0

I have an issue similar to this: Wget, Curl, Yum Fail but Ping works - CentOS 5

In my case, I have 2 Ubuntu 18.04 servers which are failing to download from cache.ruby-lang.org:

curl -O https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.3.tar.bz2 -v
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 151.101.1.178...
* TCP_NODELAY set
* Connected to cache.ruby-lang.org (151.101.1.178) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
  0     0    0     0    0     0      0      0 --:--:--  0:04:59 --:--:--     0* Operation timed out after 300334 milliseconds with 0 out of 0 bytes received
* stopped the pause stream!
  0     0    0     0    0     0      0      0 --:--:--  0:05:00 --:--:--     0
* Closing connection 0
curl: (28) Operation timed out after 300334 milliseconds with 0 out of 0 bytes received

However, pinging cache.ruby-lang.org works fine:

ping cache.ruby-lang.org
PING dualstack.m.shared.global.fastly.net (151.101.1.178) 56(84) bytes of data.
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=1 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=2 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=3 ttl=60 time=51.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=4 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=5 ttl=60 time=50.9 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=6 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=7 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=8 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=9 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=10 ttl=60 time=50.8 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=11 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=12 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=13 ttl=60 time=50.5 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=14 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=15 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=16 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=17 ttl=60 time=50.8 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=18 ttl=60 time=50.8 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=19 ttl=60 time=50.8 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=20 ttl=60 time=50.8 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=21 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=22 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=23 ttl=60 time=50.9 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=24 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=25 ttl=60 time=50.7 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=26 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=27 ttl=60 time=50.6 ms
64 bytes from 151.101.1.178 (151.101.1.178): icmp_seq=28 ttl=60 time=50.5 ms
^C
--- dualstack.m.shared.global.fastly.net ping statistics ---
28 packets transmitted, 28 received, 0% packet loss, time 27048ms
rtt min/avg/max/mdev = 50.518/50.790/51.781/0.371 ms

Curl does work for other URLs, for example https://www.google.com.

And the Curl command to download Ruby works fine on my local Ubuntu 18.04 VM, so it looks like there is some difference from the location of the 2 failing machines (Bangladesh) and my own location (Canada).

I've put the IP address of the server into a couple of online reputation-check websites, and it indicates that the servers are not blacklisted, so I'm at a loss as to why I can't reach cache.ruby-lang.org for these downloads.

I have confirmed that the same version of Curl (7.58) is installed both on the Bangladesh servers and my personal VM.

tcptraceroute seems to indicate that TCP is working:

sudo tcptraceroute cache.ruby-lang.org
Running:
    traceroute -T -O info cache.ruby-lang.org 
traceroute to cache.ruby-lang.org (151.101.1.178), 30 hops max, 60 byte packets
 1  123.49.37.81 (123.49.37.81)  0.529 ms  0.482 ms  0.488 ms
 2  * * 123.49.60.89 (123.49.60.89)  4.168 ms
 3  * * *
 4  54113.sgw.equinix.com (27.111.228.34)  54.650 ms  54.649 ms  54.637 ms
 5  151.101.1.178 (151.101.1.178) <syn,ack>  54.606 ms  54.592 ms  54.573 ms

What else can I check?

afarley
  • 213
  • 2
  • 8

2 Answers2

1

It doesn't solve the problem with this CDN, but - have you tried to use other official mirrors? Because it looks like Fastly CDN has some geo-limitations, I'd recommend to write to support as well https://support.fastly.com/hc/en-us/requests/new

Denis Yusupov
  • 69
  • 3
  • 1
    I ended up creating my own mirror, because the Ruby official mirrors don't have the right structure with SHA2 filenames. This seems to have worked but it's quite unpleasant that ruby-build isn't compatible with any of the official mirrors. – afarley Jul 07 '20 at 22:05
-2

Try setting this DNS addresses on the server: [8.8.8.8, 8.8.4.4].

Nirmal
  • 45
  • 2