For details, see https://bugzilla.opensuse.org/show_bug.cgi?id=1217148
Since yesterday I can't access download.opensuse.org and they say it's not their problem
- Thread starter tonymec
- Start date
Code:
curl -I https://download.opensuse.org
HTTP/2 200
date: Wed, 15 Nov 2023 16:26:33 GMT
server: Mojolicious (Perl)
cache-control: public, max-age=300
content-length: 9042
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
Code:
curl -I https://download.opensuse.org
Last edited:
linux-tuxedo:~ # curl -I https://download.opensuse.org
curl: (28) Failed to connect to download.opensuse.org port 443 after 134438 ms: Couldn't connect to server
linux-tuxedo:~ #
curl: (28) Failed to connect to download.opensuse.org port 443 after 134438 ms: Couldn't connect to server
linux-tuxedo:~ #
Last edited:
Some other roundabout possible issues.
- If you're on a privacy vpn, (PIA, NordVPN, etc) you may want to disable it. Many times VPNs get blocked by websites due to people using them to attack their website anonymously.
- I have little to no experience with zypper. Does it have any tools like yum to rebuild cache and other data? If so, I would try it.
- Possible it's configured to use a proxy and the proxy has an issue?
By default, zypper checks every repository for "need to update" and if appropriate fetches its metadata and rebuilds its cache; but for that, of course, it needs to be able to access the remote repositories, which at the moment it isn't.
I can also do "zypper refresh" but here at the moment that too times out for each repository one after the other, which means that it takes an awfully long time. Normally such a refresh is only required after manually editing the files /etc/zypp/repos.d/*.repo, which contain the repository descriptions used by both zypper and yast.
Until yesterday morning I had no problem updating the system and AFAIK I changed nothing since then: the software update just started failing as if the download.opensuse.org remote repositories (but not those at Packman) had suddenly been taken offline.
How do I check for those "privacy vpn"s you mentioned? Would "rpm -qa |grep 'pia\|vpn' " list them if present?
Best regards,
Tony.
I can also do "zypper refresh" but here at the moment that too times out for each repository one after the other, which means that it takes an awfully long time. Normally such a refresh is only required after manually editing the files /etc/zypp/repos.d/*.repo, which contain the repository descriptions used by both zypper and yast.
Until yesterday morning I had no problem updating the system and AFAIK I changed nothing since then: the software update just started failing as if the download.opensuse.org remote repositories (but not those at Packman) had suddenly been taken offline.
How do I check for those "privacy vpn"s you mentioned? Would "rpm -qa |grep 'pia\|vpn' " list them if present?
Best regards,
Tony.
If you can't connect to the webserver where the repo is hosted you won't be able to install packages or update your system. Are you able to access that url from your mobile phone using 4G and your home wireless network?
P.P.S. Here is the output of that RPM command; IIUC the "pia" hits are false positives, the "vpn" ones I don't know:
linux-tuxedo:~ # rpm -qa |grep 'pia\|vpn'
NetworkManager-vpnc-gnome-1.2.8-2.2.x86_64
vpnc-0.5.3r550-3.17.x86_64
NetworkManager-openvpn-gnome-1.10.2-1.4.x86_64
plasma-nm5-openvpn-5.27.9-1.1.x86_64
plasma-nm5-vpnc-5.27.9-1.1.x86_64
texlive-piano-2023.209.1.0svn21574-52.2.noarch
NetworkManager-vpnc-lang-1.2.8-2.2.noarch
NetworkManager-vpnc-1.2.8-2.2.x86_64
NetworkManager-openvpn-1.10.2-1.4.x86_64
openvpn-2.6.6-1.1.x86_64
yast2-vpn-5.0.0-1.1.noarch
NetworkManager-openvpn-lang-1.10.2-1.4.noarch
texlive-piano-doc-2023.209.1.0svn21574-52.2.noarch
libxapian30-1.4.21-1.4.x86_64
texlive-principia-doc-2023.209.1.3svn58927-53.1.noarch
texlive-utopia-2023.209.svn15878-54.1.noarch
texlive-principia-2023.209.1.3svn58927-53.1.noarch
texlive-utopia-doc-2023.209.svn15878-54.1.noarch
texlive-utopia-fonts-2023.209.svn15878-54.1.noarch
linux-tuxedo:~ #
Best regards,
Tony.
linux-tuxedo:~ # rpm -qa |grep 'pia\|vpn'
NetworkManager-vpnc-gnome-1.2.8-2.2.x86_64
vpnc-0.5.3r550-3.17.x86_64
NetworkManager-openvpn-gnome-1.10.2-1.4.x86_64
plasma-nm5-openvpn-5.27.9-1.1.x86_64
plasma-nm5-vpnc-5.27.9-1.1.x86_64
texlive-piano-2023.209.1.0svn21574-52.2.noarch
NetworkManager-vpnc-lang-1.2.8-2.2.noarch
NetworkManager-vpnc-1.2.8-2.2.x86_64
NetworkManager-openvpn-1.10.2-1.4.x86_64
openvpn-2.6.6-1.1.x86_64
yast2-vpn-5.0.0-1.1.noarch
NetworkManager-openvpn-lang-1.10.2-1.4.noarch
texlive-piano-doc-2023.209.1.0svn21574-52.2.noarch
libxapian30-1.4.21-1.4.x86_64
texlive-principia-doc-2023.209.1.3svn58927-53.1.noarch
texlive-utopia-2023.209.svn15878-54.1.noarch
texlive-principia-2023.209.1.3svn58927-53.1.noarch
texlive-utopia-doc-2023.209.svn15878-54.1.noarch
texlive-utopia-fonts-2023.209.svn15878-54.1.noarch
linux-tuxedo:~ #
Best regards,
Tony.
My only mobile phone is a dumb Nokia, it has no Internet access; and my fibre modem is connected to my desktop computer via an "ethernet cable" — it may have wifi capability but I never used it and I forgot any password it may have had. So the answer is: no because I don't have the technology.
Best regards,
Tony.
That makes it hard to troubleshoot because those were ways to test if the problem is your isp connection or that the problem is with your installation. Did you recently update your system?
On openSUSE Tumbleweed (the "rolling release"), a system update arrives up to once or twice per 24 hours, or sometimes less often; and a reboot may or may not be required afterwards (it is required if there is a new version of the kernel, and in some other cases). My current system is datestamped 20231110, as can be seen from the login prompt on the text-type Linux consoles (Ctrl-Alt-F1 etc.). That was several days before it started failing.
Today I phoned Customer Service at my ISP, they tested the line and tele-installed a modem software upgrade (which took ¼ h, and my computer spontaneously halted or at least went to sleep when they started) then they told me my Internet was "operational".
Best regards,
Tony.
I know how rolling distributions work.
That doesn't mean much, it could be that they are blocking downloads.opensuse.org on your ISP connection. Since you don't have any other devices to connect to 4G or to your home wireless we can't test either. Can you access google.com from Tumbleweed install?
Code:
curl -I https://google.com
Code:
ip routelinux-tuxedo:~ # curl -i https://google.com
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-tT2ESPz0Caanu61m7cq78Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
date: Wed, 15 Nov 2023 21:36:38 GMT
expires: Wed, 15 Nov 2023 21:36:38 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+097; expires=Fri, 14-Nov-2025 21:36:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
linux-tuxedo:~ # ip route
default via 192.168.128.1 dev eth0 proto dhcp
192.168.128.0/23 dev eth0 proto kernel scope link src 192.168.129.0
linux-tuxedo:~ #
AFAICT these IPv4 addresses are "not routable", I suppose they are only for use between the computer and the modem/router and that the latter uses some other address (obtained by DHCP) on its ISP side.
Here is what my system thinks of its internet connection on both IPv4 and IPv6:
linux-tuxedo:~ # ifstatus eth0
eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr f0:2f:74:1d:e9:8a
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 192.168.129.0/23 [dhcp]
addr: ipv6 2a02:a03f:64bb:3801:f16c:938b:8d20:bab6/64 [auto]
addr: ipv6 2a02:a03f:64bb:3801:f22f:74ff:fe1d:e98a/64 [auto]
route: ipv4 default via 192.168.128.1 [dhcp]
route: ipv6 default via fe80::6e3:1aff:febf:d672 metric 1024 proto ra
linux-tuxedo:~ #
With "-o debug" added it outputs quite a lot of additional information of which I cannot make head nor tail.
Best regards,
Tony.
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-tT2ESPz0Caanu61m7cq78Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
date: Wed, 15 Nov 2023 21:36:38 GMT
expires: Wed, 15 Nov 2023 21:36:38 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+097; expires=Fri, 14-Nov-2025 21:36:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
linux-tuxedo:~ # ip route
default via 192.168.128.1 dev eth0 proto dhcp
192.168.128.0/23 dev eth0 proto kernel scope link src 192.168.129.0
linux-tuxedo:~ #
AFAICT these IPv4 addresses are "not routable", I suppose they are only for use between the computer and the modem/router and that the latter uses some other address (obtained by DHCP) on its ISP side.
Here is what my system thinks of its internet connection on both IPv4 and IPv6:
linux-tuxedo:~ # ifstatus eth0
eth0 up
link: #2, state up, mtu 1500
type: ethernet, hwaddr f0:2f:74:1d:e9:8a
config: compat:suse:/etc/sysconfig/network/ifcfg-eth0
leases: ipv4 dhcp granted
leases: ipv6 dhcp granted, ipv6 auto granted
addr: ipv4 192.168.129.0/23 [dhcp]
addr: ipv6 2a02:a03f:64bb:3801:f16c:938b:8d20:bab6/64 [auto]
addr: ipv6 2a02:a03f:64bb:3801:f22f:74ff:fe1d:e98a/64 [auto]
route: ipv4 default via 192.168.128.1 [dhcp]
route: ipv6 default via fe80::6e3:1aff:febf:d672 metric 1024 proto ra
linux-tuxedo:~ #
With "-o debug" added it outputs quite a lot of additional information of which I cannot make head nor tail.
Best regards,
Tony.
Since you can access google.com your internet connection works. So it would be either that download.opensuse.org is blocking your or that your isp is blocking download.opensuse.org, but we could check one last thing on your system. Can you share the output of the following?
Code:
cat /etc/hosts
Last edited:
Sure:
linux-tuxedo:~ # cat /etc/hosts
134.76.12.6 ftp.gwdg.de
195.135.221.134 download.opensuse.org
88.99.148.10 graphics.tuxedocomputers.com
88.99.148.10 oibaf.tuxedocomputers.com
88.99.148.10 rpm.tuxedocomputers.com
88.99.148.10 rpm-discrete.tuxedocomputers.com
88.99.148.10 rpm-hybrid.tuxedocomputers.com
88.99.148.10 mirrors.tuxedocomputers.com
62.146.92.202 widehat.opensuse.org
88.99.148.10 kernel.tuxedocomputers.com
linux-tuxedo:~ #
Bingo ! See line 2. According to Spamcop, download.opensuse.org means 195.135.223.226. I'm going to remove that second line and see what happens.
Best regards,
Tony.
linux-tuxedo:~ # cat /etc/hosts
134.76.12.6 ftp.gwdg.de
195.135.221.134 download.opensuse.org
88.99.148.10 graphics.tuxedocomputers.com
88.99.148.10 oibaf.tuxedocomputers.com
88.99.148.10 rpm.tuxedocomputers.com
88.99.148.10 rpm-discrete.tuxedocomputers.com
88.99.148.10 rpm-hybrid.tuxedocomputers.com
88.99.148.10 mirrors.tuxedocomputers.com
62.146.92.202 widehat.opensuse.org
88.99.148.10 kernel.tuxedocomputers.com
linux-tuxedo:~ #
Bingo ! See line 2. According to Spamcop, download.opensuse.org means 195.135.223.226. I'm going to remove that second line and see what happens.
Best regards,
Tony.
Glad to have helped you out and that you have access to download.opensuse.org again!
Do you run spamcop on your system or another tool that automatically adds malicious domains to /etc/hosts or did you add those domains there yourself? The correct ip adress for download.opensuse.org is the following.
I'm assuming you removed the entry with " 195.135.221.134 download.opensuse.org" ?
Do you run spamcop on your system or another tool that automatically adds malicious domains to /etc/hosts or did you add those domains there yourself? The correct ip adress for download.opensuse.org is the following.
Code:
;; ANSWER SECTION:
download.opensuse.org. 235 IN A 195.135.223.226I have a browser bookmark for www.spamcop.net where I report (by pasting their raw mail source) spam email — or at least the spam messages which gmail left in my inbox rather than filtering them into my spam box (and conversely I fish back false positives which gmail erroneously put in the spam box); but Spamcop has another feature: when instead of a full message I paste a (symbolic or numeric) address as just one line into its typearea, it translates it from symbolic address to numeric IP address or vice-versa and then it checks if that address is "known" in its database of spam senders. I don't use this latter feature very often but sometimes (such as this time) it comes useful.
How did that entry end up in your /etc/hosts file is my question?
