GCP无法解析客户端域

时间:2018-09-07 14:56:41

标签: curl dns google-cloud-platform firewall google-kubernetes-engine

我们遇到了无法从GCP网络内部访问客户域的问题。例如,当我卷曲域时在本地:

curl -vi [DOMAIN]
* Rebuilt URL to: [DOMAIN]/
*   Trying 209.170.221.54...
* TCP_NODELAY set
* Connected to [DOMAIN] (209.170.221.54) port 80 (#0)
> GET / HTTP/1.1
> Host: [DOMAIN]
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Location: [DOMAIN]
Location: [DOMAIN]
< Connection: close

并重定向到https受保护的站点。也可以直接进入https域。

然后在GCP中我们得到:

curl -vi [DOMAIN]
* Rebuilt URL to: [DOMAIN]/
* Hostname was NOT found in DNS cache
*   Trying 209.170.221.54...
* connect to 209.170.221.54 port 80 failed: Connection timed out
* Failed to connect to [DOMAIN] port 80: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to [DOMAIN] port 80: Connection timed out

好像GCP可能阻止了到该IP的连接?有趣的是:

客户端名称服务器由Google拥有:NS-CLOUD-C1.GOOGLEDOMAINS.COM 而且,从其他云提供商(Digital Ocean和AWS)连接到该站点也没有问题。

0 个答案:

没有答案