InCommon DNS Issues?

Ullfig, Roberto Alfredo rullfig at uic.edu
Thu Apr 21 16:19:49 UTC 2022 

Thanks for that info. I'll try that on a development server. Is it possible that the IDP's error message is not correct and it's actually a download timeout, not a DNS error?

---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
________________________________
From: users <users-bounces at shibboleth.net> on behalf of Donald Lohr via users <users at shibboleth.net>
Sent: Thursday, April 21, 2022 10:48 AM
To: users at shibboleth.net <users at shibboleth.net>
Cc: Donald Lohr <lohrda at jmu.edu>
Subject: Re: InCommon DNS Issues?

This would not have any thing to do with still using the old legacy metadata mechanism to get the whole metadata aggregate file would it:

<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmd.incommon.org%2FInCommon%2FInCommon-metadata.xml&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=SJMjbooYGBLVrx0obufrTs13VLo0%2FTAvcPryvNntCmM%3D&reserved=0>http://md.incommon.org/InCommon/InCommon-metadata.xml<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmd.incommon.org%2FInCommon%2FInCommon-metadata.xml&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=SJMjbooYGBLVrx0obufrTs13VLo0%2FTAvcPryvNntCmM%3D&reserved=0>

...in lieu of using their new MDQ metadata method (https://spaces.at.internet2.edu/display/MDQ/migrate-to-mdq<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fspaces.at.internet2.edu%2Fdisplay%2FMDQ%2Fmigrate-to-mdq&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=XVTPIYMKZU%2F4CsTY2dkvkvrTRi3LmV5V%2BIZA7Oj8rqY%3D&reserved=0>)? With the new MDQ approach, to pull the full metadata aggregate, the url is this:

metadataURL="https://mdq.incommon.org/entities"<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmdq.incommon.org%2Fentities&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=tT3E%2BdC4fBtSlvcXt7jjUGiUTsnNG9AsVM%2BB%2FaNmNqc%3D&reserved=0>

To manually command-line test both try from a Linux computer:

curl http://md.incommon.org/InCommon/InCommon-metadata.xml<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmd.incommon.org%2FInCommon%2FInCommon-metadata.xml&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=SJMjbooYGBLVrx0obufrTs13VLo0%2FTAvcPryvNntCmM%3D&reserved=0>
curl https://mdq.incommon.org/entities<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmdq.incommon.org%2Fentities&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=tT3E%2BdC4fBtSlvcXt7jjUGiUTsnNG9AsVM%2BB%2FaNmNqc%3D&reserved=0>

Don

On 4/20/22 5:17 PM, Ullfig, Roberto Alfredo via users wrote:
CAUTION: This email originated from outside of JMU. Do not click links or open attachments unless you recognize the sender and know the content is safe.
________________________________
Seeing these errors in our IDP logs:

Metadata Resolver FileBackedHTTPMetadataResolver InCommon: Error retrieving metadata from http://md.incommon.org/InCommon/InCommon-metadata.xml<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmd.incommon.org%2FInCommon%2FInCommon-metadata.xml&data=05%7C01%7Crullfig%40uic.edu%7C466f452de889427911cd08da23ae6f44%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637861529353890617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=SJMjbooYGBLVrx0obufrTs13VLo0%2FTAvcPryvNntCmM%3D&reserved=0>: md.incommon.org: No address associated with hostname

22 such events this month on one server. Anyone else see this?

---
Roberto Ullfig - rullfig at uic.edu<mailto:rullfig at uic.edu>
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago




--
D o n a l d   L o h r
I n f o r m a t i o n   S y s t e m s
J a m e s   M a d i s o n   U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220421/c17601a7/attachment.htm>

More information about the users mailing list