我们遇到了无法从GCP网络内部访问客户域的问题。例如,当我卷曲域时在本地:
curl -vi [DOMAIN]
* Rebuilt URL to: [DOMAIN]/
* Trying 209.170.221.54...
* TCP_NODELAY set
* Connected to [DOMAIN] (209.170.221.54) port 80 (#0)
> GET / HTTP/1.1
> Host: [DOMAIN]
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Location: [DOMAIN]
Location: [DOMAIN]
< Connection: close
并重定向到https受保护的站点。也可以直接进入https域。
然后在GCP中我们得到:
curl -vi [DOMAIN]
* Rebuilt URL to: [DOMAIN]/
* Hostname was NOT found in DNS cache
* Trying 209.170.221.54...
* connect to 209.170.221.54 port 80 failed: Connection timed out
* Failed to connect to [DOMAIN] port 80: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to [DOMAIN] port 80: Connection timed out
好像GCP可能阻止了到该IP的连接?有趣的是:
客户端名称服务器由Google拥有:NS-CLOUD-C1.GOOGLEDOMAINS.COM 而且,从其他云提供商(Digital Ocean和AWS)连接到该站点也没有问题。