Discussion:
NetBSD-Archive down?
(too old to reply)
Malte Dehling
2022-04-15 15:04:40 UTC
Permalink
Hi,

I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first byte
timeout. Is that server currently unavailable? Anywhere else I might be
able to download older NetBSD install media?

Cheers,
Malte
Martin Husemann
2022-04-15 15:16:53 UTC
Permalink
Post by Malte Dehling
Hi,
I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first byte
timeout. Is that server currently unavailable? Anywhere else I might be
able to download older NetBSD install media?
Works for me (but it is a CDN so a regional issue closer to you may
have caused the failure, or it was a temporary problem).

Martin

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Malte Dehling
2022-04-15 15:31:23 UTC
Permalink
Post by Martin Husemann
Post by Malte Dehling
Hi,
I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first byte
timeout. Is that server currently unavailable? Anywhere else I might be
able to download older NetBSD install media?
Works for me (but it is a CDN so a regional issue closer to you may
have caused the failure, or it was a temporary problem).
I’ve tried a few times since yesterday and keep getting the same error.
Tried again just now and it’s still not working, so it must be a regional
issue then (I’m in southern California in case that helps anyone track this
down.)

Is there a way to go around the CDN? I’m looking for a mirror that has
NetBSD-4 still.

Thanks,
Malte
Greg Troxel
2022-04-15 18:24:41 UTC
Permalink
Sorry, I didn't fully grasp 503, but also various places seem to have
crazy intercepting proxies. I'll look over your details.


The IPv4 address I get is

151.101.117.6

so maybe you could put archive.netbsd.org and that address in /etc/hosts
and see if pinning to a different server helps?


And I could try the server you get pointed to.
Malte Dehling
2022-04-15 18:30:47 UTC
Permalink
Post by Greg Troxel
Sorry, I didn't fully grasp 503, but also various places seem to have
crazy intercepting proxies. I'll look over your details.
No worries, thanks for looking into it!

The IPv4 address I get is
Post by Greg Troxel
151.101.117.6
so maybe you could put archive.netbsd.org and that address in /etc/hosts
and see if pinning to a different server helps?
This one works for me.

And I could try the server you get pointed to.
Greg Troxel
2022-04-15 17:49:27 UTC
Permalink
Post by Malte Dehling
I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first byte
timeout. Is that server currently unavailable? Anywhere else I might be
able to download older NetBSD install media?
also works for me, northeast US
Allright, so I got what I needed by going through a VPN. That doesn’t
solve the issue, though. I’m not sure who needs to see this to get the
server fixed?
Well, for starters you need to provide a lot more information.

Then, you or others could begin to speculate about where the problem is.
Asserting that the server is broken is quite a leap, even though it
certainly could be.

So:

What country are you in?

In what IPv4 prefix is your v4 address?

Same for v6.

Is this problem with v4, v6, both?

When you do "dig archive.netbsd.org in a" (and aaaa) what address do
you get?

What happens when you traceroute/traceroute6 to those addresses?

When you run tcpdump to watch a connection attempt, what do you see?
Michael van Elst
2022-04-16 05:42:26 UTC
Permalink
Post by Malte Dehling
archive.netbsd.org. 1603 IN CNAME
dualstack.o.ssl.global.fastly.net.
dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.1.6
dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.65.6
dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.129.6
dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.193.6
All these CDN servers answer successfully from here and also
from California (San Jose).

For a quick test you can use something like:

curl -v --proxy '' --resolve archive.netbsd.org:443:151.101.1.6 https://archive.netbsd.org

Either the problem is gone by now or it's more a local (or local provider)
issue.


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Malte Dehling
2022-04-15 17:22:09 UTC
Permalink
Post by Malte Dehling
I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first byte
timeout. Is that server currently unavailable? Anywhere else I might be
able to download older NetBSD install media?
also works for me, northeast US
Allright, so I got what I needed by going through a VPN. That doesn’t
solve the issue, though. I’m not sure who needs to see this to get the
server fixed?
Malte Dehling
2022-04-15 18:12:03 UTC
Permalink
Post by Malte Dehling
Post by Malte Dehling
I have been trying to access the NetBSD archives at
https://archive.netbsd.org/ but keep getting an error 503 - first
byte
Post by Malte Dehling
timeout. Is that server currently unavailable? Anywhere else I
might be
Post by Malte Dehling
able to download older NetBSD install media?
also works for me, northeast US
Allright, so I got what I needed by going through a VPN. That doesn’t
solve the issue, though. I’m not sure who needs to see this to get the
server fixed?
Well, for starters you need to provide a lot more information.
Then, you or others could begin to speculate about where the problem is.
Asserting that the server is broken is quite a leap, even though it
certainly could be.
Not much of a leap considering 503 is a server error. The message seems to
indicate a timeout in the connection from the CDN to the regional server.
Post by Malte Dehling
What country are you in?
I mentioned that: southern california.

In what IPv4 prefix is your v4 address?


public IP is 76.88.x.x

Same for v6.
Post by Malte Dehling
Is this problem with v4, v6, both?
I’m not using ipv6.
Post by Malte Dehling
When you do "dig archive.netbsd.org in a" (and aaaa) what address do
you get?
# dig archive.netbsd.org in a

; <<>> DiG 9.16.20 <<>> archive.netbsd.org in a
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30279
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;archive.netbsd.org. IN A

;; ANSWER SECTION:
archive.netbsd.org. 1603 IN CNAME
dualstack.o.ssl.global.fastly.net.
dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.1.6

dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.65.6

dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.129.6

dualstack.o.ssl.global.fastly.net. 30 IN A 151.101.193.6



;; Query time: 22 msec

;; SERVER: 192.168.86.1#53(192.168.86.1)

;; WHEN: Fri Apr 15 10:51:50 PDT 2022

;; MSG SIZE rcvd: 158
Post by Malte Dehling
What happens when you traceroute/traceroute6 to those addresses?
# traceroute archive.netbsd.org
traceroute: archive.netbsd.org has multiple addresses; using 151.101.1.6

traceroute to dualstack.o.ssl.global.fastly.net (151.101.1.6), 64 hops max,
40 byte packets
1 192.168.86.1 (192.168.86.1) 7.428 ms 2.339 ms 4.639 ms

2 142-254-184-149.inf.spectrum.com (142.254.184.149) 13.814 ms 6.607 ms
9.953 ms
3 lag-63.sndhcaht01h.netops.charter.com (76.167.26.105) 23.129 ms
30.346 ms 32.246 ms
4 lag-21.sndhcaax01r.netops.charter.com (72.129.1.54) 14.918 ms 17.794
ms 16.223 ms
5 lag-22.lsancarc01r.netops.charter.com (72.129.1.0) 17.757 ms 16.020
ms 14.493 ms
6 lag-46.lsancarc0yw-bcr00.netops.charter.com (209.18.43.62) 16.508 ms

lag-16.lsancarc0yw-bcr00.netops.charter.com (66.109.6.102) 16.794 ms

lag-36.lsancarc0yw-bcr00.netops.charter.com (66.109.6.92) 17.578 ms

7 lag-0.pr2.lax00.netops.charter.com (66.109.5.123) 17.404 ms 19.137 ms

lag-800.pr2.lax00.netops.charter.com (66.109.7.225) 22.625 ms

8 * * *

When you run tcpdump to watch a connection attempt, what do you see?


# tcpdump tcp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on genet0, link-type EN10MB (Ethernet), capture size 262144 bytes

11:05:38.645434 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [S], seq
2059843661, win 32768, options [mss 1460,nop,wscale 3,sackOK,TS val 1 ecr
0], length 0
11:05:38.661713 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [S.], seq
763067123, ack 2059843662, win 65535, options [mss 1460,sackOK,TS val
457835305 ecr 1,nop,wscale 9], length 0

11:05:38.661757 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [.], ack 1,
win 4197, options [nop,nop,TS val 1 ecr 457835305], length 0
11:05:38.661860 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [P.], seq
1:27, ack 1, win 4197, options [nop,nop,TS val 1 ecr 457835305], length 26:
HTTP: GET /index.html HTTP/1.1

11:05:38.685981 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [.], ack
27, win 283, options [nop,nop,TS val 457835329 ecr 1], length 0
11:05:38.686058 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [P.], seq
27:120, ack 1, win 4197, options [nop,nop,TS val 1 ecr 457835329], length
93: HTTP
11:05:38.701592 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [.], ack
120, win 283, options [nop,nop,TS val 457835345 ecr 1], length 0
11:05:54.454763 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [P.], seq
1:339, ack 120, win 283, options [nop,nop,TS val 457851097 ecr 1], length
338: HTTP: HTTP/1.1 503 first byte timeout

11:05:54.454777 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [P.], seq
339:794, ack 120, win 283, options [nop,nop,TS val 457851097 ecr 1], length
455: HTTP
11:05:54.454781 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [F.], seq
794, ack 120, win 283, options [nop,nop,TS val 457851097 ecr 1], length 0
11:05:54.454834 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [.], ack
794, win 4098, options [nop,nop,TS val 33 ecr 457851097], length 0
11:05:54.454858 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [.], ack
795, win 4098, options [nop,nop,TS val 33 ecr 457851097], length 0
11:05:54.456161 IP 192.168.86.2.65531 > 151.101.1.6.http: Flags [F.], seq
120, ack 795, win 4197, options [nop,nop,TS val 33 ecr 457851097], length 0
11:05:54.476748 IP 151.101.1.6.http > 192.168.86.2.65531: Flags [.], ack
121, win 283, options [nop,nop,TS val 457851121 ecr 33], length 0
Greg Troxel
2022-04-15 18:37:43 UTC
Permalink
Reading your tcpdump, it appears your end is sending
GET /index.html HTTP/1.1
but I don't see a host specification.

What uesr agent are you using, and is it trying to send host? I do not
have those rules paged in this minute, but there is a scheme to tell the
server which vhost you want out of many on an IP address.

With wget and forcing the IP address you got, I see:

$ wget https://archive.netbsd.org/
--2022-04-15 14:36:21-- https://archive.netbsd.org/
Resolving archive.netbsd.org (archive.netbsd.org)... 151.101.1.6
Connecting to archive.netbsd.org (archive.netbsd.org)|151.101.1.6|:443... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 733
Server: bozohttpd/20190228
Content-Type: text/html
Accept-Ranges: bytes
Date: Fri, 15 Apr 2022 18:36:22 GMT
Via: 1.1 varnish
Age: 5047
X-Served-By: cache-bos4641-BOS
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1650047782.024733,VS0,VE310
Length: 733 [text/html]
Saving to: ‘index.html'
Malte Dehling
2022-04-15 19:40:02 UTC
Permalink
Post by Greg Troxel
Reading your tcpdump, it appears your end is sending
GET /index.html HTTP/1.1
but I don't see a host specification.
What uesr agent are you using, and is it trying to send host? I do not
have those rules paged in this minute, but there is a scheme to tell the
server which vhost you want out of many on an IP address.
$ wget https://archive.netbsd.org/
--2022-04-15 14:36:21-- https://archive.netbsd.org/
Resolving archive.netbsd.org (archive.netbsd.org)... 151.101.1.6
Connecting to archive.netbsd.org (archive.netbsd.org)|151.101.1.6|:443... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 733
Server: bozohttpd/20190228
Content-Type: text/html
Accept-Ranges: bytes
Date: Fri, 15 Apr 2022 18:36:22 GMT
Via: 1.1 varnish
Age: 5047
X-Served-By: cache-bos4641-BOS
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1650047782.024733,VS0,VE310
Length: 733 [text/html]
Saving to: ‘index.html'
The previous tcpdump was for

# ftp http://archive.netbsd.org/index.html

on NetBSD-current on a raspberry pi. Before that I was trying to connect
from my iPad Pro, but I can’t tcpdump there. Sorry if that made things
more confusing.

Here is the (verbose) output for wget http://archive.netbsd.org/ on the
same NetBSD-current pi4. It is sending host and gives the same error 503):

# tcpdump tcp -v

tcpdump: listening on genet0, link-type EN10MB (Ethernet),
capture size 262144 bytes

12:34:46.370085 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 60)

192.168.86.2.65512 > 151.101.1.6.http: Flags [S], cksum 0x7375
(correct), seq 199203167, win 32768, options [mss 1460,nop,wscale
3,sackOK,TS val 1 ecr 0], length 0
12:34:46.393882 IP (tos 0x0, ttl 56, id 0, offset 0, flags [DF], proto TCP
(6), length 60)
151.101.1.6.http > 192.168.86.2.65512: Flags [S.], cksum 0xc33d
(correct), seq 633182354, ack 199203168, win 65535, options [mss
1460,sackOK,TS val 1116483397 ecr 1,nop,wscale 9], length 0
12:34:46.393952 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xe1a6
(correct), ack 1, win 4197, options [nop,nop,TS val 1 ecr 1116483397],
length 0
12:34:46.394081 IP (tos 0x0, ttl 64, id 6759, offset 0, flags [DF], proto
TCP (6), length 195)
192.168.86.2.65512 > 151.101.1.6.http: Flags [P.], cksum 0x80bb
(correct), seq 1:144, ack 1, win 4197, options [nop,nop,TS val 1 ecr
1116483397], length 143: HTTP, l
ength: 143
GET /index.html HTTP/1.1

Host: archive.netbsd.org

User-Agent: Wget/1.21.3

Accept: */*
Accept-Encoding: identity

Connection: Keep-Alive


12:34:46.416896 IP (tos 0x0, ttl 56, id 27170, offset 0, flags [DF], proto
TCP (6), length 52) 151.101.1.6.http > 192.168.86.2.65512: Flags [.],
cksum 0xf048 (correct), ack 144, win 285, options [nop,nop,TS val
1116483420 ecr 1], length 0
12:34:46.416912 IP (tos 0x0, ttl 56, id 27171, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [.], cksum 0xf048
(correct), ack 144, win 285, options [nop,nop,TS val 1116483420 ecr 1],
length 0
12:35:01.583600 IP (tos 0x0, ttl 56, id 27172, offset 0, flags [DF], proto
TCP (6), length 395)
151.101.1.6.http > 192.168.86.2.65512: Flags [P.], cksum 0x9604
(correct), seq 1:344, ack 144, win 285, options [nop,nop,TS val 1116498587
ecr 1], length 343: HTTP,
length: 343
HTTP/1.1 503 first byte timeout

Server: Varnish

Retry-After: 0

Content-Type: text/html; charset=utf-8


Accept-Ranges: bytes

Content-Length: 455

Date: Fri, 15 Apr 2022 19:34:55 GMT

Via: 1.1 varnish

Connection: keep-alive

X-Served-By: cache-bur-kbur8200028-BUR


X-Cache: MISS
X-Cache-Hits: 0

X-Timer: S1650051280.848820,VS0,VE15167


12:35:01.583612 IP (tos 0x0, ttl 56, id 27173, offset 0, flags [DF], proto
TCP (6), length 507)
151.101.1.6.http > 192.168.86.2.65512: Flags [P.], cksum 0x23d4
(correct), seq 344:799, ack 144, win 285, options [nop,nop,TS val
1116498587 ecr 1], length 455: HTTP
12:35:01.583672 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xa2e9
(correct), ack 799, win 4097, options [nop,nop,TS val 31 ecr 1116498587],
length 0
12:35:01.584220 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [F.], cksum 0xa284
(correct), seq 144, ack 799, win 4197, options [nop,nop,TS val 31 ecr
1116498587], length 0
12:35:01.607783 IP (tos 0x0, ttl 56, id 27174, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [.], cksum 0xb1b5
(correct), ack 145, win 285, options [nop,nop,TS val 1116498610 ecr 31],
length 0
12:35:01.607795 IP (tos 0x0, ttl 56, id 27175, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [F.], cksum 0xb1b4
(correct), seq 799, ack 145, win 285, options [nop,nop,TS val 1116498610
ecr 31], length 0
12:35:01.607855 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xa26c
(correct), ack 800, win 4197, options [nop,nop,TS val 31 ecr 1116498610],
length 0
Loading...