Try:
traceroute 159.89.233.254
I have a suspect…
1 server
traceroute 159.89.233.254
traceroute to 159.89.233.254 (159.89.233.254), 30 hops max, 60 byte packets
1 89-106-172-125.in-addr.mastertelecom.ru (89.106.172.125) 10.269 ms 10.888 ms 11.521 ms
2 89-106-169-230.in-addr.mastertelecom.ru (89.106.169.230) 4.032 ms 4.373 ms 4.709 ms
3 217-67-176-250.in-addr.mastertelecom.ru (217.67.176.250) 8.111 ms 8.535 ms 8.961 ms
4 * * *
5 109-73-43-254.in-addr.mastertelecom.ru (109.73.43.254) 0.573 ms 0.571 ms 0.563 ms
yum update
Loaded plugins: changelog, fastestmirror, nethserver_events
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://mirrorlist.nethserver.org/7/nethserver?rele ase=7&repo=nethforge&arch=x86_64 error was
14: curl#7 - "Failed connect to mirrorlist.nethserver.org:80; Connection refused "
Could not retrieve mirrorlist http://mirrorlist.nethserver.org/?release=7&repo=b ase&arch=x86_64&nsrelease=$nsrelease error was
14: curl#7 - "Failed connect to mirrorlist.nethserver.org:80; Connection refused "
Could not retrieve mirrorlist http://mirrorlist.nethserver.org/?release=7&repo=u pdates&arch=x86_64&nsrelease=$nsrelease error was
14: curl#7 - "Failed connect to mirrorlist.nethserver.org:80; Connection refused "
- base: mirror.reconn.ru
- epel: mirrors.colocall.net
- extras: mirror.reconn.ru
- nethforge: mirror.nordest.systems
- nethserver-base: mirror.nordest.systems
- nethserver-updates: mirror.nordest.systems
- updates: mirror.yandex.ru
One of the configured repositories failed (Unknown),
and yum doesn’t have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work “fix” this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=<repoid> ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable <repoid>
or
subscription-manager repos --disable=<repoid>
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
file is encrypted or is not a database
2 server
traceroute 159.89.233.254
traceroute to 159.89.233.254 (159.89.233.254), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
Both servers are in Russia, I’m in Russia. Until yesterday’s update, everything worked fine.
It looks like they just have been syncronized now?
[root@neth13 ~]# yum clean all && rm -rf /var/cache/yum && yum -y update
Loaded plugins: changelog, fastestmirror, nethserver_events
Cleaning repos: base centos-sclo-rh centos-sclo-sclo epel extras nethforge nethserver-base nethserver-updates updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
Loaded plugins: changelog, fastestmirror, nethserver_events
Determining fastest mirrors
epel/x86_64/metalink | 9.6 kB 00:00:00
* base: mirror.nextlayer.at
* epel: mirror.karneval.cz
* extras: mirror.nextlayer.at
* nethforge: mirror.nordest.systems
* nethserver-base: mirror.nordest.systems
* nethserver-updates: mirror.nordest.systems
* updates: mirror.nextlayer.at
base | 3.6 kB 00:00:00
centos-sclo-rh | 3.0 kB 00:00:00
centos-sclo-sclo | 2.9 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 3.4 kB 00:00:00
nethforge | 4.1 kB 00:00:00
nethserver-base | 2.9 kB 00:00:00
nethserver-updates | 4.1 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/14): base/7/x86_64/group_gz | 166 kB 00:00:00
(2/14): epel/x86_64/group_gz | 84 kB 00:00:00
(3/14): centos-sclo-sclo/x86_64/primary_db | 202 kB 00:00:00
(4/14): extras/7/x86_64/primary_db | 104 kB 00:00:00
(5/14): nethforge/7/x86_64/group_gz | 1.7 kB 00:00:00
(6/14): nethforge/7/x86_64/primary_db | 32 kB 00:00:00
(7/14): nethserver-base/7/x86_64/primary_db | 241 kB 00:00:00
(8/14): nethserver-updates/7/x86_64/group_gz | 20 kB 00:00:00
(9/14): epel/x86_64/updateinfo | 921 kB 00:00:02
(10/14): nethserver-updates/7/x86_64/primary_db | 382 kB 00:00:00
(11/14): updates/7/x86_64/primary_db | 1.0 MB 00:00:01
(12/14): centos-sclo-rh/x86_64/primary_db | 3.2 MB 00:00:06
(13/14): epel/x86_64/primary_db | 6.4 MB 00:00:07
(14/14): base/7/x86_64/primary_db | 5.9 MB 00:00:13
No packages marked for update@saitobenkei is probably right! Yesterday we moved the hosting of mirrorlist.nethserver.org to another IP…
See Relocated packages.nethserver.org (2)
[root@vm5 ~]# host mirrorlist.nethserver.org
mirrorlist.nethserver.org is an alias for packages.nethserver.org.
packages.nethserver.org has address 159.89.233.254
Please try this workaround:
-
Check if IP 46.101.114.111 is reachable
-
See if this command gives back the mirror list:
curl -v -H 'Host: mirrorlist.nethserver.org' 'http://packages.nethesis.it/7/nethserver?release=7&repo=nethforge&arch=x86_64' -
Go to DNS page and set an override for mirrorlist.nethserver.org pointing to 46.101.114.111
You get the list of mirrors, but you can’t access nethserver-testing any more 
1 Like
OK, can we say everything is green now? - 
Not for our Russian friends 
OK, 
curl -v -H ‘Host: mirrorlist.nethserver.org’ ‘http://packages.nethesis.it/7/nethserver?release=7&repo=nethforge&arch=x86_64’
- About to connect() to packages.nethesis.it port 80 (#0)
- Trying 46.101.114.111…
- Connected to packages.nethesis.it (46.101.114.111) port 80 (#0)
GET /7/nethserver?release=7&repo=nethforge&arch=x86_64 HTTP/1.1
User-Agent: curl/7.29.0
Accept: /
Host: mirrorlist.nethserver.org
< HTTP/1.1 200 OK
< Date: Fri, 11 May 2018 10:31:23 GMT
< Server: Apache/2.4.6 (CentOS) PHP/5.4.16
< X-Powered-By: PHP/5.4.16
< Content-Length: 773
< Content-Type: text/plain; charset=UTF-8
<
http://mirror.nethserver.org/nethserver/7/nethforge/x86_64/
http://mirror1.nethserver.org/nethserver/7/nethforge/x86_64/
http://mirror2.nethserver.org/nethserver/7/nethforge/x86_64/
https://mirror.nethesis.it/nethserver/7/nethforge/x86_64/
http://nethserver.de-labrusse.fr/7/nethforge/x86_64/
http://mirror.framassa.org/nethserver/7/nethforge/x86_64/
http://mirror.nordest.systems/nethserver/7/nethforge/x86_64/
https://mirror.alpix.eu/nethserver/7/nethforge/x86_64/
http://mrmarkuz.goip.de/mirror/nethserver/7/nethforge/x86_64/
http://mirror.pcxlan.es/nethserver/7/nethforge/x86_64/
https://markusneuberger.at/mirror/nethserver/7/nethforge/x86_64/
http://buck.goip.de/nethserver/7/nethforge/x86_64/
http://nethserver.globalcortex.net/mirror/nethserver/7/nethforge/x86_64/
- Connection #0 to host packages.nethesis.it left intact
13:31:23 root@ms jobs:0 cmd:187 /root
ping 46.101.114.111
PING 46.101.114.111 (46.101.114.111) 56(84) bytes of data.
64 bytes from 46.101.114.111: icmp_seq=1 ttl=57 time=46.6 ms
64 bytes from 46.101.114.111: icmp_seq=2 ttl=57 time=49.7 ms
64 bytes from 46.101.114.111: icmp_seq=3 ttl=57 time=46.7 ms
^C
— 46.101.114.111 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 46.605/47.693/49.766/1.477 ms
2 Likes
yum clean all && rm -rf /var/cache/yum && yum -y update
Loaded plugins: changelog, fastestmirror, nethserver_events
Cleaning repos: base centos-sclo-rh centos-sclo-sclo collaboraoffice.com_repos_CollaboraOnline_CODE-centos7 epel
: extras nethforge nethserver-base nethserver-updates remi-php56 remi-safe updates veeam
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
Loaded plugins: changelog, fastestmirror, nethserver_events
Determining fastest mirrors
epel/x86_64/metalink | 13 kB 00:00:00
Could not retrieve mirrorlist http://mirrorlist.nethserver.org/7/nethserver?release=7&repo=nethforge&arch=x86_64 error was
12: Timeout on http://mirrorlist.nethserver.org/7/nethserver?release=7&repo=nethforge&arch=x86_64: (28, ‘Connection timed out after 30001 milliseconds’)
One of the configured repositories failed (Unknown),
and yum doesn’t have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work “fix” this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=<repoid> ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable <repoid>
or
subscription-manager repos --disable=<repoid>
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
Cannot find a valid baseurl for repo: nethforge/7/x86_64
But it does not find non-package updates
Did you set it?
Yes.
yum clean all && rm -rf /var/cache/yum && yum -y update
Loaded plugins: changelog, fastestmirror, nethserver_events
Cleaning repos: base centos-sclo-rh centos-sclo-sclo collaboraoffice.com_repos_CollaboraOnline_CODE-centos7 epel extras
: nethforge nethserver-base nethserver-updates remi-php56 remi-safe updates veeam
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
Loaded plugins: changelog, fastestmirror, nethserver_events
Determining fastest mirrors
epel/x86_64/metalink | 13 kB 00:00:00
- base: mirror.corbina.net
- epel: ftp.colocall.net
- extras: mirror.reconn.ru
- nethforge: mirror.alpix.eu
- remi-php56: mirror.reconn.ru
- remi-safe: mirror.reconn.ru
- updates: mirror.reconn.ru
base | 3.6 kB 00:00:00
centos-sclo-rh | 3.0 kB 00:00:00
centos-sclo-sclo | 2.9 kB 00:00:00
collaboraoffice.com_repos_CollaboraOnline_CODE-centos7 | 2.9 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 3.4 kB 00:00:00
nethforge | 4.1 kB 00:00:00
http://docs.readthedocs.org/en/latest/canonical.html/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
Trying other mirror.
To address this issue please refer to the below wiki article
https://wiki.centos.org/yum-errors
If above article doesn’t help to resolve this issue please use https://bugs.centos.org/.
One of the configured repositories failed (NethServer-7 - Base),
and yum doesn’t have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work “fix” this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=nethserver-base ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable nethserver-base
or
subscription-manager repos --disable=nethserver-base
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=nethserver-base.skip_if_unavailable=true
failure: repodata/repomd.xml from nethserver-base: [Errno 256] No more mirrors to try.
http://docs.readthedocs.org/en/latest/canonical.html/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
Maybe some repositories IP are in Russian block list too?
ping mirrorlist.nethserver.org
PING mirrorlist.nethserver.org (46.101.114.111) 56(84) bytes of data.
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=1 ttl=57 time=47.3 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=2 ttl=57 time=49.3 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=3 ttl=57 time=46.8 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=4 ttl=57 time=49.5 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=5 ttl=57 time=47.8 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=6 ttl=57 time=47.6 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=7 ttl=57 time=52.3 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=8 ttl=57 time=46.4 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=9 ttl=57 time=47.5 ms
64 bytes from mirrorlist.nethserver.org (46.101.114.111): icmp_seq=10 ttl=57 time=49.5 ms
^C
ping packages.nethserver.org
PING packages.nethserver.org (159.89.233.254) 56(84) bytes of data.
^C
— packages.nethserver.org ping statistics —
7 packets transmitted, 0 received, 100% packet loss, time 5999ms
In the inside network http://packages.nethserver.org/ open, the server is not pingback
Do you use your NethServer as DNS server on your local network?
And if so, is it listed as first or second DNS server? (I remember a glitch in NethSevrer DNS settings that the secondary listed DNS server was used prior to the 1st DNS server listed… see Nethserver DNS primary and secondary server entries have mixed priorities in dnsmasq?
It looks like the DNS setting is not (yet) propagated to your clients.
Yes use
Primary DNS 77.88.8.8
Inside the network everything open, from the NS open not go!!!
ping packages.nethserver.org
PING packages.nethserver.org (159.89.233.254) 56(84) bytes of data.
^C
— packages.nethserver.org ping statistics —
17 packets transmitted, 0 received, 100% packet loss, time 15999ms
It seems that IP of packages.nethserver.org is the same as mirrorlist.nethserver.org
@davidep: can you confirm that this should work?:
* go to DNS page and set an override for packages.nethserver.org pointing to 46.101.114.111 too
No, it can’t work. I think @kelevra must comment out mirrorlist= lines in *.repo files and configure the corresponding baseurl= to reachable mirrors.
Do not prompt, what I need to adjust the mirror?
It’s amazing that the mirrors were working yesterday before the update and suddenly blocked after the update. As we have seen, the IPS does not block the server. Therefore it is not in the lock, then locks himself NethServer.