apt-get update timing out

Peter Silva peter at bsqt.homeip.net
Sat Nov 20 13:57:19 UTC 2021 

another datum... archive.canonical.com has an ipv6 and ipv4 records...
where us and ca.archive.canonical.com has only (the same!) ipv4 address.
while playing around we noticed sometimes it was like  the container was
trying to use ipv6, and we are on a ipv4 only network.  but that wasn't the
whole story...



On Sat, Nov 20, 2021 at 8:51 AM Peter Silva <peter at bsqt.homeip.net> wrote:

> This is probably not your problem, but fwiw:
>
> On a corporate network with some firewalls and such, We ran into this
> recently in docker containers... The main linux host can access the
> repositories just fine, and the docker networking looks completely normal,
> even the DNS resolves fine, but it fails to connect to
> archive.canonical.com.  no repositories, means we can't install anything,
> so we can't diagnose what is going on, because the image is just base
> ubuntu (that one is supposed to add packages to.)
> Here is a sample Dockerfile:
>
> FROM ubuntu:focal
> RUN apt-get update && apt-get upgrade && sleep infinity
>
> That's it, it gives the same could not connect to archive.ubuntu.com:80
> (but gets to security.canonical.com just fine...)
> This is on an ubuntu bionic real host.  We're in Canada, and a work-around
> was discovered:
>
> FROM ubuntu:bionic
> RUN sed -i 's/archive/ca.archive/g' /etc/apt/sources.list && apt-get
> update && apt-get upgrade
>
> explicitly putting the canadian archive in there fixes the problem.  The
> cause seems to be some security
> device on the corporate gateway, because when I do it outside our
> corporate network, it works fine.
> Then I noticed that the enclosing host goes to us.archive.canonical.com
> and not archive.com ... so it seems
> messed up on our corporate network. but... Can anyone explain the reason
> why this would fail?
> I don't understand the mechanism.
>
> Thanks.
>
>
>
> On Sat, Nov 20, 2021 at 8:30 AM Colin Law <clanlaw at gmail.com> wrote:
>
>> On Sat, 20 Nov 2021 at 13:06, Noah <noah-list at enabled.com> wrote:
>> >
>> >
>> > Hi,
>> >
>> > It'd be wonderful to get a better understanding of a good solution
>> please.
>> >
>> > Apt-get update timing out.  Are the archive hosts blocking port 80?
>> >
>> > sudo apt-get update
>> > Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
>> >    Could not connect to archive.ubuntu.com:80 (91.189.88.152),
>>
>> Is this a permanent or intermittent problem?
>>
>> What do you see in a browser if you browse to
>> http://archive.ubuntu.com/ubuntu on the failing machine.  Have you got
>> multiple machines at your site?  If so are you seeing that on all of
>> them?
>>
>> What do you see if you ping archive.ubuntu.com?
>>
>> Where in the world are you?  There may be a better mirror you could use.
>>
>> Colin
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20211120/3752ce9c/attachment.html>

More information about the ubuntu-users mailing list