|
Grex > Agora > #4: Grex System Problems - Fall 2015/Winter 2016 | |
|
| Author |
Message |
| 25 new of 223 responses total. |
cross
|
|
response 117 of 223:
| 
Jun 12 14:04 UTC 2017 |
resp:114 I'm seeing that, too.
|
tod
|
|
response 118 of 223:
|
Jun 12 15:50 UTC 2017 |
Does "fixseen" or "fix" repair it per cf?
|
cross
|
|
response 119 of 223:
|
Jun 12 16:15 UTC 2017 |
Not really.
I'm not sure what's up with it; I rather suspect a bug in backtalk.
|
telnetuserid
|
|
response 120 of 223:
|
Jun 12 19:24 UTC 2017 |
I can't resolve reddit.com and news.ycombinator.com dns address.
Is this a temporary error or intended behavior?
|
cross
|
|
response 121 of 223:
|
Jun 12 20:12 UTC 2017 |
Certainly not intended. I just checked and both resolved for me....
|
kentn
|
|
response 122 of 223:
|
Jun 12 20:44 UTC 2017 |
reddit.com didn't resolve for me from lynx. But yahoo.com did.
Maybe it was a slight internet glitch.
|
cross
|
|
response 123 of 223:
|
Jun 12 20:45 UTC 2017 |
Didn't resolve or didn't connect?
|
kentn
|
|
response 124 of 223:
|
Jun 12 21:07 UTC 2017 |
"Unable to connect to remote host"
|
cross
|
|
response 125 of 223:
|
Jun 13 04:06 UTC 2017 |
That's rather different. :-)
|
kentn
|
|
response 126 of 223:
|
Jun 13 11:54 UTC 2017 |
It does resolve okay, then just doesn't connect. I don't
use reddit.com anyway, so it doesn't bother me. Other sites
do connect.
|
cross
|
|
response 127 of 223:
|
Jun 13 15:13 UTC 2017 |
Weird. Observe:
: grex; host reddit.com
reddit.com has address 151.101.65.140
reddit.com has address 151.101.193.140
reddit.com has address 151.101.129.140
reddit.com has address 151.101.1.140
reddit.com mail is handled by 1 aspmx.l.google.com.
reddit.com mail is handled by 10 aspmx2.googlemail.com.
reddit.com mail is handled by 10 aspmx3.googlemail.com.
reddit.com mail is handled by 5 alt1.aspmx.l.google.com.
reddit.com mail is handled by 5 alt2.aspmx.l.google.com.
: grex; ping reddit.com
ping: no address associated with name
: grex; ping 151.101.65.140
PING 151.101.65.140 (151.101.65.140): 56 data bytes
64 bytes from 151.101.65.140: icmp_seq=0 ttl=56 time=26.270 ms
64 bytes from 151.101.65.140: icmp_seq=1 ttl=56 time=26.722 ms
64 bytes from 151.101.65.140: icmp_seq=2 ttl=56 time=26.755 ms
^C
--- 151.101.65.140 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 26.270/26.582/26.755/0.221 ms
: grex;
I cn't see any rational reason why ping would complain about
address translation for reddit.com. But wait:
: grex; host -v reddit.com
Trying "reddit.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63255
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;reddit.com. IN A
;; ANSWER SECTION:
reddit.com. 101 IN A 151.101.65.140
reddit.com. 101 IN A 151.101.129.140
reddit.com. 101 IN A 151.101.1.140
reddit.com. 101 IN A 151.101.193.140
Received 92 bytes from 8.8.8.8#53 in 41 ms
Trying "reddit.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;reddit.com. IN AAAA
;; AUTHORITY SECTION:
reddit.com. 466 IN SOA ns-557.awsdns-05.net.
awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Received 109 bytes from 8.8.8.8#53 in 38 ms
Trying "reddit.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23449
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;reddit.com. IN MX
;; ANSWER SECTION:
reddit.com. 71 IN MX 1 aspmx.l.google.com.
reddit.com. 71 IN MX 10 aspmx2.googlemail.com.
reddit.com. 71 IN MX 10 aspmx3.googlemail.com.
reddit.com. 71 IN MX 5 alt1.aspmx.l.google.com.
reddit.com. 71 IN MX 5 alt2.aspmx.l.google.com.
Received 158 bytes from 8.8.8.8#53 in 41 ms
: grex;
Meanwhile,
: grex; dig reddit.com
; <<>> DiG 9.4.2-P2 <<>> reddit.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;reddit.com. IN A
;; Query time: 40 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 13 11:10:15 2017
;; MSG SIZE rcvd: 28
: grex;
So it would seem that unbound running on Grex isn't happy returning
results for reddit.com. Weird.
|
papa
|
|
response 128 of 223:
|
Jun 13 22:59 UTC 2017 |
bash is my default shell and in my .bashrc I add the directories ~/man and
~/share/man to my MANPATH variable. If I echo $MANPATH, the tilda in the paths
is correctly expanded to /p/a/papa, but if I run man or apropos for an unknown
command, the error message indicates the programs are searching my old home
directory /u/p/a/papa.
|
kentn
|
|
response 129 of 223:
|
Jun 14 01:20 UTC 2017 |
Re: 127, thanks. Yeah it was a bit weird.
|
cross
|
|
response 130 of 223:
|
Jun 14 02:40 UTC 2017 |
resp:128 That's actually correct. /p is a symbolic link to /u/p (don't
ask why...filesystem limitations). So /p/a/papa is /u/p/a/papa; the
error message must expand out the readlink() results into the pathname
(or rather, the commands that generate the error message do that).
|
papa
|
|
response 131 of 223:
|
Jun 14 11:55 UTC 2017 |
OK. No worries then.
|
kentn
|
|
response 132 of 223:
|
Jun 15 00:41 UTC 2017 |
It's almost like having two home directories, but not.
|
telnetuserid
|
|
response 133 of 223:
|
Jun 20 15:48 UTC 2017 |
Regarding local dns resolution for reddit.com, it seems that
grex local dns doesn't cache reddit.com address.
Resolving through google dns works fine.
Does grex local dns server resolve the name through upstream
resolver or recursively querying root servers?
|
telnetuserid
|
|
response 134 of 223:
|
Jun 20 16:03 UTC 2017 |
After viewing /etc/resolv.conf and /var/unbound/etc/unbound.conf
it seems that grex uses both local resolver and google dns servers.
I suggest removing google dns entries in /etc/resolv.conf and enabling
dns forwarding in the unbound.conf
forward-zone:
name: "."
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
forward-first: yes
Enabling forward-zone should give better dns resolving capability
in the applications and makes better unbound dns caching for
subsequents dns lookup.
|
cross
|
|
response 135 of 223:
|
Jun 20 21:04 UTC 2017 |
That sounds like a reasonable approach; I'll go ahead and implement it.
|
cross
|
|
response 136 of 223:
|
Jun 20 21:07 UTC 2017 |
Setting unbound to forward to the Google DNS servers seems to work.
Given that name servers in /etc/resolv.conf are checked in order, I
don't see a reason to remove 8.8.8.8 or 8.8.4.4; if unbound ever
crashes for whatever peculiar reason, they'll continue to work.
|
jandal
|
|
response 137 of 223:
|
Jun 20 22:09 UTC 2017 |
|
jandal
|
|
response 138 of 223:
|
Jun 20 22:15 UTC 2017 |
I am unable to send mail to grex.
----- Transcript of session follows -----
... while talking to grex.org.:
>>> DATA
<<< 554 5.7.1 Service unavailable; Client host [205.166.94.20] blocked
using multi.uribl.com; 127.0.0.1 -> Query Refused.
See http://uribl.com/refused.shtml for more information
[Your DNS IP: 173.194.94.133]
554 5.0.0 Service unavailable
<<< 554 5.5.1 Error: no valid recipients
Reading the referred page, I see:
> If an email you sent bounced, and included a link to this page, then
> it was rejected because the receiver has not implemented URIBL lookups
> correctly.
Please note that I don't use grex as my mail mailserver; however this
still seems like a system problem that should be reported.
|
jandal
|
|
response 139 of 223:
|
Jun 20 22:18 UTC 2017 |
PS. Further, I read on the above-mentioned page:
> Possibly changing your nameservers from a public dns provider (ie
> opendns/google) to your local ISP may solve it.
Is this issue a result of the recent DNS changes discussed above?
|
telnetuserid
|
|
response 140 of 223:
|
Jun 21 01:40 UTC 2017 |
The downside of using dns forwarding to public dns server
is uribl will prevent sending mails to grex.
There is an alternative to solve the issue. Instead of
using dns forwarding, add an updated root-hint file so
that the dns resolver will query root-servers and prevent
dns blacklisting on grex.
Unbound has built-in root-hint, but it's often outdated.
The updated root-hint file can be obtained from
https://www.iana.org/domains/root/files
The unbound.conf needs to be updated to include
root-hints: /path/to/updated/root-hint
|
cross
|
|
response 141 of 223:
|
Jun 21 14:02 UTC 2017 |
Perhaps I'm missing something, but it seems like not forwarding to the public
servers puts us back into the same boat with e.g. reddit that we made this
change to get out of in the first place. Am I missing something here?
|