在 Centos 7 上,Yum 访问 packages.microsoft.com 失败

tag-icon tag-icon ssl centos7 openssl yum repository
在 Centos 7 上,Yum 访问 packages.microsoft.com 失败

可以说我是 Centos 新手。我们的区域希望使用 packages.microsoft.com 作为存储库。我们已经打开了 packages.microsoft.com 的防火墙。Tracepath 没有问题,但当我们这样做时yum update它仍然失败。我尝试openssl对 packages.microsoft.com 进行操作,但只是连接,它没有获得证书。

有人遇到过类似的问题吗?或者有人知道如何解决吗?

错误如下:

[root@abcde01 network-scripts]# yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.gbnetwork.com
 * extras: mirrors.gbnetwork.com
 * updates: mirrors.gbnetwork.com
base                                                                                    | 3.6 kB  00:00:00
extras                                                                                  | 2.9 kB  00:00:00
https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: [Errno 12] Timeout on https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: (28, 'Operation timed out after 30001 milliseconds with 0 out of 0 bytes received')
Trying other mirror.
https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: [Errno 12] Timeout on https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: (28, 'Operation timed out after 30001 milliseconds with 0 out of 0 bytes received')
Trying other mirror.
https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: [Errno 12] Timeout on https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: (28, 'Operation timed out after 30001 milliseconds with 0 out of 0 bytes received')
Trying other mirror.
https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: [Errno 12] Timeout on https://packages.microsoft.com/centos/7/prod/repodata/repomd.xml: (28, 'Operation timed out after 30001 milliseconds with 0 out of 0 bytes received')
Trying other mirror.

[root@abcde01 network-scripts]# openssl s_client -connect packages.microsoft.com:443
CONNECTED(00000003)



[root@ieleaisiq01 network-scripts]# curl -vk https://packages.microsoft.com
* About to connect() to packages.microsoft.com port 443 (#0)
*   Trying 52.230.121.169...
* Connected to packages.microsoft.com (52.230.121.169) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb

添加更多细节:

我们必须确保向 packages.microsoft.com 使用的所有 CDn IP 地址开放。当我们执行 tracepath 时,它已经公开了:

[root@abcde01]# tracepath packages.microsoft.com -p 443
 1?: [LOCALHOST]                                         pmtu 1500
 1:  gateway                                               0.166ms asymm 64
 1:  gateway                                               0.080ms asymm 64
 2:  100.64.96.0                                           0.171ms
 3:  10.1.22.2                                             0.518ms
 4:  10.1.22.9                                             0.496ms
 5:  10.1.22.17                                            0.561ms
 6:  10.1.22.17                                            0.554ms pmtu 1476
 6:  192.168.1.99                                         20.473ms
 7:  10.1.22.41                                           20.216ms
 8:  203.115.193.250                                      23.265ms
 9:  cbj-br1.arc.net.my                                   17.568ms
10:  203.115.224.98                                       23.552ms
11:  microsoft-1.myix.my                                  23.661ms
12:  ae28-0.icr02.kul01.ntwk.msn.net                      38.018ms
13:  be-102-0.ibr01.kul01.ntwk.msn.net                    28.477ms asymm 17
14:  be-7-0.ibr02.sg3.ntwk.msn.net                        29.007ms asymm 16
15:  ae102-0.icr02.sg3.ntwk.msn.net                       28.548ms
16:  no reply
17:  no reply
18:  no reply
^C

感谢您的帮助。

谢谢。

答案1

We have open the firewall to the packages.microsoft.com

这可能就是你出错的地方。

当在防火墙规则中使用主机名时,通常它会受到添加规则时主机名解析的(单个)IP 地址的影响。

与许多下载网站一样,该网站 packages.microsoft.com似乎是负载平衡的和/或使用 CDN 或类似的东西,并且不绑定到单个 IP 地址。

当您的 yum 尝试连接到 packages.microsoft.com; 它很可能会解析为与防火墙中解析和使用的 IP 地址不同的 IP 地址,并且连接将被阻止。

相关内容