.178.18.67
DROP all -- anywhere 1112.globatel.ru
DROP all -- anywhere ip187-86-17-197.anid.com.br
DROP all -- anywhere crawl-66-249-78-47.googlebot.com
DROP all -- anywhere 61.155.177.58
DROP all -- anywhere 219.138.203.198
DROP all -- anywhere bb27efd9.virtua.com.br
DROP all -- anywhere mx.iniap.gob.ec
DROP all -- anywhere 95.141.28.77
DROP all -- anywhere 94.156.12.144
DROP all -- anywhere 114.80.224.90
DROP all -- anywhere 88-190-35-168.rev.dedibox.fr
DROP all -- anywhere 200-153-231-253.dsl.telesp.net.br
DROP all -- anywhere host162-198-static.205-37-b.business.telecomitalia.it
DROP all -- anywhere 183.203.16.231
DROP all -- anywhere host01.dbxmedia.com
DROP all -- anywhere bade8fd6.virtua.com.br
DROP all -- anywhere 80.87.72.10
DROP all -- anywhere 061093207014.ctinets.com
DROP all -- anywhere 200.195.70.4
Chain INVALID (2 references)
target prot opt source destination
INVDROP all -- anywhere anywhere state INVALID
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
INVDROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
INVDROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH
INVDROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
INVDROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- anywhere anywhere
DENYIN all -- anywhere anywhere
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- anywhere anywhere
DENYOUT all -- anywhere anywhere
Chain LOGDROPIN (1 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:bootps
DROP udp -- anywhere anywhere udp dpt:bootps
DROP tcp -- anywhere anywhere tcp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP tcp -- anywhere anywhere tcp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP tcp -- anywhere anywhere tcp dpt:auth
DROP udp -- anywhere anywhere udp dpt:auth
DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn
DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:isakmp
DROP udp -- anywhere anywhere udp dpt:isakmp
DROP tcp -- anywhere anywhere tcp dpt:login
DROP udp -- anywhere anywhere udp dpt:who
DROP tcp -- anywhere anywhere tcp dpt:efs
DROP udp -- anywhere anywhere udp dpt:router
LOG tcp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *TCP_IN Blocked* '
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *UDP_IN Blocked* '
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *ICMP_IN Blocked* '
DROP all -- anywhere anywhere
Chain LOGDROPOUT (1 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *TCP_OUT Blocked* '
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *UDP_OUT Blocked* '
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *ICMP_OUT Blocked* '
DROP all -- anywhere anywhere
答案1
根据快速提示,您的 DNS 提供商可能存在某种问题DNS 传播检查。
我的建议是与您的提供商一起调查此问题并提交支持单。如果问题仍然存在,也许可以使用其他提供商进行调查(大多数域名注册商至少会为您提供基本的 DNS 功能)。
我说得太早了,似乎对于我自己的域,同一台服务器上的检查也失败了,所以 DNS 传播可能不是问题。
您能否检查 Web 服务器日志(您尚未提及正在使用哪个 Web 服务器)以验证连接是否已到达服务器?您也可以尝试使用 运行数据包捕获tcpdump,但您的 VPS 提供商可能禁止这样做。
从您的家庭网络 ping 您的 IP 是否可以工作(FWIW,我可以毫无问题地 ping IP,从英国来的响应时间一致,约为 130-140 毫秒)?
更多调试细节,看来端口 80 已关闭:
root@deploy-01:~# nmap -A dvdplaza.org
Starting Nmap 5.21 ( http://nmap.org ) at 2013-07-11 21:31 CEST
Nmap scan report for dvdplaza.org (193.37.152.191)
Host is up (0.011s latency).
rDNS record for 193.37.152.191: ip-191-152-37-193.static.contabo.net
Not shown: 969 filtered ports, 28 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.2.2
|_ftp-bounce: no banner
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
9091/tcp open http Transmission BitTorrent management httpd (unauthorized)
您能验证一下您的 Web 服务器是否正在运行吗?试一试netstat -anp | grep 80(也可以尝试搜索“httpd”、“apache”)。