Uploaded image for project: 'CernVM'
  1. CernVM
  2. CVM-1647

Geolite2 download failing, triggered DDOS protection

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: CernVM-FS 2.5.1
    • Fix Version/s: CernVM-FS 2.5.2
    • Component/s: CVMFS
    • Labels:
      None
    • Platforms:
      x86_64-slc6-gcc48-opt
    • Development:

      Description

      The UNL stratum 1 is getting 503 Service Temporarily Unavailable from the maxmind download site, which is cached by Cloudflare. Attempts to reproduce the issue show that a web page is returned saying that it is attributed to "DDoS protection by Cloudflare". This is using IPv6 which is the default on this system, and if I switch to IPv4 it works. I believe the only reason for the latter success is that it hasn't yet triggered the DDoS protection. I can also download OK over IPv6 from another machine at UNL. I don't know what triggered the original error, but all the many retries made the problem worse.

      Change the download mechanism to not try more than 2 or 3 times per day. I think it would also be a good idea to prefer IPv4, although it looks like only wget can do that; curl can require ipv4, but apparently can't just prefer it.

        Attachments

          Activity

            People

            • Assignee:
              dwd Dave Dykstra
              Reporter:
              dwd Dave Dykstra
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                PlannedEnd:
                PlannedStart: