本帖最后由 fems 于 2016-9-24 00:03 编辑
症状:最近收到客户反馈,iphone手机的app store打开后加载内容非常缓慢,根本正常无法下载app。
测试后发现,iphone的app store无法加载app描述的图片,无法升级app,MAC的app store无法加载描述图片,所有浏览器访问itunes商店网页版无法加载描述图片。
貌似根源在于,内网无法正常访问苹果的CDN图片服务器,但是都可以ping通。
测试网址:https://itunes.apple.com/cn/app/prisma-art-photo-editor-free/id1122649984?mt=8
测试图片地址1:http://a2.mzstatic.com/us/r30/Purple30/v4/01/13/15/01131587-20a1-f806-3f15-31c6174938ee/icon100x100.jpeg
测试图片地址2:http://a5.mzstatic.com/us/r30/Purple60/v4/eb/b4/14/ebb414a0-66ea-692e-68be-61dce95720c8/screen696x696.jpeg
ikuai版本:2.6.5 Build20160815-13_1
ISP:广东中国电信,两条商用光纤PPPOE,公网IP
该客户同城有两个不同地点的ikuai配置和外线ISP都一样,出现的问题也一样,出现频非常高,偶尔才会正常一次
问题已经持续超过一个星期,应该可以排除是apple的服务器问题(后面的单线直接拨号测试,也证实不是apple问题)
由于问题会出现在不同的电脑,不同的OS,不同的浏览器上,当然还有不同的iphone上,可以排除是本机配置问题
其它所有上网行为都不见异常:dizzy:
尝试过的步骤:
最近刚升级到2.6.5,貌似没有了之前升级后重新配置多线负载的提示,先尝试重新配置了多线负载,无效
停用多线负载,只用一条默认线路,无效
接着是DNS,原来是114.114.114.114,修改为运营商的DNS,无效
ikuai设置翻了半天,找到一个怀疑项,首页>>行为管理>网址浏览控制 >云安全 >危险访问 默认时启用的,禁用,无效
想修改ikuai PPPOE拨号的MTU值,没找到可以修改的地方,暂时搁置
ikuai拨号,ikuai的DNS设置为114.114.114.114,内网客户无法访问上述测试地址,但可以ping通
- ; <<>> DiG 9.8.3-P1 <<>> a2.mzstatic.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6872
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;a2.mzstatic.com. IN A
- ;; ANSWER SECTION:
- a2.mzstatic.com. 281 IN CNAME a2.mzstatic.itunes-apple.com.akadns.net.
- a2.mzstatic.itunes-apple.com.akadns.net. 22 IN CNAME a2-china.mzstatic.itunes-apple.com.akadns.net.
- a2-china.mzstatic.itunes-apple.com.akadns.net. 270 IN CNAME nkryoptw12ua07.mwcname.com.
- nkryoptw12ua07.mwcname.com. 204 IN CNAME apple.xdwscache.ourglb0.com.
- apple.xdwscache.ourglb0.com. 11 IN A 113.113.90.128
- apple.xdwscache.ourglb0.com. 11 IN A 113.113.90.127
- apple.xdwscache.ourglb0.com. 11 IN A 14.215.9.85
- ;; Query time: 42 msec
- ;; SERVER: 192.168.120.254#53(192.168.120.254)
- ;; WHEN: Sun Aug 21 20:39:05 2016
- ;; MSG SIZE rcvd: 274
复制代码- PING apple.xdwscache.ourglb0.com (14.215.9.85): 56 data bytes
- 64 bytes from 14.215.9.85: icmp_seq=0 ttl=55 time=60.429 ms
- 64 bytes from 14.215.9.85: icmp_seq=1 ttl=55 time=61.201 ms
- 64 bytes from 14.215.9.85: icmp_seq=2 ttl=55 time=64.157 ms
- 64 bytes from 14.215.9.85: icmp_seq=3 ttl=55 time=62.098 ms
- 64 bytes from 14.215.9.85: icmp_seq=4 ttl=55 time=62.113 ms
- ^C
- --- apple.xdwscache.ourglb0.com ping statistics ---
- 5 packets transmitted, 5 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 60.429/62.000/64.157/1.248 ms
- PING 113.113.90.127 (113.113.90.127): 56 data bytes
- 64 bytes from 113.113.90.127: icmp_seq=0 ttl=52 time=47.128 ms
- 64 bytes from 113.113.90.127: icmp_seq=1 ttl=52 time=48.393 ms
- 64 bytes from 113.113.90.127: icmp_seq=2 ttl=52 time=48.908 ms
- 64 bytes from 113.113.90.127: icmp_seq=3 ttl=52 time=45.832 ms
- ^C
- --- 113.113.90.127 ping statistics ---
- 4 packets transmitted, 4 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 45.832/47.565/48.908/1.192 ms
- PING 113.113.90.128 (113.113.90.128): 56 data bytes
- 64 bytes from 113.113.90.128: icmp_seq=0 ttl=52 time=17.578 ms
- 64 bytes from 113.113.90.128: icmp_seq=1 ttl=52 time=18.490 ms
- 64 bytes from 113.113.90.128: icmp_seq=2 ttl=52 time=19.073 ms
- 64 bytes from 113.113.90.128: icmp_seq=3 ttl=52 time=18.099 ms
- ^C
- --- 113.113.90.128 ping statistics ---
- 4 packets transmitted, 4 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 17.578/18.310/19.073/0.547 ms
复制代码
电脑直接拨号,DNS为114.114.114.114,正常访问上述测试地址
- ; <<>> DiG 9.8.3-P1 <<>> a2.mzstatic.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57887
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;a2.mzstatic.com. IN A
- ;; ANSWER SECTION:
- a2.mzstatic.com. 1995 IN CNAME a2.mzstatic.itunes-apple.com.akadns.net.
- a2.mzstatic.itunes-apple.com.akadns.net. 1256 IN CNAME a2-china.mzstatic.itunes-apple.com.akadns.net.
- a2-china.mzstatic.itunes-apple.com.akadns.net. 524 IN CNAME nkryoptw12ua07.mwcname.com.
- nkryoptw12ua07.mwcname.com. 1258 IN CNAME apple.xdwscache.ourglb0.com.
- apple.xdwscache.ourglb0.com. 35 IN A 113.113.90.127
- apple.xdwscache.ourglb0.com. 35 IN A 14.215.9.85
- apple.xdwscache.ourglb0.com. 35 IN A 113.113.90.128
- ;; Query time: 57 msec
- ;; SERVER: 114.114.114.114#53(114.114.114.114)
- ;; WHEN: Sun Aug 21 20:44:22 2016
- ;; MSG SIZE rcvd: 232
复制代码- PING 14.215.9.85 (14.215.9.85): 56 data bytes
- 64 bytes from 14.215.9.85: icmp_seq=0 ttl=57 time=15.182 ms
- 64 bytes from 14.215.9.85: icmp_seq=1 ttl=57 time=16.349 ms
- 64 bytes from 14.215.9.85: icmp_seq=2 ttl=57 time=15.395 ms
- 64 bytes from 14.215.9.85: icmp_seq=3 ttl=57 time=15.081 ms
- ^C
- --- 14.215.9.85 ping statistics ---
- 4 packets transmitted, 4 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 15.081/15.502/16.349/0.502 ms
- PING 113.113.90.127 (113.113.90.127): 56 data bytes
- 64 bytes from 113.113.90.127: icmp_seq=0 ttl=54 time=15.330 ms
- 64 bytes from 113.113.90.127: icmp_seq=1 ttl=54 time=14.668 ms
- 64 bytes from 113.113.90.127: icmp_seq=2 ttl=54 time=14.924 ms
- 64 bytes from 113.113.90.127: icmp_seq=3 ttl=54 time=14.290 ms
- ^C
- --- 113.113.90.127 ping statistics ---
- 4 packets transmitted, 4 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 14.290/14.803/15.330/0.379 ms
- nb-ben-macbookpro:~ benjamin$ ping 113.113.90.128
- PING 113.113.90.128 (113.113.90.128): 56 data bytes
- 64 bytes from 113.113.90.128: icmp_seq=0 ttl=54 time=10.111 ms
- 64 bytes from 113.113.90.128: icmp_seq=1 ttl=54 time=9.158 ms
- 64 bytes from 113.113.90.128: icmp_seq=2 ttl=54 time=12.153 ms
- 64 bytes from 113.113.90.128: icmp_seq=3 ttl=54 time=9.459 ms
- 64 bytes from 113.113.90.128: icmp_seq=4 ttl=54 time=9.514 ms
- ^C
- --- 113.113.90.128 ping statistics ---
- 5 packets transmitted, 5 packets received, 0.0% packet loss
- round-trip min/avg/max/stddev = 9.158/10.079/12.153/1.082 ms
- nb-ben-macbookpro:~ benjamin$ ping 14.215.9.85
复制代码
BTW:有个诡异的地方,电脑直接拨号时,DNS设置为运营商自动时
今天先从客户那回来了,求建议
:dizzy:
目前还有修改本机MTU值没有测试
-----------------------------------------------
20160924更新:重新更换DNS后暂时正常,观察一段时间
|