同樣的阿里云環(huán)境的兩臺(tái)服務(wù)器
A:
[root@izwz93tphuqvc71uly4gr2F ~]# wget https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
--2018-03-13 16:18:43-- https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
Resolving jingyan.baidu.com (jingyan.baidu.com)... 220.181.164.104, 106.39.162.97
Connecting to jingyan.baidu.com (jingyan.baidu.com)|220.181.164.104|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘7908e85c725159af481ad2f7.html’
[ <=> ] 109,472 680KB/s in 0.2s
2018-03-13 16:18:43 (680 KB/s) - ‘7908e85c725159af481ad2f7.html’ saved [109472]
B:
[root@AY140220152843902sdg46ZsG ~]# wget https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
--2018-03-13 16:24:01-- https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
Resolving jingyan.baidu.com... 220.181.164.104, 106.39.162.97
Connecting to jingyan.baidu.com|220.181.164.104|:443... failed: Connection timed out.
Connecting to jingyan.baidu.com|106.39.162.97|:443... failed: Connection timed out.
Retrying.
--2018-03-13 16:26:08-- (try: 2) https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
Connecting to jingyan.baidu.com|220.181.164.104|:443... failed: Connection timed out.
Connecting to jingyan.baidu.com|106.39.162.97|:443... failed: Connection timed out.
Retrying.
--2018-03-13 16:28:16-- (try: 3) https://jingyan.baidu.com/article/7908e85c725159af481ad2f7.html
Connecting to jingyan.baidu.com|220.181.164.104|:443... failed: Connection timed out.
Connecting to jingyan.baidu.com|106.39.162.97|:443...
簡(jiǎn)而言之就是�����,凡需要請(qǐng)求443,就會(huì)出現(xiàn)問(wèn)題����。
請(qǐng)求例如wget http://www.acfun.cn是順利執(zhí)行的。
于是我查了一下B的openssl
[root@AY140220152843902sdg46ZsG ~]# openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Wed Mar 22 21:43:28 UTC 2017
雖然版本很久��,但是根據(jù)built on來(lái)看�����,是有更新的吧�。
順便附上iptables,我唯一能想到可能關(guān)聯(lián)的���。
[root@AY140220152843902d46Z ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere state NEW,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:domain state ESTABLISHED
ACCEPT udp -- anywhere anywhere udp spt:domain state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:webcache state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:http state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:urd state ESTABLISHED
ACCEPT udp -- anywhere anywhere udp spt:ntp state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW,RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:mysql state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW,RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:https state
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:webcache state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:urd state NEW,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpt:ntp state NEW,ESTABLISHED
