Closed
Bug 655794
Opened 13 years ago
Closed 13 years ago
Can't connect to build.mozilla.org from the Toronto office (also, and much less importantly, can't connect to build.mozilla.org when VPNed in to MV office VPN)
Categories
(Infrastructure & Operations :: RelOps: General, task)
Infrastructure & Operations
RelOps: General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dbaron, Assigned: zandr)
References
Details
Bug 626122 regressed recently -- sometime in the past few days, I think. I'm filing this as a clone of that bug instead of reopening since I suspect you'd prefer it that way. +++ This bug was initially created as a clone of Bug #626122 +++ When I connect to the mountain view office VPN from home (with the "Use this connection only for resources on its network" option in my VPN configuration), I'm unable to connect to http://build.mozilla.org/ . Being unable to connect to build.mozilla.org means that http://tbpl.mozilla.org/ won't load. I've heard reports of the same thing (can't load TBPL over office VPN) from other people. When I connect to the office VPN, the DNS result I get for build.mozilla.org changes from what I get when unconnected: $ host build.mozilla.org build.mozilla.org is an alias for dm-wwwbuild01.mozilla.org. dm-wwwbuild01.mozilla.org has address 63.245.208.186 to what I get when I'm inside the office: $ host build.mozilla.org build.mozilla.org has address 10.2.74.128 build.mozilla.org mail is handled by 10 dm-mail01.mozilla.org. build.mozilla.org mail is handled by 10 dm-mail02.mozilla.org. However, when I "Use this connection only for resources on its network", 10.2.74.128 isn't considered a resource on the network at the other end of the VPN, so I can't connect. (If I uncheck "Use this connection only for resources on its network" and send *all* my traffic through the VPN, then it works, but I'd rather not have to do that...)
Comment 1•13 years ago
|
||
Amy has been doing much DNS juggling to get things clean. This also sounds like a tie in with bug 604688. In the mean time I suggest you implement your work around. Assigning to the correct group.
Assignee: network-operations → server-ops-releng
Group: infra
Component: Server Operations: Netops → Server Operations: RelEng
QA Contact: mrz → zandr
Comment 2•13 years ago
|
||
I think Ravi is correct in that the problem here is the coupling of the hostname and the service. Adding dependency.
Group: infra
Depends on: 604688
Assignee | ||
Comment 5•13 years ago
|
||
Taking this one, will need netops involvement.
Assignee: server-ops-releng → zandr
Status: NEW → ASSIGNED
Comment 6•13 years ago
|
||
Any ETA on the fix, please?
Comment 7•13 years ago
|
||
No ETA. Is the work around not working for you?
Comment 8•13 years ago
|
||
I have no idea how to use this workaround. Would you please advise?
Updated•13 years ago
|
Summary: can't connect to build.mozilla.org when VPNed in to MV office VPN → Can't connect to build.mozilla.org from the Toronto office (also, and much less importantly, can't connect to build.mozilla.org when VPNed in to MV office VPN)
Comment 9•13 years ago
|
||
Again, to make things more clear, this is blocking our work from the office. I'm considering working from home tomorrow if this is not fixed by then.
Assignee | ||
Comment 10•13 years ago
|
||
We've traced this to a failure in the VPN tunnel between Toronto and Mountain View. The Toronto office should now be working. We are now looking in to the VPN route issue that dbaron reported, which we believe to be entirely separate.
Assignee | ||
Comment 11•13 years ago
|
||
The route has been restored on the VPN concentrator.
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 12•13 years ago
|
||
The workaround doesn't apply to the Toronto office, because the people there can't disable the VPN.
Comment 13•13 years ago
|
||
Gah, sorry - didn't read all my bugmail before replying - ignore my comment!
Updated•11 years ago
|
Component: Server Operations: RelEng → RelOps
Product: mozilla.org → Infrastructure & Operations
You need to log in
before you can comment on or make changes to this bug.
Description
•