|
现在的环境是:
阿里云ecs,两个网卡,一个主网卡一个辅助网卡,各有一个IP,都可以使用squid的代理.
现在辅助网卡又增加了一个弹性IP,绑定ecs成功,能ping通能SSH,
但是这个IP不可以使用squid,其他的两个IP都可以正常使用.请问是什么问题?
172.18.202.98和172.18.202.96都是正常使用的,
只有172.18.202.102这个不能使用
[ol]http_port 3030cache deny allhierarchy_stoplist cgi-bin ?cache_log /var/log/squid/cache.logaccess_log /var/log/squid/access.log# access_log none# cache_store_log none# cache_log /dev/nullrefresh_pattern ^ftp: 1440 20% 10080refresh_pattern ^gopher: 1440 0% 1440refresh_pattern -i (/cgi-bin/|\?) 0 0% 0refresh_pattern . 0 20% 4320acl localhost src 127.0.0.1/32 ::1acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1acl localnet src 172.18.0.0/16http_access allow localnetacl source_172_18_202_102 src 172.18.202.102/32http_access allow source_172_18_202_102acl SSL_ports port 1-65535acl Safe_ports port 1-65535acl CONNECT method CONNECTacl siteblacklist dstdomain "/etc/squid/blacklist.acl"http_access allow manager localhosthttp_access deny managerhttp_access deny !Safe_portshttp_access deny CONNECT !SSL_portshttp_access deny siteblacklistauth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwdauth_param basic children 5auth_param basic realm Squid proxy-caching web serverauth_param basic credentialsttl 2 hoursacl password proxy_auth REQUIREDhttp_access allow localhosthttp_access allow passwordhttp_access deny allforwarded_for offrequest_header_access Allow allow allrequest_header_access Authorization allow allrequest_header_access WWW-Authenticate allow allrequest_header_access Proxy-Authorization allow allrequest_header_access Proxy-Authenticate allow allrequest_header_access Cache-Control allow allrequest_header_access Content-Encoding allow allrequest_header_access Content-Length allow allrequest_header_access Content-Type allow allrequest_header_access Date allow allrequest_header_access Expires allow allrequest_header_access Host allow allrequest_header_access If-Modified-Since allow allrequest_header_access Last-Modified allow allrequest_header_access Location allow allrequest_header_access Pragma allow allrequest_header_access Accept allow allrequest_header_access Accept-Charset allow allrequest_header_access Accept-Encoding allow allrequest_header_access Accept-Language allow allrequest_header_access Content-Language allow allrequest_header_access Mime-Version allow allrequest_header_access Retry-After allow allrequest_header_access Title allow allrequest_header_access Connection allow allrequest_header_access Proxy-Connection allow allrequest_header_access User-Agent allow allrequest_header_access Cookie allow allrequest_header_access All deny allacl proxy_ip_172_18_202_96 myip 172.18.202.96tcp_outgoing_address 172.18.202.96 proxy_ip_172_18_202_96acl proxy_ip_172_18_202_98 myip 172.18.202.98tcp_outgoing_address 172.18.202.98 proxy_ip_172_18_202_98acl proxy_ip_172_18_202_102 myip 172.18.202.102tcp_outgoing_address 172.18.202.102 proxy_ip_172_18_202_102[/ol]复制代码
这是配置文件的内容,前两个没问题,只有172.18.202.102这个不能使用
路由表:
[ol]ip route showdefault via 172.18.207.253 dev eth1 proto staticdefault via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200[/ol]复制代码
ip addr show
[ol]ip route showdefault via 172.18.207.253 dev eth1 proto staticdefault via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200root@iZwz96t5lrt7slg2n3cqctZ:~# ^Croot@iZwz96t5lrt7slg2n3cqctZ:~# ip addr show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0:
mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:16:3e:0c:36:4c brd ff:ff:ff:ff:ff:ff inet 172.18.202.96/20 metric 100 brd 172.18.207.255 scope global dynamic eth0 valid_lft 315358791sec preferred_lft 315358791sec inet6 fe80::216:3eff:fe0c:364c/64 scope link valid_lft forever preferred_lft forever3: eth1:
mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:16:3e:20:d9:28 brd ff:ff:ff:ff:ff:ff inet 172.18.202.98/20 metric 200 brd 172.18.207.255 scope global dynamic eth1 valid_lft 315358791sec preferred_lft 315358791sec inet 172.18.202.102/20 brd 172.18.207.255 scope global secondary eth1 valid_lft forever preferred_lft forever inet6 fe80::216:3eff:fe20:d928/64 scope link valid_lft forever preferred_lft forever[/ol]复制代码
大佬们帮帮我,解决给两包华子,我去吃个宵夜,回来回复 |
|