info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
download.opensuse.org cannot be resolved
398 views
Skip to first unread message
Andrew
Jul 24, 2021, 6:44:46 AM7/24/21
to
One of my computers is refusing to update, zypper says it cannot resolve
download.opensuse.org. The problem was first seen around 14 hours ago
and an update had succeeded 48 hours before that.
It is the only system I have which uses Network Manager, it is also ipv4
only (hardware reasons) although in that respect it is not the only one.
Other xxx.opensuse.org sites *are* accessible to it.
I will have more time to attack this problem tomorrow, this query is
just on the off-chance that someone else has seen this.
My suspicion was name-resolution on the router - I set up DNS over TLS
(DoT) recently with the primary server being dns.quad9.net - but things
still worked for 48 hours after I made that change.
OpenSUSE 15.3 Leap, fully patched.
download.opensuse.org. The problem was first seen around 14 hours ago
and an update had succeeded 48 hours before that.
It is the only system I have which uses Network Manager, it is also ipv4
only (hardware reasons) although in that respect it is not the only one.
Other xxx.opensuse.org sites *are* accessible to it.
I will have more time to attack this problem tomorrow, this query is
just on the off-chance that someone else has seen this.
My suspicion was name-resolution on the router - I set up DNS over TLS
(DoT) recently with the primary server being dns.quad9.net - but things
still worked for 48 hours after I made that change.
OpenSUSE 15.3 Leap, fully patched.
JJenssen
Jul 24, 2021, 8:02:42 AM7/24/21
to
Am 24.07.21 um 12:44 schrieb Andrew:
download.opensuse.org is up + running. If other sites at opensuse.org
are accessible, there should be no problem of DNS or router.
___
Regards
JJenssen
are accessible, there should be no problem of DNS or router.
___
Regards
JJenssen
Carlos E. R.
Jul 24, 2021, 1:09:25 PM7/24/21
to
mirror that you get redirected to. It is not easy to find out.
Another typical problem would be trying to use https instead of http.
You will have to diagnose. Start with:
host -v download.opensuse.org
in the problem computer.
--
Cheers,
Carlos E.R.
Andrew
Jul 24, 2021, 4:42:05 PM7/24/21
to
Received 39 bytes from (an-ipv6-address)#53 in 0 ms
This particular system is hooked up seamlessly via a cable to a WLAN
device which then goes to the router, all this being invisible to the
PC. That WLAN forwarder only knows ipv4.
It looks as though the problem could be the router returning an ipv6
address, even though the PC "knows" that it should only be using ipv4.
Other addresses work.
It's late here. Tomorrow.
Thanks though
Carlos E. R.
Jul 24, 2021, 7:07:34 PM7/24/21
to
On 24/07/2021 22.42, Andrew wrote:
> Carlos E. R. wrote:
>> On 24/07/2021 12.44, Andrew wrote:
>>> One of my computers is refusing to update, zypper says it cannot resolve
>>> download.opensuse.org. The problem was first seen around 14 hours ago
>>> and an update had succeeded 48 hours before that.
>>> It is the only system I have which uses Network Manager, it is also ipv4
>>> only (hardware reasons) although in that respect it is not the only one.
>>> Other xxx.opensuse.org sites *are* accessible to it.
>>>
>>> I will have more time to attack this problem tomorrow, this query is
>>> just on the off-chance that someone else has seen this.
>>> My suspicion was name-resolution on the router - I set up DNS over TLS
>>> (DoT) recently with the primary server being dns.quad9.net - but things
>>> still worked for 48 hours after I made that change.
>>>
>>> OpenSUSE 15.3 Leap, fully patched.
>>
>> Sometimes it is not download.opensuse.org which doesn't resolve, but the
>> mirror that you get redirected to. It is not easy to find out.
>>
>> Another typical problem would be trying to use https instead of http.
>>
>>
>> You will have to diagnose. Start with:
>>
>> host -v download.opensuse.org
>>
>> in the problem computer.
>>
>
> Host download.opensuse.org not found: 2(SERVFAIL)
> Received 39 bytes from (an-ipv6-address)#53 in 0 ms
I said "host -v ..." - you removed the -v.
> Carlos E. R. wrote:
>> On 24/07/2021 12.44, Andrew wrote:
>>> One of my computers is refusing to update, zypper says it cannot resolve
>>> download.opensuse.org. The problem was first seen around 14 hours ago
>>> and an update had succeeded 48 hours before that.
>>> It is the only system I have which uses Network Manager, it is also ipv4
>>> only (hardware reasons) although in that respect it is not the only one.
>>> Other xxx.opensuse.org sites *are* accessible to it.
>>>
>>> I will have more time to attack this problem tomorrow, this query is
>>> just on the off-chance that someone else has seen this.
>>> My suspicion was name-resolution on the router - I set up DNS over TLS
>>> (DoT) recently with the primary server being dns.quad9.net - but things
>>> still worked for 48 hours after I made that change.
>>>
>>> OpenSUSE 15.3 Leap, fully patched.
>>
>> Sometimes it is not download.opensuse.org which doesn't resolve, but the
>> mirror that you get redirected to. It is not easy to find out.
>>
>> Another typical problem would be trying to use https instead of http.
>>
>>
>> You will have to diagnose. Start with:
>>
>> host -v download.opensuse.org
>>
>> in the problem computer.
>>
>
> Host download.opensuse.org not found: 2(SERVFAIL)
> Received 39 bytes from (an-ipv6-address)#53 in 0 ms
>
> This particular system is hooked up seamlessly via a cable to a WLAN
> device which then goes to the router, all this being invisible to the
> PC. That WLAN forwarder only knows ipv4.
> It looks as though the problem could be the router returning an ipv6
> address, even though the PC "knows" that it should only be using ipv4.
> Other addresses work.
>
> It's late here. Tomorrow.
>
> Thanks though
Cheers,
Carlos E.R.
Andrew
Jul 25, 2021, 6:02:49 AM7/25/21
to
in there.
There has been a change for the worse though, I'm now getting
;; connection timed out; no servers could be reached
This is both with and without "sudo", my tests last night were without.
Meanwhile Firefox is finding whatever it wants with no problems at all.
This gave me another idea, I appended #80 to the host name and it is
finding the host. Back to the router configuration.
Andrew
Jul 25, 2021, 7:14:02 AM7/25/21
to
After various tests which got me nowhere I made the following changes:
- Turned DNS over TLS (DoT) off (no change)
- Network Manager -> wicked (no change)
- Added dns-server settings (1.0.0.1 and 1.1.1.1) - BINGO.
The modem/router is not supposed to be filtering anything. No parental
controls, no restrictions. Something stinks.
Carlos E. R.
Jul 25, 2021, 7:47:03 AM7/25/21
to
host -v download.opensuse.org 192.168.1.1
assuming that is your router. If it fails, use other IPs. If it works,
your resolv file has a problem.
>
> This is both with and without "sudo", my tests last night were without.
>
> Meanwhile Firefox is finding whatever it wants with no problems at all.
> This gave me another idea, I appended #80 to the host name and it is
> finding the host. Back to the router configuration.
--
Cheers,
Carlos E.R.
Andrew
Jul 25, 2021, 7:52:05 AM7/25/21
to
https://www.linux.org/threads/solved-unbound-dns-server-strange-problem-resolving-opensuse-org.31299/
supplied the answer.
Rebooting the modem/router fixed the problem.
Things still work after:
- fallback of the client to Network Manager (with no DNS servers supplied)
- reactivating DoT on the modem/router.
- rebooting the client
What I absolutely do not understand is that there were three DNS
settings which did not work before I rebooted the modem/router:
- DoT with one primary name server
- DoT with another unrelated name server
- no DoT, the modem/router took its DNS settings from Vodafone
Other machines which use wicked and supply their own DNS server
IP-addresses all worked, as did the affected one when I made the same
change.
From the help text:
> Instructions: Enabling DNS over TLS (DoT)
>
> Select the "Encrypted name resolution in the internet (DNS over TLS)" setting.
> In the "Resolved Names of the DNS Servers" field, enter one or more DNS servers.
> Click on "Apply".
> Confirm that this change should be executed as soon as you are prompted to do so.
>
> DNSv4 and DNSv6 when DNS over TLS (DoT) Enabled
>
> Enabling DNS over TLS does not require any changes to the "DNSv4" or "DNSv6" settings.
>
> The DNS servers listed under "DNSv4" or "DNSv6" will still be used for DNS queries. They are needed for name resolution by the DNS-over-TLS server and for internal purposes.
> Encrypted name resolution in the internet (DNS over TLS)
>
> This setting is disabled in the settings preconfigured for the FRITZ!Box.
>
> When this setting is disabled, the FRITZ!Box sends DNS queries to the DNS servers listed under "DNSv4" and "DNSv6" in encrypted form.
>
> When this setting is enabled, the FRITZ!Box first determines the IP addresses of the servers listed under "Resolved Names of the DNS Servers". This is done by means of a non-encrypted query to the DNS servers entered under "DNSv4" and "DNSv6". The FRITZ!Box sends the encrypted DNS queries to the IP addresses of the servers listed under "Resolved Names of the DNS Servers".
(the DNSv4 and DNSv6 settings both specify using the defaults for the ISP).
0 new messages