"no route to host" from pkg_add

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

"no route to host" from pkg_add

Benjamin Walkenhorst
Hello everyone,

I recently installed OpenBSD 6.3 in a VPS.

In the last few days, I get an error message when running pkg_add, "no route to host".
I have tried setting various hosts in /etc/installurl, but the problem remains.

When I run pkg_add, this is the output I get I get:
[20:02|root@myhost:~]# pkg_add nmap
https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/: ftp: connect: No route to host
https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp: connect: No route to host
https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
Can't find nmap

When I try to ping the host specified in /etc/installurl or call traceroute, everything seems to work as expected.

I checked the output of /usr/bin/env to make sure there is no proxy configured
    (I copied that .zshrc around quite a bit), but as far as I can tell, there are no proxies set up anywhere in
     the environment (i.e. the output of "env | grep -i proxy" is empty).

I have two systems (one laptop and one VM) running OpenBSD 6.3 on my home network, and they work fine, so I
am fairly certain the problem is with the configuration of the VPS.

What am I missing?

Thank you very much for any suggestions,
Benjamin


Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

traveller
After OpenBSD, one too many “/“
On Aug 7, 2018, 11:16 AM -0700, Benjamin Walkenhorst <[hidden email]>, wrote:

> Hello everyone,
>
> I recently installed OpenBSD 6.3 in a VPS.
>
> In the last few days, I get an error message when running pkg_add, "no route to host".
> I have tried setting various hosts in /etc/installurl, but the problem remains.
>
> When I run pkg_add, this is the output I get I get:
> [20:02|root@myhost:~]# pkg_add nmap
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/: ftp: connect: No route to host
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp: connect: No route to host
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
> Can't find nmap
>
> When I try to ping the host specified in /etc/installurl or call traceroute, everything seems to work as expected.
>
> I checked the output of /usr/bin/env to make sure there is no proxy configured
> (I copied that .zshrc around quite a bit), but as far as I can tell, there are no proxies set up anywhere in
> the environment (i.e. the output of "env | grep -i proxy" is empty).
>
> I have two systems (one laptop and one VM) running OpenBSD 6.3 on my home network, and they work fine, so I
> am fairly certain the problem is with the configuration of the VPS.
>
> What am I missing?
>
> Thank you very much for any suggestions,
> Benjamin
Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Vadim Zhukov
In reply to this post by Benjamin Walkenhorst
вт, 7 авг. 2018 г., 21:16 Benjamin Walkenhorst <
[hidden email]>:

> Hello everyone,
>
> I recently installed OpenBSD 6.3 in a VPS.
>
> In the last few days, I get an error message when running pkg_add, "no
> route to host".
> I have tried setting various hosts in /etc/installurl, but the problem
> remains.
>
> When I run pkg_add, this is the output I get I get:
> [20:02|root@myhost:~]# pkg_add nmap
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/:
> ftp: connect: No route to host
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp:
> connect: No route to host
> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
> Can't find nmap
>
> When I try to ping the host specified in /etc/installurl or call
> traceroute, everything seems to work as expected.
>
> I checked the output of /usr/bin/env to make sure there is no proxy
> configured
>     (I copied that .zshrc around quite a bit), but as far as I can tell,
> there are no proxies set up anywhere in
>      the environment (i.e. the output of "env | grep -i proxy" is empty).
>
> I have two systems (one laptop and one VM) running OpenBSD 6.3 on my home
> network, and they work fine, so I
> am fairly certain the problem is with the configuration of the VPS.
>
> What am I missing?
>
> Thank you very much for any suggestions,
> Benjamin
>

Most likely, you didn't allow outgoing connections for _pkgfetch user in
pf.conf.
Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Edgar Pettijohn III-2
In reply to this post by traveller


On 08/07/18 13:18, traveller wrote:
> After OpenBSD, one too many “/“

I concur.

cat /etc/installurl

https://fastly.cdn.openbsd.org/pub/OpenBSD

You probably did the ole copy/paste from somewhere and got a trailing '/'.

> On Aug 7, 2018, 11:16 AM -0700, Benjamin Walkenhorst <[hidden email]>, wrote:
>> Hello everyone,
>>
>> I recently installed OpenBSD 6.3 in a VPS.
>>
>> In the last few days, I get an error message when running pkg_add, "no route to host".
>> I have tried setting various hosts in /etc/installurl, but the problem remains.
>>
>> When I run pkg_add, this is the output I get I get:
>> [20:02|root@myhost:~]# pkg_add nmap
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/: ftp: connect: No route to host
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp: connect: No route to host
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
>> Can't find nmap
>>
>> When I try to ping the host specified in /etc/installurl or call traceroute, everything seems to work as expected.
>>
>> I checked the output of /usr/bin/env to make sure there is no proxy configured
>> (I copied that .zshrc around quite a bit), but as far as I can tell, there are no proxies set up anywhere in
>> the environment (i.e. the output of "env | grep -i proxy" is empty).
>>
>> I have two systems (one laptop and one VM) running OpenBSD 6.3 on my home network, and they work fine, so I
>> am fairly certain the problem is with the configuration of the VPS.
>>
>> What am I missing?
>>
>> Thank you very much for any suggestions,
>> Benjamin

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Stuart Henderson
In reply to this post by traveller
On 2018-08-07, traveller <[hidden email]> wrote:
> After OpenBSD, one too many “/“

That won't cause this.



> On Aug 7, 2018, 11:16 AM -0700, Benjamin Walkenhorst <[hidden email]>, wrote:
>> Hello everyone,
>>
>> I recently installed OpenBSD 6.3 in a VPS.
>>
>> In the last few days, I get an error message when running pkg_add, "no route to host".
>> I have tried setting various hosts in /etc/installurl, but the problem remains.
>>
>> When I run pkg_add, this is the output I get I get:
>> [20:02|root@myhost:~]# pkg_add nmap
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/: ftp: connect: No route to host
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp: connect: No route to host
>> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
>> Can't find nmap
>>
>> When I try to ping the host specified in /etc/installurl or call traceroute, everything seems to work as expected.

How about "ftp -o- https://fastly.cdn.openbsd.org/pub/OpenBSD/",
does that fail too?


Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Henry Bonath
Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
missing its gateway)
If the IPv6 gateway is bad/missing you'll get that "no route to host"
message.

On Fri, Aug 10, 2018 at 4:31 PM, Stuart Henderson <[hidden email]>
wrote:

> On 2018-08-07, traveller <[hidden email]> wrote:
> > After OpenBSD, one too many “/“
>
> That won't cause this.
>
>
>
> > On Aug 7, 2018, 11:16 AM -0700, Benjamin Walkenhorst <
> [hidden email]>, wrote:
> >> Hello everyone,
> >>
> >> I recently installed OpenBSD 6.3 in a VPS.
> >>
> >> In the last few days, I get an error message when running pkg_add, "no
> route to host".
> >> I have tried setting various hosts in /etc/installurl, but the problem
> remains.
> >>
> >> When I run pkg_add, this is the output I get I get:
> >> [20:02|root@myhost:~]# pkg_add nmap
> >> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages-stable/amd64/:
> ftp: connect: No route to host
> >> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: ftp:
> connect: No route to host
> >> https://fastly.cdn.openbsd.org/pub/OpenBSD//6.3/packages/amd64/: empty
> >> Can't find nmap
> >>
> >> When I try to ping the host specified in /etc/installurl or call
> traceroute, everything seems to work as expected.
>
> How about "ftp -o- https://fastly.cdn.openbsd.org/pub/OpenBSD/",
> does that fail too?
>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Walt
On August 10, 2018 3:57 PM, Henry Bonath [hidden email] wrote:

> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
> missing its gateway)
> If the IPv6 gateway is bad/missing you'll get that "no route to host"
> message.

I've encountered that issue before, but it isn't that big a problem with me. As an ISP, the /56 we have been allocated is too small to be very useful so I'm holding back on working on it much until such time as we get at least a /48 if not a /40.  I'd like to be able to assign each customer a /56 but would settle for a /60 for each.  With a /60, I could only handle sixteen customers.  We have a number of customers for whom a /64 wouldn't cut it at all.

I never have figured out the proper way to configure rtadvd.conf. In particular, there is an addr and an rtprefix.

addr is, according to the man page, "The address filled into Prefix field" while rtprefix is " The prefix filled into the Prefix field of route information option". And then there are the proper prefix lengths -- do I use 64 or 56? It seems like prefixlen must be 64, but rtplen doesn't seem to make much difference.

And then there is the kea side for prefix delegations.

Since I can just put the IPv6 gateway into /etc/mygate, it's not a problem from the OpenBSD machines and it will never be a big issue if I can't get a properly sized allocation of addresses from AT&T.

Walt


Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Daniel Ouellet
Hi,

I am not sure you got that right.

If you are an ISP the minimum assignment is /32 and you assigned /48 to
end company and /56 to users.

If you asked me that's a wasted, but that's what they suggest.

For end users, a /64 would be plenty if you asked me and /56 for company
would be plenty as well.

But if you truly follow their policy, then well may be will run out
there too like in IPv4 when it really start to be assigned, but anyway
that's for a different discussion.

Anyway see ARIN policy for it:

https://www.arin.net/vault/policy/archive/ipv6_policy.html

If you are not under ARIN, but RIPE, APNIC, AfriNIC, Lacnic, etc.

They have similar policy.

I would encourage you to check that if your problem is really that you
got to small assignment.

Unless your a very small ISP that got his assignment from your transit
provider oppose to your own and get your own AS number, you will have
plenty to work with.

I really do not know of ANY ISP that get /56 for real.

I got my assignment in 2003 and the policy still haven't changed.

Hope this help you some.

Daniel.


On 8/10/18 9:12 PM, Walt wrote:

> On August 10, 2018 3:57 PM, Henry Bonath [hidden email] wrote:
>
>> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
>> missing its gateway)
>> If the IPv6 gateway is bad/missing you'll get that "no route to host"
>> message.
>
> I've encountered that issue before, but it isn't that big a problem with me. As an ISP, the /56 we have been allocated is too small to be very useful so I'm holding back on working on it much until such time as we get at least a /48 if not a /40.  I'd like to be able to assign each customer a /56 but would settle for a /60 for each.  With a /60, I could only handle sixteen customers.  We have a number of customers for whom a /64 wouldn't cut it at all.
>
> I never have figured out the proper way to configure rtadvd.conf. In particular, there is an addr and an rtprefix.
>
> addr is, according to the man page, "The address filled into Prefix field" while rtprefix is " The prefix filled into the Prefix field of route information option". And then there are the proper prefix lengths -- do I use 64 or 56? It seems like prefixlen must be 64, but rtplen doesn't seem to make much difference.
>
> And then there is the kea side for prefix delegations.
>
> Since I can just put the IPv6 gateway into /etc/mygate, it's not a problem from the OpenBSD machines and it will never be a big issue if I can't get a properly sized allocation of addresses from AT&T.
>
> Walt
>
>

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Daniel Ouellet


On 8/10/18 10:38 PM, Daniel Ouellet wrote:

> Hi,
>
> I am not sure you got that right.
>
> If you are an ISP the minimum assignment is /32 and you assigned /48 to
> end company and /56 to users.
>
> If you asked me that's a wasted, but that's what they suggest.
>
> For end users, a /64 would be plenty if you asked me and /56 for company
> would be plenty as well.
>
> But if you truly follow their policy, then well may be will run out
> there too like in IPv4 when it really start to be assigned, but anyway
> that's for a different discussion.
>
> Anyway see ARIN policy for it:
>
> https://www.arin.net/vault/policy/archive/ipv6_policy.html
>
> If you are not under ARIN, but RIPE, APNIC, AfriNIC, Lacnic, etc.
>
> They have similar policy.
>
> I would encourage you to check that if your problem is really that you
> got to small assignment.
>
> Unless your a very small ISP that got his assignment from your transit
> provider oppose to your own and get your own AS number, you will have
> plenty to work with.
>
> I really do not know of ANY ISP that get /56 for real.
>
> I got my assignment in 2003 and the policy still haven't changed.
>
> Hope this help you some.
>
> Daniel.
>
>
> On 8/10/18 9:12 PM, Walt wrote:
>> On August 10, 2018 3:57 PM, Henry Bonath [hidden email] wrote:
>>
>>> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
>>> missing its gateway)
>>> If the IPv6 gateway is bad/missing you'll get that "no route to host"
>>> message.
>>
>> I've encountered that issue before, but it isn't that big a problem with me. As an ISP, the /56 we have been allocated is too small to be very useful so I'm holding back on working on it much until such time as we get at least a /48 if not a /40.  I'd like to be able to assign each customer a /56 but would settle for a /60 for each.  With a /60, I could only handle sixteen customers.  We have a number of customers for whom a /64 wouldn't cut it at all.
>>
>> I never have figured out the proper way to configure rtadvd.conf. In particular, there is an addr and an rtprefix.
>>
>> addr is, according to the man page, "The address filled into Prefix field" while rtprefix is " The prefix filled into the Prefix field of route information option". And then there are the proper prefix lengths -- do I use 64 or 56? It seems like prefixlen must be 64, but rtplen doesn't seem to make much difference.
>>
>> And then there is the kea side for prefix delegations.
>>
>> Since I can just put the IPv6 gateway into /etc/mygate, it's not a problem from the OpenBSD machines and it will never be a big issue if I can't get a properly sized allocation of addresses from AT&T.
>>
>> Walt
>>
>>

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Daniel Ouellet
In reply to this post by Daniel Ouellet
Sorry for the double posting.

But Just to add to the info, the RFC 3177 did specify assignment to
remote site even house being /48 and big site like /47

https://tools.ietf.org/html/rfc3177

Crazy.

The revise version of it RFC 6177 correct that crazy assignment and
specif that you should do /56.

https://tools.ietf.org/html/rfc6177

But that is still even crazy specially when you see users using NAT64 on
IPv6...

Anyway, back to my rock and I hope it help you address your assignment
anyway.

Daniel


On 8/10/18 10:38 PM, Daniel Ouellet wrote:

> Hi,
>
> I am not sure you got that right.
>
> If you are an ISP the minimum assignment is /32 and you assigned /48 to
> end company and /56 to users.
>
> If you asked me that's a wasted, but that's what they suggest.
>
> For end users, a /64 would be plenty if you asked me and /56 for company
> would be plenty as well.
>
> But if you truly follow their policy, then well may be will run out
> there too like in IPv4 when it really start to be assigned, but anyway
> that's for a different discussion.
>
> Anyway see ARIN policy for it:
>
> https://www.arin.net/vault/policy/archive/ipv6_policy.html
>
> If you are not under ARIN, but RIPE, APNIC, AfriNIC, Lacnic, etc.
>
> They have similar policy.
>
> I would encourage you to check that if your problem is really that you
> got to small assignment.
>
> Unless your a very small ISP that got his assignment from your transit
> provider oppose to your own and get your own AS number, you will have
> plenty to work with.
>
> I really do not know of ANY ISP that get /56 for real.
>
> I got my assignment in 2003 and the policy still haven't changed.
>
> Hope this help you some.
>
> Daniel.
>
>
> On 8/10/18 9:12 PM, Walt wrote:
>> On August 10, 2018 3:57 PM, Henry Bonath [hidden email] wrote:
>>
>>> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
>>> missing its gateway)
>>> If the IPv6 gateway is bad/missing you'll get that "no route to host"
>>> message.
>>
>> I've encountered that issue before, but it isn't that big a problem with me. As an ISP, the /56 we have been allocated is too small to be very useful so I'm holding back on working on it much until such time as we get at least a /48 if not a /40.  I'd like to be able to assign each customer a /56 but would settle for a /60 for each.  With a /60, I could only handle sixteen customers.  We have a number of customers for whom a /64 wouldn't cut it at all.
>>
>> I never have figured out the proper way to configure rtadvd.conf. In particular, there is an addr and an rtprefix.
>>
>> addr is, according to the man page, "The address filled into Prefix field" while rtprefix is " The prefix filled into the Prefix field of route information option". And then there are the proper prefix lengths -- do I use 64 or 56? It seems like prefixlen must be 64, but rtplen doesn't seem to make much difference.
>>
>> And then there is the kea side for prefix delegations.
>>
>> Since I can just put the IPv6 gateway into /etc/mygate, it's not a problem from the OpenBSD machines and it will never be a big issue if I can't get a properly sized allocation of addresses from AT&T.
>>
>> Walt
>>
>>
>

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Stuart Henderson
In reply to this post by Daniel Ouellet
On 2018-08-11, Daniel Ouellet <[hidden email]> wrote:

> Hi,
>
> I am not sure you got that right.
>
> If you are an ISP the minimum assignment is /32 and you assigned /48 to
> end company and /56 to users.
>
> If you asked me that's a wasted, but that's what they suggest.
>
> For end users, a /64 would be plenty if you asked me and /56 for company
> would be plenty as well.

Unless you ignore many of the standard things done in v6, a /64 is *one*
subnet. That's not enough for an end customer who wants to separate
their networks (for example their own private devices, maybe a DMZ, and
a guest network).

> But if you truly follow their policy, then well may be will run out
> there too like in IPv4 when it really start to be assigned, but anyway
> that's for a different discussion.

The total available address space for v6 is *BIG*!

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Stuart Henderson
In reply to this post by Walt
On 2018-08-11, Walt <[hidden email]> wrote:
> On August 10, 2018 3:57 PM, Henry Bonath [hidden email] wrote:
>
>> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
>> missing its gateway)
>> If the IPv6 gateway is bad/missing you'll get that "no route to host"
>> message.
>
> I've encountered that issue before, but it isn't that big a problem with me. As an ISP, the /56 we have been allocated is too small to be very useful so I'm holding back on working on it much until such time as we get at least a /48 if not a /40.  I'd like to be able to assign each customer a /56 but would settle for a /60 for each.  With a /60, I could only handle sixteen customers.  We have a number of customers for whom a /64 wouldn't cut it at all.

As an ISP you should have your own address space, not space from another
provider that you'll have to give back sometime. You would have more than
a /56 if done this way.

I'm not sure about the situation in other regions but over here it isn't
necessary to be an LIR (direct member of RIPE) for this, it can be done
through a sponsoring provider who requests the address space for you. If
you're not running BGP yet then it could be announced on your behalf
by a provider until you can do so yourself.

> I never have figured out the proper way to configure rtadvd.conf. In particular, there is an addr and an rtprefix.
>
> addr is, according to the man page, "The address filled into Prefix field" while rtprefix is " The prefix filled into the Prefix field of route information option". And then there are the proper prefix lengths -- do I use 64 or 56? It seems like prefixlen must be 64, but rtplen doesn't seem to make much difference.
>
> And then there is the kea side for prefix delegations.

If you're giving somebody a larger-than-/64 block you wouldn't do that
directly with router advertisements - use a smaller block for the "link
net" and route the larger block to them rather than have it directly
connected on an interface.

> Since I can just put the IPv6 gateway into /etc/mygate, it's not a problem from the OpenBSD machines and it will never be a big issue if I can't get a properly sized allocation of addresses from AT&T.

Reply | Threaded
Open this post in threaded view
|

Re: "no route to host" from pkg_add

Stuart Henderson
In reply to this post by Henry Bonath
On 2018-08-10, Henry Bonath <[hidden email]> wrote:
> Also could it be that you are using IPv6, not IPv4? (and your IPv6 is
> missing its gateway)
> If the IPv6 gateway is bad/missing you'll get that "no route to host"
> message.

This is for fastly.cdn.openbsd.org which is cnamed to
osff.map.fastly.net - the DNS servers that I see for this don't give a
v6 address. I hesitate to say that it would be the same everywhere but
it seems likely. Assuming this holds, pkg_add wouldn't be making an IPv6
connection.