@coolmint @stimw 嗯，谢谢了，我去问问身边有没有人用这个。至于重不重的，反正我就那么一会，比起重，热可能更让人担心一些，偏偏我还比较喜欢用 70200，要么就是索性电脑不背了，放单位，平常背着之前的单肩包通勤，包里装个 70200 装个 35 的标头。家里那个 15.6 的 mbp 拿起来再用，如果有必要的话……

@discrete 样子是漂亮，就是我同事那个隔断起毛让吐槽了蛮久，感觉两千多有点不匹配。

@israinbow https://www.bilibili.com/video/BV1mM4y1u7Pq 注意看 1 分 40 秒开始，正式版要是这玩意也砍了那只能说 MS 实在是超出了我想象的脑残。

@stimw 嗯，这是个可能。我再去搜搜相关信息，看看外网上有没有人提这个问题，谢谢了。

@mxT52CRuqR6o5 谢谢，我再去搜搜看。

@yimity 为啥是用户的错？

@mxT52CRuqR6o5 没有，就一个，我甚至都没有换过线。

@doveyoung 嗯，顺着您的思路，我查看了下 mtu 和相关的设置，都是正常的，包括使用 netstat -s |grep reject 查看了下，发现因为时间戳拒绝的包很多。
最终发现了问题的原因：之前这个 nginx 服务器上多绑定了一个 18 段的 IP，然后更改了网络环境后，这个网卡的配置却一直没有被删除，所以就是您说的 nginx 服务器找不到正确的路径回复给客户端，导致了握手失败。
删除这个 ip 配置后，一切正常了。
谢谢您了！

@doveyoung 嗯，谢谢了，我再想想看。

@NUT 谢谢您，我测试了，是通的。

@doveyoung
谢谢您，1 、虚拟机上用 curl -v，结果就是
Trying xxx.xxx.xxx.xxx:443 ....
TCP_NODELAY SET
然后等一会就超时了，提示 Closing connection 0……

2 和 3 、客户端虚拟机上（ 18.200 ）使用 curl 发送 get 请求，输出情况是这样：
tcpdump -n port 443 -i ens192 and host 192.168.16.218 -vv
tcpdump: listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes
15:52:24.481160 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.16.218.https > 192.168.18.200.41034: Flags [S.], cksum 0x3dcd (correct), seq 3835702915, ack 1032333183, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:52:24.481209 IP (tos 0x0, ttl 64, id 9141, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:25.482070 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.16.218.https > 192.168.18.200.41034: Flags [S.], cksum 0x9963 (correct), seq 3851342334, ack 1032333183, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:52:25.482136 IP (tos 0x0, ttl 64, id 9552, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:27.485907 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.16.218.https > 192.168.18.200.41034: Flags [S.], cksum 0xc9fe (correct), seq 3882655621, ack 1032333183, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:52:27.485972 IP (tos 0x0, ttl 64, id 10776, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:31.489995 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.16.218.https > 192.168.18.200.41034: Flags [S.], cksum 0x1633 (correct), seq 3945222038, ack 1032333183, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:52:31.490057 IP (tos 0x0, ttl 64, id 13410, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:39.505889 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.16.218.https > 192.168.18.200.41034: Flags [S.], cksum 0xcf03 (correct), seq 4070477646, ack 1032333183, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:52:39.505945 IP (tos 0x0, ttl 64, id 19809, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
然后 nginx 上（ 16.218 ）使用 tcpdump 监听到的日志是这样：
tcpdump: listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes
15:52:25.568684 IP (tos 0x0, ttl 63, id 6305, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:25.569331 IP (tos 0x0, ttl 63, id 9141, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:26.569602 IP (tos 0x0, ttl 63, id 6306, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:26.570270 IP (tos 0x0, ttl 63, id 9552, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:28.573661 IP (tos 0x0, ttl 63, id 6307, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:28.574321 IP (tos 0x0, ttl 63, id 10776, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:32.577927 IP (tos 0x0, ttl 63, id 6308, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:32.578604 IP (tos 0x0, ttl 63, id 13410, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:40.594269 IP (tos 0x0, ttl 63, id 6309, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:40.594906 IP (tos 0x0, ttl 63, id 19809, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:52:56.643423 IP (tos 0x0, ttl 63, id 6310, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:52:56.644167 IP (tos 0x0, ttl 63, id 33143, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0
15:53:28.709344 IP (tos 0x0, ttl 63, id 6311, offset 0, flags [DF], proto TCP (6), length 52)
192.168.18.200.41034 > 192.168.16.218.https: Flags [S], cksum 0x513e (correct), seq 1032333182, win 29200, options [mss 1400,nop,nop,sackOK,nop,wscale 7], length 0
15:53:28.709799 IP (tos 0x0, ttl 63, id 48301, offset 0, flags [DF], proto TCP (6), length 40)
192.168.18.200.41034 > 192.168.16.218.https: Flags [R], cksum 0x03e1 (correct), seq 1032333183, win 0, length 0

以上都是用域名请求的，客户端能解析到实际的内网 IP 且服务端能监听到请求，我认为网络层是通的，现在就是没有发送到 nginx 里。

使用 curl 对 IP 请求是这样请求的： https://IP:port/assets，可以正常得到返回信息。
另外就是 /proc/sys/net/ipv4/tcp_tw_recycle 这个值是 0

嗯，谢谢大家，我这会再去试试看。

@fangMu 试过了，不行

@seers 也不行，只要关闭 ssl on，就无法成功握手了。

@jjeyz 看 access_log 是这样:
192.168.20.252 - - [14/Oct/2020:10:55:39 +0800] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x89%\x07\xE2\xA9\x05\x8B\xF5\x98\x1A\xBCz\xEDs\x13T\x07m\xF1\xF17\xA5\xBB\x1C\xECo0G\x05G\x94q h\xA8\xDF>U^\xD0\x86\xBA\xA8\xF6\x022\x84x\xCBc1\x19\x07\xCB\x9B\xA5\xC5\x22OE\xD0-.\xF9l\x00\x22" 400 157 "-" "-" "-"
192.168.20.252 - - [14/Oct/2020:10:55:39 +0800] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x8E\x04\x12\xD2\x9D\x5Cmjz\xF6u\x85\x03\xCD\xB1\xC6\xF8#\xA5\xE4d\xD24\x91\x05t\xC9\x03\xEE\xD9/\xE8 h\xA8\xDF>U^\xD0\x86\xBA\xA8\xF6\x022\x84x\xCBc1\x19\x07\xCB\x9B\xA5\xC5\x22OE\xD0-.\xF9l\x00\x22\x8A\x8A\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x00" 400 157 "-" "-" "-"
192.168.20.252 - - [14/Oct/2020:10:55:40 +0800] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x15jBHy{\x03" 400 157 "-" "-" "-"

看错误信息是这样：
2020/10/14 01:13:08 [debug] 28989#0: epoll: fd:14 ev:2001 d:00007F1D66D6F2E1
2020/10/14 01:13:08 [debug] 28989#0: *103 http check ssl handshake
2020/10/14 01:13:08 [debug] 28989#0: *103 http recv(): 0
2020/10/14 01:13:08 [info] 28989#0: *103 client closed connection while SSL handshaking, client: 192.168.20.252, server: 0.0.0.0:80
2020/10/14 01:13:08 [debug] 28989#0: *103 close http connection: 14
2020/10/14 01:13:08 [debug] 28989#0: *103 event timer del: 14: 28423684
2020/10/14 01:13:08 [debug] 28989#0: *103 reusable connection: 0
2020/10/14 01:13:08 [debug] 28989#0: *103 free: 000055CC9FDA3450, unused: 232
2020/10/14 01:13:08 [debug] 28989#0: timer delta: 0
2020/10/14 01:13:08 [debug] 28989#0: worker cycle
2020/10/14 01:13:08 [debug] 28989#0: epoll timer: -1
2020/10/14 01:14:01 [debug] 28987#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28988#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28991#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28990#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28984#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28985#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28987#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28988#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28983#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28991#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28990#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28992#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28984#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28985#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28983#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28992#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28986#0: epoll: fd:7 ev:0001 d:00007F1D66D6F100
2020/10/14 01:14:01 [debug] 28991#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28990#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28986#0: accept on 0.0.0.0:80, ready: 0
2020/10/14 01:14:01 [debug] 28984#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28983#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28987#0: posix_memalign: 000055CC9FDA3450:512 @16
2020/10/14 01:14:01 [debug] 28988#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28991#0: timer delta: 53074
2020/10/14 01:14:01 [debug] 28985#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28992#0: accept() not ready (11: Resource temporarily unavailable)
2020/10/14 01:14:01 [debug] 28990#0: timer delta: 53074
2020/10/14 01:14:01 [debug] 28984#0: timer delta: 53074
2020/10/14 01:14:01 [debug] 28983#0: timer delta: 53074
2020/10/14 01:14:01 [debug] 28987#0: *104 accept: 192.168.20.252:25694 fd:20
2020/10/14 01:14:01 [debug] 28986#0: accept() not ready (11: Resource temporarily unavailable)

@zpfhbyx 嗯，谢谢了

@laoyur 谢谢了，就是这个问题，这么设置了之后好了。
@WebKit
@nonduality

@laoyur
@daozhihun
嗯，谢谢，我试下看

现在最好的是 xps17

如题，还是这个东西现在不起作用了？

那天拆开清灰换硅脂，发现电池有点鼓包了，买了一套电池换上，然后索性升级到了 10.15.6，居然……好了？

@charlie0129 这位大佬能不能给点详细的指导？

@ruidoBlanco 现在办公没办法啊

@ruidoBlanco 应该不是，二十多年老修电脑的了，这个小玩意还不在话下。