无法访问私有IP上可访问的nginx,但不能访问公共IP

时间:2016-07-08 16:13:56

标签: azure curl nginx terraform

我使用terraform创建资源,我在子网172.1.0.0中有一个节点,没有为该节点分配安全组或规则;节点有两个端点22和80.

我使用nmap确认端口是打开的,它们是:

nmap -Pn -sT -p T:11 some-ingress.cloudapp.net

Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-08 19:02 EAT
Nmap scan report for some-ingress.cloudapp.net (1.2.3.4
Host is up (0.31s latency).
PORT   STATE SERVICE
22/tcp open  ssh

Nmap done: 1 IP address (1 host up) scanned in 1.34 seconds


nmap -Pn -sT -p T:80 some-ingress.cloudapp.net

Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-08 19:02 EAT
Nmap scan report for some-ingress.cloudapp.net (1.2.3.4)
Host is up (0.036s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds

我已在节点上安装了nginx,并且正在运行curl 172.1.0.4curl 127.0.0.1,而curl 0.0.0.0会为我提供默认的nginx页面。

然而,curl <public ip>curl <dns name>正在运行,我得到了

curl: (56) Recv failure: Connection reset by peer

我的iptables规则是:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootpc
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:bootps
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination  

为什么我不能在节点的公共IP上访问nginx?

节点位于虚拟网络172.1.0.0/16中,子网172.1.0.0/24我可以根据需要发布地形配置。

0 个答案:

没有答案