Nginx client timed out while SSL handshaking 问题

2018/03/16 13:29:25 [info] 24306#24306: *3 client timed out (110: Connection timed out) while SSL handshaking, client: x.x.x.x, server: 0.0.0.0:443 

在 nginx 的错误日志里看到这个报错，奇怪的是 nginx 的 log level 显示这是个 [info] 级别的。按理说这应该是一个 [error]。 然而我在某些 IP 下无法访问网站，我用代理就能连上，但是在多数网络下测试直连是可以连上的。 我测试过应该和后端无关，即使只是静态页面也是这样。

nginx 的 ssl 配置：

server { listen *:443 ssl http2; listen [::]:443 ssl http2; server_name xxx.com; ssl on; ssl_certificate /ssl/letsencrypt/chained.pem; ssl_certificate_key /ssl/letsencrypt/domain.key; ssl_dhparam /ssl/letsencrypt/dhparams.pem; ssl_trusted_certificate /ssl/letsencrypt/full_chained.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; ssl_session_cache shared:SSL:50m; ssl_session_timeout 1d; ssl_session_tickets off; ssl_prefer_server_ciphers on; # ssl_stapling on; # ssl_stapling_verify on; } 

后来即使我只保留

 ssl_certificate /ssl/letsencrypt/chained.pem; ssl_certificate_key /ssl/letsencrypt/domain.key; 

这几个必要配置也不行 证书是 letsencrypt 的证书，服务器上有多个 https 站点

求从报错分析可能出现这个异常的原因，或者提供一些 debug 排错的思路，谢谢