from our servers in Heidelberg University I cannot reach ccdb-test.cern.ch. If I want to do a simulation I get an error like [1876315:TPCDigitizer_12]: [09:56:54][ERROR] Curl request to http://ccdb-test.cern.ch:8080/ZDC/Align/1628754880976/ failed
Also ping ccdb-test.cern.ch yields only packet loss:
On the other hand connecting to lxplus from the servers works fine.
From home I have no issues when connecting to the ccdb, so the issue is probably on the university network side. Do you have an idea how I could investigate this further or should I ask at the university? Has anyone observed similar issues?
Cheers,
Ole
I just got a reply from the university saying that only CERN can test why 147.142.[16-19].* IP4 cannot get a connection to ccdb-test.cern.ch. Should I ask CERN IT? Or @grigoras do you have an idea what might be the issue?
Hi,
I just want to confirm that ccdb-test is accessible worldwide.
Perhaps @grigoras knows why it is not working from your university, otherwise, indeed, CERN IT should be involved.
Best regards
ICMPv6 is not blocked as is integral part of IPv6, but ICMPv4 is blocked for security reasons
at least from my side i can confirm that ccdb-test.cern.ch works for both ipv4 and ipv6, so maybe is a local problem? moreover if the connection is successful and this command works than everything is ok:
curl -s -X GET http://ccdb-test.cern.ch:8080/browse/ZDC/Align/
ID: 8bf68480-c462-11eb-90cb-2a010e0a09fb
Path: ZDC/Align
Validity: 0 - 1654257309820 (Thu Jan 01 00:00:00 UTC 1970 - Fri Jun 03 11:55:09 UTC 2022)
Initial validity limit: 1654257309820 (Fri Jun 03 11:55:09 UTC 2022)
Created: 1622721309896 (Thu Jun 03 11:55:09 UTC 2021)
Last modified: 1628763628765 (Thu Aug 12 10:20:28 UTC 2021)
Original file: vector<o2::detectors::AlignParam>_1622721309820.root, size: 1024, md5: 5bc64e8b12e3611f35e81bed31ba690c, content type: application/octet-stream
Uploaded from: 2a01:e0a:9fb:c380:6a0:cc0c:cd24:6329
Metadata:
ObjectType = vector<o2::detectors::AlignParam>
comment = Empty alignment object for ZDC
partName = send
ID: 662cc020-c462-11eb-90cb-2a010e0a09fb
Path: ZDC/Align
Validity: 0 - 1654257246421 (Thu Jan 01 00:00:00 UTC 1970 - Fri Jun 03 11:54:06 UTC 2022)
Initial validity limit: 1654257246421 (Fri Jun 03 11:54:06 UTC 2022)
Created: 1622721246498 (Thu Jun 03 11:54:06 UTC 2021)
Last modified: 1628763628765 (Thu Aug 12 10:20:28 UTC 2021)
Original file: vector<o2::detectors::AlignParam>_1622721246421.root, size: 1024, md5: 3dde052cdce1226344056164e7bdc550, content type: application/octet-stream
Uploaded from: 2a01:e0a:9fb:c380:6a0:cc0c:cd24:6329
Metadata:
ObjectType = vector<o2::detectors::AlignParam>
comment = Empty alignment object for ZDC
partName = send
ID: 362a40f0-c462-11eb-90cb-2a010e0a09fb
Path: ZDC/Align
Validity: 0 - 1654257165875 (Thu Jan 01 00:00:00 UTC 1970 - Fri Jun 03 11:52:45 UTC 2022)
Initial validity limit: 1654257165875 (Fri Jun 03 11:52:45 UTC 2022)
Created: 1622721165951 (Thu Jun 03 11:52:45 UTC 2021)
Last modified: 1628763628765 (Thu Aug 12 10:20:28 UTC 2021)
Original file: vector<o2::detectors::AlignParam>_1622721165875.root, size: 1024, md5: 1287dde245f3195db3ffc03f0dd9e94e, content type: application/octet-stream
Uploaded from: 2a01:e0a:9fb:c380:6a0:cc0c:cd24:6329
Metadata:
ObjectType = vector<o2::detectors::AlignParam>
comment = Empty alignment object for ZDC
partName = send
Subfolders:
ZDC/Align/Data
Can you reach http://alice-ccdb.cern.ch/browse/ ? It’s on the same machine, different port number. Ports 80 and 8080 have the same firewall policy at CERN, if port 8080 is blocked by the university then you have to ask the local admins to allow it. From the CERN side there is no particular constraint imposed on the origin of the requests, they should be accessible worldwide indeed.
Hi @grigoras@asevcenc and @bvonhall
thanks a lot for your answers. I have no idea why, but now the simulation works again and I get a connection to the CCDB from the university servers. Although nothing was changed. I had this issue since yesterday afternoon and tried many times. Now it just vanished.
Indeed ping ccdb-test.cern.ch still does not work on the servers, which makes considering Adrian’s answer and that ipv4 is used.
Cheers,
Ole
As background, CERN filters ICMP on IPv4 at the border, thus ping does not work to any machine from outside. But IPv6 doesn’t work without ICMP, so ping -6 should work (if your university / provider supplies an IPv6 address to you and routes it correctly). While that might help sorting out some basic network problems, whether or not you can reach TCP/8080 on the same machine is a different (usually firewall-related) question.
