阿里云ecs,两个网卡,一个主网卡一个辅助网卡,各有一个IP,都可以使用squid的代理.
现在辅助网卡又增加了一个弹性IP,绑定ecs成功,能ping通能SSH,
但是这个IP不可以使用squid,其他的两个IP都可以正常使用.请问是什么问题?
172.18.202.98和172.18.202.96都是正常使用的,
只有172.18.202.102这个不能使用
[ol]http_port 3030
cache deny all
hierarchy_stoplist cgi-bin ?
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log
# access_log none
# cache_store_log none
# cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 172.18.0.0/16
http_access allow localnet
acl source_172_18_202_102 src 172.18.202.102/32
http_access allow source_172_18_202_102
acl SSL_ports port 1-65535
acl Safe_ports port 1-65535
acl CONNECT method CONNECT
acl siteblacklist dstdomain "/etc/squid/blacklist.acl"
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny siteblacklist
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow localhost
http_access allow password
http_access deny all
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
acl proxy_ip_172_18_202_96 myip 172.18.202.96
tcp_outgoing_address 172.18.202.96 proxy_ip_172_18_202_96
acl proxy_ip_172_18_202_98 myip 172.18.202.98
tcp_outgoing_address 172.18.202.98 proxy_ip_172_18_202_98
acl proxy_ip_172_18_202_102 myip 172.18.202.102
tcp_outgoing_address 172.18.202.102 proxy_ip_172_18_202_102[/ol]复制代码
这是配置文件的内容,前两个没问题,只有172.18.202.102这个不能使用
路由表:
[ol]ip route show
default via 172.18.207.253 dev eth1 proto static
default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
[/ol]复制代码
ip addr show
[ol]ip route show
default via 172.18.207.253 dev eth1 proto static
default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
root@iZwz96t5lrt7slg2n3cqctZ:~# ^C
root@iZwz96t5lrt7slg2n3cqctZ:~# ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:16:3e:0c:36:4c brd ff:ff:ff:ff:ff:ff
inet 172.18.202.96/20 metric 100 brd 172.18.207.255 scope global dynamic eth0
valid_lft 315358791sec preferred_lft 315358791sec
inet6 fe80::216:3eff:fe0c:364c/64 scope link
valid_lft forever preferred_lft forever
3: eth1:
mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:16:3e:20:d9:28 brd ff:ff:ff:ff:ff:ff
inet 172.18.202.98/20 metric 200 brd 172.18.207.255 scope global dynamic eth1
valid_lft 315358791sec preferred_lft 315358791sec
inet 172.18.202.102/20 brd 172.18.207.255 scope global secondary eth1
valid_lft forever preferred_lft forever
inet6 fe80::216:3eff:fe20:d928/64 scope link
valid_lft forever preferred_lft forever
[/ol]复制代码
大佬们帮帮我,解决给两包华子,我去吃个宵夜,回来回复
