Connection issue with aus5.mozilla.org [SOLVED]

Kernels & Hardware, configuring network, installing services

Connection issue with aus5.mozilla.org [SOLVED]

Postby cchip » 2019-07-27 09:04

Hi,

I have a fresh Buster install that experiences connection issues to aus5.mozilla.org. This is the site that Firefox uses to check if an update is available. (I use the Firefox installed from http://www.mozilla.org tarball.) Currently Firefox does not update, because it is unable to connect to that site. If I try to visit https://aus5.mozilla.org in Firefox, it just gives the "Hmm. We’re having trouble finding that site." error. (The same happens with the debian-packaged Firefox ESR.)

On a terminal, with netcat "nc -v aus5.mozilla.org 443" I get the error "nc: getaddrinfo for host "aus5.mozilla.org" port 443: Name or service not known". With "nc -4 -v aus5.mozilla.org 443" the connection succeeds. Possibly this has something to do with IPv6, since "host aus5.mozilla.org" returns:
Code: Select all
aus5.mozilla.org is an alias for balrog-aus5.r53-2.services.mozilla.com.
balrog-aus5.r53-2.services.mozilla.com is an alias for balrog-aus5-noclip.r53-2.services.mozilla.com.
balrog-aus5-noclip.r53-2.services.mozilla.com is an alias for balrog-cloudfront.prod.mozaws.net.
balrog-cloudfront.prod.mozaws.net has address 13.32.43.24
balrog-cloudfront.prod.mozaws.net has address 13.32.43.17
balrog-cloudfront.prod.mozaws.net has address 13.32.43.39
balrog-cloudfront.prod.mozaws.net has address 13.32.43.107
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:400:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:f800:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:7600:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:5e00:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:8c00:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:2800:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:b000:a:db2a:b380:93a1
balrog-cloudfront.prod.mozaws.net has IPv6 address 2600:9000:2074:a800:a:db2a:b380:93a1


With "nc -v aus2.mozilla.org 443" the connection also succeeds. I don't need "-4" with that site.

How can I fix my networking configuration? (The config is whatever is the default set up by Buster's installer.) I don't care about IPv6, since I cannot use it.
Last edited by cchip on 2019-07-28 20:29, edited 1 time in total.
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org

Postby L_V » 2019-07-27 09:15

cchip wrote:I have a fresh Buster install that experiences connection issues to aus5.mozilla.org. This is the site that Firefox uses to check if an update is available. (I use the Firefox installed from http://www.mozilla.org tarball.)

Where did you install your Firefox folder ?
cchip wrote: The same happens with the debian-packaged Firefox ESR.

Debian Firefox is updated by package update. No need to go to "aus5.mozilla.org" which is not supposed to be visited by the public.
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04

Re: Connection issue with aus5.mozilla.org

Postby cchip » 2019-07-27 09:23

L_V wrote:Where did you install your Firefox folder ?


I untarred the tarball under my home directory.

L_V wrote:Debian Firefox is updated by package update. No need to go to "aus5.mozilla.org" which is not supposed to be visited by the public.


Buster contains packaged Firefox ESR, but I prefer the latest version. Hence I use the mozilla.org tarball.

The issue is not what Firefox I am using, but rather the fact that somehow my networking is broken and my machine cannot properly connect to aus5.mozilla.org. I know I don't need to visit that site manually.
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org

Postby L_V » 2019-07-27 09:31

Can you compare with this curl ?
Code: Select all
curl https://aus5.mozilla.org
The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.

+ my Firefox is one of Mozilla...
Code: Select all
firefox --version
Mozilla Firefox 68.0.1esr
-
Buster Frefox is 60.8.0esr - SID Firefox is 68.0.1
http://ftp.mozilla.org/pub/firefox/releases/

For updates, Firefox is sending a string like this
Code: Select all
https://aus5.mozilla.org/update/<...............>/update.xml
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04

Re: Connection issue with aus5.mozilla.org

Postby cchip » 2019-07-27 13:04

L_V wrote:Can you compare with this curl ?


I get this:

Code: Select all
curl https://aus5.mozilla.org
curl: (6) Could not resolve host: aus5.mozilla.org


But with "-4" I get the same result as you:

Code: Select all
curl -4 https://aus5.mozilla.org
The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org

Postby L_V » 2019-07-27 13:27

Humm...
IPv6 active or disabled ? (for investigation....)
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04

Re: Connection issue with aus5.mozilla.org

Postby cchip » 2019-07-27 13:41

L_V wrote:Humm...
IPv6 active or disabled ? (for investigation....)


Enabled, that's the default I think. I tried disabling it via "sysctl -w net.ipv6.conf.all.disable_ipv6=1", but it didn't help. In any case, I'm sure IPv6 was enabled also in my Stretch install and I didn't have this problem there.
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org

Postby L_V » 2019-07-27 13:47

cchip wrote:disabling it via "sysctl -w net.ipv6.conf.all.disable_ipv6=1",
Not sure this is enough to be sure it is disabled, especially if you didn't restart your network.
But if you are sure IPv6 is not incriminated, forget it.
Did you try the same test from an other installation ? Other PC ?
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04

Re: Connection issue with aus5.mozilla.org

Postby cchip » 2019-07-27 14:06

L_V wrote:Did you try the same test from an other installation ? Other PC ?


I have a Ubuntu 18.04 qemu/kvm virtual machine on this Buster install. In that VM, all this works like it should and I can't see any configuration being different there. Just not working on the Buster host :roll:
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org

Postby L_V » 2019-07-27 14:10

Code: Select all
curl -4 https://aus5.mozilla.org
... works fine
-4, --ipv4
This option tells curl to resolve names to IPv4 addresses only, and not for example try IPv6.

Sorry to insist on IPv6.
Code: Select all
head /etc/hosts
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04

Re: Connection issue with aus5.mozilla.org

Postby cchip » 2019-07-28 20:28

I think I resolved this. The DNS response for AAAA records of aus5.mozilla.org are too big for UDP, so Buster tries to use TCP to get the full response. Apparently my router has a DNS proxy which doesn't support TCP DNS and glibc getaddrinfo() fails. I disabled the DNS proxy (i.e. now my router just routes Buster's DNS queries to my ISP's DNS nameservers.) Alternatively, adding "options edns0" to /etc/resolv.conf also worked.
cchip
 
Posts: 59
Joined: 2011-02-12 05:24

Re: Connection issue with aus5.mozilla.org [SOLVED]

Postby L_V » 2019-07-28 21:44

If you prefer your router to manage a DNS proxy, the question is then do you need resolvconf.service, to avoid conflicts or headache.

Code: Select all
systemctl status resolvconf
L_V
 
Posts: 1171
Joined: 2007-03-19 09:04


Return to System configuration

Who is online

Users browsing this forum: No registered users and 13 guests

fashionable