IP not receiving http replies from d.o.

Which Drupal version is your site running? We've had to ban a few IPs ran amok. Can't check atm if your's is among them.

@1.kenthomas:

There's already code in update_status to check if your site can't connect to a given server and bail out with an error if so. See #243253: Update status module can cause white screen if the check for updates takes too long. Can you try testing the latest 5.x-2.x-dev release of update_status and see if that's working properly on your site?

Thanks!
-Derek

Hi,

Can you send a traceroute to drupal.org? Also, can you add 140.211.166.61 to /etc/hosts on one of the computer as updates.drupal.org and see if that resolves the issue (note that is NOT a solution, but will tell us what's happening).

-N

Can you do the same traceroute to 140.211.166.61? Your netblock doesn't appear in our firewall rules.

fine from here (NYC) on 2009-08-14 -0400 ... but updates.drupal.org is resolving to 140.211.166.6
Traceroute to (140.211.166.6)
1 * (10.32.183.1) 22 ms 22 ms 20 ms
2 P10-0.NYCMNY-LCR-05.verizon-gni.net (130.81.135.212) 22 ms 22 ms 24 ms
3 so-5-1-3-0.NY325-BB-RTR2.verizon-gni.net (130.81.29.204) 24 ms 46 ms 24 ms
4 0.so-3-2-0.XL4.NYC4.ALTER.NET (152.63.9.249) 24 ms 24 ms 24 ms
5 0.xe-4-3-0.BR2.NYC4.ALTER.NET (152.63.3.118) 70 ms 24 ms 24 ms
6 * (204.255.173.54) 24 ms 30 ms 24 ms
7 vlan52.ebr2.NewYork2.Level3.net (4.69.138.254) 24 ms 38 ms 30 ms
8 ae-2-2.ebr1.Chicago1.Level3.net (4.69.132.65) 60 ms 50 ms 54 ms
9 ae-6.ebr1.Chicago2.Level3.net (4.69.140.190) 50 ms 58 ms 56 ms
10 ae-3.ebr2.Denver1.Level3.net (4.69.132.61) 76 ms 88 ms 88 ms
11 ae-2.ebr2.Seattle1.Level3.net (4.69.132.53) 156 ms 114 ms 108 ms
12 ge-11-0.hsa2.Seattle1.Level3.net (4.68.105.39) 112 ms 112 ms 114 ms
13 unknown.Level3.net (63.211.200.246) 116 ms 116 ms 116 ms
14 corv-car1-gw.nero.net (207.98.64.177) 118 ms 118 ms 118 ms
15 master.drupal.org (140.211.166.6) 118 ms 118 ms 118 ms

trace directly to 140.211.166.61 seems fine from here too

Traceroute to (140.211.166.61)
1 * (10.32.183.1) 22 ms 22 ms 22 ms
2 P10-0.NYCMNY-LCR-05.verizon-gni.net (130.81.135.212) 22 ms 22 ms 22 ms
3 so-5-1-3-0.NY325-BB-RTR2.verizon-gni.net (130.81.29.204) 24 ms 24 ms 24 ms
4 0.so-4-3-0.XL4.NYC4.ALTER.NET (152.63.10.29) 24 ms 24 ms 24 ms
5 0.xe-3-3-0.BR2.NYC4.ALTER.NET (152.63.3.122) 24 ms 26 ms 42 ms
6 * (4.68.110.105) 24 ms 24 ms 24 ms
7 vlan52.ebr2.NewYork2.Level3.net (4.69.138.254) 24 ms 24 ms 24 ms
8 ae-2-2.ebr1.Chicago1.Level3.net (4.69.132.65) 64 ms 60 ms 54 ms
9 ae-6.ebr1.Chicago2.Level3.net (4.69.140.190) 48 ms 50 ms 50 ms
10 ae-3.ebr2.Denver1.Level3.net (4.69.132.61) 106 ms 112 ms 114 ms
11 ae-2.ebr2.Seattle1.Level3.net (4.69.132.53) 108 ms 112 ms 108 ms
12 ge-11-0.hsa2.Seattle1.Level3.net (4.68.105.39) 112 ms 114 ms 112 ms
13 unknown.Level3.net (63.211.200.246) 118 ms 116 ms 116 ms
14 corv-car1-gw.nero.net (207.98.64.177) 118 ms 118 ms 118 ms
15 www1.drupal.org (140.211.166.61) 112 ms 114 ms 114 ms

@kazar: how many people are sitting behind that IP and accessing drupal.org? we on occassion block IPs that have too many open connections.

@ gerhard [ http://drupal.org/comment/reply/538496/1923542#comment-1923542 ] just to clarify, i am having no trouble completing a traceroute from my IP. There's just a few of us on a LAN behind a dynamic public IP supplied by verizon.

so you are not actually having troubles?

No, its Kent who is having the troubles.

Kent, could you re-run those traceroutes with -I, we have another client with this issue now and are trying to figure out why some people cannot get to the load balancer.

Hi,

We have been having the same problem as described here for a couple of weeks. We have about 50 Drupal 6.x installations running on a multi-site setup. We are hosted at Rackspace and they are telling us that is appears that our IP (74.205.80.130) has been blocked from accessing drupal.org. (We also have a few stand-alone Drupal installations that are not part of the multi-site setup but are on the same server. Those aren't getting updates either.)

What can we do to fix this? Our company relies on Drupal and keeping our modules up to date is very important to us.

Thanks very much.

-- Quinn

I recall blocking an IP from rackspace, yes.

The problem with these IPs are that they seem to open a lot more connections to drupal.org than neccessary for a simple check of updates.

The problem is in our code and fixed in the most recent Drupal 6 releases. So the question is: do you run that release? If not, please update.

Thanks very much for your reply. Our multi-site installation is running 6.13. We also have a 7.0-dev test sites and it is failing to get updates as well. Can you please check to see if our Rackspace IP has been blocked, and if so, what can we do about it?

Are you sure that you run 6.13 and not only applied the security patches?

If you are, I'll just unblock the IP.

If you have cron set up for all 50 domains please consider to spread the cron calls a bit so that not all domains requests update info at the same time. That way I'll not be tempted to block the IP again. :p

Killes,

Just to be sure, I've just installed a brand-new copy of Drupal 6.13 and it is not getting updates at our IP either. Our IP is, again, 74.205.80.130.

We are spreading our cron jobs out so they do not all hit at once.

Can you please unblock us? We'd be eternally grateful. ;-)

Whether you can access the drupal.org IP or not does of course not depend on the Drupal version, this is a setting on our servers.

I've removed the ban, please see if it works.

Thanks but it is still not working. I'm getting "Unable to fetch any information about available new releases and updates." :(

Any other ideas? Can you check if we are really unbanned?

Yeah, sorry, instead of removing the ban, I added more of them. Try again. If it still does not work, send a traceroute.

Hey it's working now! Sweet! Thank you SO MUCH.

What type of box is this server? I keep looking for a box I can get a shell account on with this problem. Is that at all possible so I can run timed trace routes and see where its failing?

-N

Nevermind, I think I found you in iptables finally. Give it a shot now. (and if it works, please confirm that your running a recent version of drupal so that the updates bug that causes this issue is fixed :) )

All the bans are manual, so as long as your not in iptables anywhere you should be fine. Are all the sites under the ip block you already listed and which ones are now having trouble?

(we are enacting changes that make these sort of bans not necessary)

sorry for the OT help request, but how does one STOP tracking an issue? i'm used to bugzilla, can't figure it out here. thanks!

Hi,

I'm running my site in OVH, in a shared server where there should be a couple hundreds more (at least) Drupal installs.

Since September 4th, my site is no longer able to speak with the update server (and at least, I am running 6.13).

My site's IP address should be: 213.186.33.2

Thanks in advance for any info about this.

João Ventura

Addendum: As of September 15, it's working perfectly again.

Hello

I'm runing drupal 6.14 with multiple domain.
I've got the folowing isue : Failed to fetch available update data (See atached image)

a traceroute from my ips 87.98.133.226 and 94.23.42.114 give me this result:

# traceroute updates.drupal.org
traceroute to updates.drupal.org (140.211.166.6), 30 hops max, 40 byte packets
1 94.23.42.254 (94.23.42.254) 0.360 ms * *
2 20g.ldn-1-6k.routers.chtix.eu (94.23.122.65) 3.885 ms 4.008 ms 4.059 ms
3 30g.gblx-3.ldn.routers.ovh.net (94.23.122.126) 3.866 ms 3.972 ms 4.022 ms
4 level3-2.ar2.LON3.gblx.net (208.50.13.194) 4.013 ms 4.001 ms 4.018 ms
5 ae-34-52.ebr2.London1.Level3.net (4.69.139.97) 4.653 ms 4.650 ms 4.630 ms
6 ae-42-42.ebr1.NewYork1.Level3.net (4.69.137.70) 80.941 ms 80.461 ms ae-43-43.ebr1.NewYork1.Level3.net (4.69.137.74) 80.416 ms
7 ae-3-3.ebr4.Washington1.Level3.net (4.69.132.93) 80.200 ms 80.127 ms 80.115 ms
8 ae-74-74.csw2.Washington1.Level3.net (4.69.134.182) 84.109 ms 84.103 ms ae-84-84.csw3.Washington1.Level3.net (4.69.134.186) 79.284 ms
9 ae-92-92.ebr2.Washington1.Level3.net (4.69.134.157) 78.577 ms 77.750 ms ae-62-62.ebr2.Washington1.Level3.net (4.69.134.145) 77.941 ms
10 ae-2-2.ebr2.Chicago2.Level3.net (4.69.132.69) 102.831 ms 102.566 ms 102.566 ms
11 ae-1-100.ebr1.Chicago2.Level3.net (4.69.132.113) 102.529 ms 102.817 ms 102.606 ms
12 ae-3.ebr2.Denver1.Level3.net (4.69.132.61) 130.292 ms 129.640 ms 129.154 ms
13 ae-2.ebr2.Seattle1.Level3.net (4.69.132.53) 164.834 ms 164.834 ms 182.945 ms
14 ge-11-0.hsa2.Seattle1.Level3.net (4.68.105.39) 163.414 ms 178.825 ms 164.007 ms
15 unknown.Level3.net (63.211.200.246) 166.521 ms 166.956 ms 167.288 ms
16 corv-car1-gw.nero.net (207.98.64.177) 168.762 ms 183.595 ms 168.452 ms
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

until tooday i was runing a cron evry 15 minutes on all my domains. I understand now it could be too mutch for updates.drupal.org.

Is my IPS black listed ?

If it's the case thanks to removing the ban.

Hi,

I was not able to find the first IP but did find the 94.23.* in the FW rules and removed it. Thanks for upgrading and let me know if that fixes your issue.

-N

Thank you for you help.
My issue is now fixed, i can now see all aviable updates.

But traceroute continue to give me the same result and stop on corv-car1-gw.nero.net

I've try a traceroute on some differents address and if some reach the goal (google.com google.fr) , most dont (bing.com lycos.fr yahoo.com drupal.com or free.fr dont)

I will now contact my hosting suport to inform it.

Try an icmp trace route. Many border routers including ours block normal traces.

I've contact my hosting suport and they tell me they have diabled the tracert function to avoid abuse.

And when i try tracroute -I, i've got this message too : The specified type of tracerouting is allowed for superuser only.

@ponsich If you don't have superuser to do an ICMP traceroute, you can't really trust the response. Traceroute is tool to diagnose issue, but is in no way the be all or end all. These days it can be extremely inaccurate. For now I'm closing this issue as fixed.

I have not been issuing bans for updates, not. But you maybe still blocked. I thought your issue was resolved though, maybe I just forgot about it :). Whats the IP of the block?

I believe that my live IP address is also banned from receiving updates from drupal.org.

I have been having this problem for sometime now on my site and I discovered that when I created a new site on a separate sub domain and from a different code base that I have the problem there as well.

IP is 67.227.184.63

Sorry if I have posted to the wrong forum I could not really find an applicable forum.