Re: curl/timeout issue -- OFF TOPIC!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 25Sep2020 07:55, bruce <badouglas@xxxxxxxxx> wrote:
>Thanks for the reply. Never really used "strace" before, but it might
>be time to jump in.

Yay!

>A bit of background. I'm testing all of this on an older Centos 7
>instance. I created the instance/droplet so I can repeatedly test on a
>stable system. I have a "custom" image that Digital Image allows me to
>use to quickly reproduce a base test system.
>
>As a quick test I created a test centos 7 base droplet. It allows >>
>curl -L 'www.saddleback.edu' , to run with no issues. So my probs are
>self created.
>
>If you have a few mins, the following is the strace output. I'm not
>sure what I need/should be focusing on to get the 'aha!!' moment.
[...]
>clone(child_stack=0x7fad3a2d7eb0,
>flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID,
>parent_tidptr=0x7fad3a2d89d0, tls=0x7fad3a2d8700,
>child_tidptr=0x7fad3a2d89d0) = 4232

The above forks a thread, presumably curl wants to decouple the control 
stuff from things which might block.

>poll(NULL, 0, 4)                        = 0 (Timeout)
>socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
>setsockopt(3, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
>setsockopt(3, SOL_TCP, TCP_KEEPIDLE, [60], 4) = 0
>setsockopt(3, SOL_TCP, TCP_KEEPINTVL, [60], 4) = 0
>fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
>fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK)    = 0
>connect(3, {sa_family=AF_INET, sin_port=htons(443),
>sin_addr=inet_addr("209.129.85.100")}, 16) = -1 EINPROGRESS (Operation
>now in progress)

This kicks off a TCP connect() in nonblocking mode, courtesy of the 
fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) above it.

You should check if "209.129.85.100" is the correct IP address. And ping 
it. And see if it actually listens on port 443 (https), eg with telnet 
or nc or even nmap. It may be information to test both within your test 
environment and from outside, for comparison.

It is also making a direct HTTPS connection, not via a proxy.

>poll([{fd=3, events=POLLOUT|POLLWRNORM}], 1, 0) = 0 (Timeout)
>poll([{fd=3, events=POLLOUT}], 1, 1000) = 0 (Timeout)

Here we see curl checking on the status of the connect() operation, 
polling it once a second... The timeout is just the poll rate timeout at 
1000ms, not the connect() timeout.

Lots of that, then:

>poll([{fd=3, events=POLLOUT}], 1, 1000) = 1 ([{fd=3, revents=POLLOUT|POLLERR|POLLHUP}])
>poll([{fd=3, events=POLLOUT|POLLWRNORM}], 1, 0) = 1 ([{fd=3, revents=POLLOUT|POLLWRNORM|POLLERR|POLLHUP}])
>getsockopt(3, SOL_SOCKET, SO_ERROR, [110], [4]) = 0

Here the poll returns with some revents values instead of a poll 
timeout. You can find the meaning of these values in "man 2 poll", which 
documents the poll() system call. From the man page:

   POLLOUT
      Writing is now possible, though a write larger that  the
      avail‐ able  space  in a socket or pipe will still block
      (unless O_NONBLOCK is set).
   POLLERR
      Error  condition  (only returned in revents; ignored in
      events).  This bit is also set for a  file  descriptor
      referring  to  the write end of a pipe when the read end has
      been closed.
   POLLHUP
      Hang  up  (only  returned  in revents; ignored in events).
      Note that when reading from a channel such as  a  pipe  or a
      stream socket, this event merely indicates that the peer
      closed its end of the channel.  Subsequent reads from the
      channel will return 0 (end of file) only after all outstanding
      data in the channel has been consumed.

So: an error (not curl getting bored), hang up ("this event merely 
indicates that the peer closed its end of the channel"), output now 
possible (in this case this means output will not block, because the 
connection timed out - actual output would result in an immediate 
error).

And all the following guff is curl printing the error message.

So it looks like a legitimate OS level TCP connect timeout (because poll 
returns with the error, it isn;'t some artificial limit inside curl).

So check the IP address against your target hostname (eg "host 
your-target-hostname"), and check that you can connect to that IP on 
port 443. Suspect host not listening _or_ firewall dropping 443 
connections.

Also, if you want to _measure_ how long things took to time out, 
strace's "-r" and "-t" options will include timing information in the 
output.

Cheers,
Cameron Simpson <cs@xxxxxxxxxx>
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux