Hi--
On Sep 13, 2011, at 12:49 PM, Bryan Burke wrote:
>> - Which always seems to be the first one checked
>
> Actual issue. Perhaps DNS caching is a factor? If freshclam checks often
> enough, then
> perhaps the cache entry never dies, and you get the same order every time?
Running "dig db.us.clamav.net" a few times shows that the nameserver responses
are rotating the resource records; and even if it didn't, well-behaved resolver
clients ought to rotate through multiple valid IPs returned by
gethostbyname()/getaddrinfo() for a hostname anyway.
>> - And has never successfully connected for over two weeks
>
> Other than an announcement to the list that there may be problems with one of
> the mirrors,
> this seems to be an issue primarily between those users who encountered said
> error (and
> caused them distress) and the mirror admins, not the whole list. However,
> maybe I'm wrong
> and many readers of the list appreciate seeing the back-and-forth.
>
> P.S. - My goal is to try to limit the scope of this thread a little more, so
> it stays
> focused and relevant. As a side-line user on this list, I feel it had long
> since gotten
> out-of-hand.
I admire your goal of focussing on the problem, which I why I'll reply to this
rather than other emails. :-)
This being said, there is definitely a recurring issue with this particular
mirror. Since Aug 22, I've seen:
% grep "Can't connect to port 80 of host database.clamav.net (IP:
88.198.67.125)" /var/log/freshclam.log | wc -l
27
...with zero successful connections to that IP. The connectivity failure is
entirely reproducible by hand:
% telnet 88.198.67.125 80
Trying 88.198.67.125...
telnet: connect to address 88.198.67.125: Connection refused
telnet: Unable to connect to remote host
I don't consider this to be a significant problem since other mirrors are up,
but it's not a matter of bandwidth or connectivity on my side. As it happens,
I'm testing from Cupertino, CA via Apple's 17.0.0.0/8 network, and from a
Time-Warner cable link from NYC, NY on 24.103.0.0/16.
However, as a workaround it should be possible for folks to manually set
DatabaseMirror in freshclam.conf to specific IPs from db.us.clamav.net, or
perhaps switch to using db.ca.clamav.net, db.mx.clamav.net, or similar.
Regards,
--
-Chuck
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
