用Ping返回的IP地址无法访问网页

1. Ping百度得到IP地址不能访问

1.1 问题描述

用Ping获取域名对应的IP地址(值得注意的是,ping baidu.com得到的IP地址不一样),

$ ping baidu.com

Pinging baidu.com [110.242.68.66] with 32 bytes of data:
Reply from 110.242.68.66: bytes=32 time=63ms TTL=50
Reply from 110.242.68.66: bytes=32 time=84ms TTL=50
Reply from 110.242.68.66: bytes=32 time=49ms TTL=50
Reply from 110.242.68.66: bytes=32 time=50ms TTL=50

Ping statistics for 110.242.68.66:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 84ms, Average = 61ms


$ ping baidu.com

Pinging baidu.com [39.156.66.10] with 32 bytes of data:
Reply from 39.156.66.10: bytes=32 time=41ms TTL=49
Reply from 39.156.66.10: bytes=32 time=40ms TTL=49
Reply from 39.156.66.10: bytes=32 time=41ms TTL=49
Reply from 39.156.66.10: bytes=32 time=41ms TTL=49

Ping statistics for 39.156.66.10:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 41ms, Average = 40ms

然而,在浏览器输入得到的IP地址,却不能访问网页,

image-20230323172434822

ping www.baidu.com得到IP地址14.215.177.38,却可以通过IP地址访问到网页。然而,ping www.baidu.com得到IP地址会变,14.119.104.189就不能访问。

$ ping www.baidu.com

Pinging www.a.shifen.com [14.215.177.38] with 32 bytes of data:
Reply from 14.215.177.38: bytes=32 time=24ms TTL=54
Reply from 14.215.177.38: bytes=32 time=65ms TTL=54
Reply from 14.215.177.38: bytes=32 time=50ms TTL=54
Reply from 14.215.177.38: bytes=32 time=55ms TTL=54

Ping statistics for 14.215.177.38:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 65ms, Average = 48ms


root@ubuntu:~# ping www.baidu.com
PING www.a.shifen.com (14.119.104.189) 56(84) bytes of data.
64 字节,来自 14.119.104.189 (14.119.104.189): icmp_seq=1 ttl=52 时间=7.16 毫秒
64 字节,来自 14.119.104.189 (14.119.104.189): icmp_seq=2 ttl=52 时间=7.16 毫秒

1.2 可能原因:使用CDN

CDN(Content Delivery Network,内容分发网络)

(1)如何判断一个网站是否使用了CDN

nslookup查询如果返回多个IP地址,通常是使用了CDN;如果只返回一个IP地址,则没有使用CDN。

root@ubuntu:~# nslookup baidu.com ns3.baidu.com
Server:         ns3.baidu.com
Address:        112.80.248.64#53

Name:   baidu.com
Address: 39.156.66.10
Name:   baidu.com
Address: 110.242.68.66

root@ubuntu:~# nslookup suqiankun.com quince.dnspod.net
Server:         quince.dnspod.net
Address:        112.80.181.111#53

Name:   suqiankun.com
Address: 120.79.30.6

得到CDN的IP地址,但一个CDN服务器的公网ip可能对应于多个域名网站,CDN服务器不知道该返回哪个网站内容,索性拒绝访问。

www.baidu.com

www.baidu.com使用CNAME记录映射到www.a.shifen.com

root@ubuntu:~# nslookup www.baidu.com ns3.baidu.com
Server:         ns3.baidu.com
Address:        112.80.248.64#53

www.baidu.com   canonical name = www.a.shifen.com.

www.a.shifen.com映射到www.wshifen.comwww.wshifen.com解析到的IP地址为103.235.46.40

root@ubuntu:~# dig @8.8.8.8 www.a.shifen.com

; <<>> DiG 9.16.1-Ubuntu <<>> @8.8.8.8 www.a.shifen.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10312
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.a.shifen.com.              IN      A

;; ANSWER SECTION:
www.a.shifen.com.       7       IN      CNAME   www.wshifen.com.
www.wshifen.com.        300     IN      A       103.235.46.40

总结起来,域名解析关系如下:

NAME                    TYPE   VALUE
--------------------------------------------------
www.baidu.com.            CNAME    www.a.shifen.com.
www.a.shifen.com.        CNAME    www.wshifen.com.
www.wshifen.com.        A        103.235.46.40

2. 多个站点对应于同一个IP

一个IP是可以绑定多个域名的,应用场景:购买一台服务器,服务器挂着很多个网站,叫虚拟主机。以Apache网页服务器为例,在/etc/apache2/sites-available/*.conf配置文件进行如下配置:

<VirtualHost *:80>
Servername yaohao.cc
ServerAlias www.yaohao.cc
DocumentRoot /var/www/yaohao.cc
</VirtualHost>


<VirtualHost *:80>
Servername dianyao.co
ServerAlias www.dianyao.co
DocumentRoot /var/www/dianyao.co
</VirtualHost>

(1)IP地址访问哪个网站

配置文件中的第一个?

(2)禁止使用IP地址访问网站

Apache默认是允许使用服务器的IP地址访问网站。通过在/etc/apache2/sites-available/*.conf文件添加下列内容(xx.xx.xx.xx为服务器的IP地址):

<VirtualHost *:80>
  ServerName xx.xx.xx.xx
  <Location />
    Order Allow,Deny
    Deny from all
  </Location>
</VirtualHost>

修改完后配置,让其生效,

sudo a2ensite others.conf
sudo /etc/init.d/apache2 reload

3. 另一个例子

再举一个例子,ping csdn.net返回IP地址为120.46.209.149

image-20230323172746699

本文系Spark & Shine原创,转载需注明出处本文最近一次修改时间 2023-04-04 23:31

results matching ""

    No results matching ""