Hi! I’m new here and hope to get some help.
For at least 5 hours today I can’t connect to https://chaos.social/ (the Mastodon server I’m on). Firefox gives me:
Unable to connect
Firefox can’t establish a connection to the server at chaos.social.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.
From curl I’m getting:
$ curl --ipv4 --verbose https://chaos.social/
* Host chaos.social:443 was resolved.
* IPv6: (none)
* IPv4: 5.9.119.202
* Trying 5.9.119.202:443...
* connect to 5.9.119.202 port 443 from 192.168.1.45 port 40188 failed: Connection refused
* Failed to connect to chaos.social port 443 after 21 ms: Could not connect to server
* closing connection #0
curl: (7) Failed to connect to chaos.social port 443 after 21 ms: Could not connect to server
It’s the same for http, so not related to TLS.
All other websites work normally, but to this particular one I can’t connect from any device on my home network (I tired a few laptops, phones and our Raspberry PI home server). I tried to restart the router (Zyxel T-56). No change.
I can connect via mobile network or from a VPS in “the cloud”. Also https://www.isitdownrightnow.com/chaos.social.html shows that it’s on-line.
I can think of three reasons, but I’m not a networking guru, so maybe it’s something else:
-
My router blocks it
That would be surprising, because it has the stock configuration from my ISP and I definitely didn’t tweak anything in last days.
-
My ISP blocks it
But then it’s the same ISP for wired and mobile connection. The latter works.
-
The server is blocking me for some reason
I’d appreciate help in digging deeper, if only to learn.
Do a
tracerouteand check what is the last hop, where it stopsWhile waiting for the results I’m educating myself on
traceroute. It was super slow, but here’s the result. How do I interpret it?$ sudo traceroute chaos.social traceroute to chaos.social (5.9.119.202), 64 hops max 1 192.168.1.1 0.777ms 0.714ms 0.621ms 2 5.132.112.1 4.105ms 4.055ms 3.946ms 3 10.10.10.174 7.384ms 7.338ms 7.204ms 4 10.226.4.3 7.275ms 7.230ms 7.053ms 5 * * * 6 80.249.209.55 9.276ms 7.288ms 7.112ms 7 * * * 8 213.239.252.45 18.652ms 12.801ms 12.992ms 9 213.239.224.69 17.158ms 17.165ms 17.119ms 10 213.239.254.190 17.323ms 17.269ms 17.427ms 11 5.9.119.208 17.327ms 17.332ms 17.211ms 12 * * * 13 * * * 14 * * * ... asterisks all the way down 63 * * * ~ took 15m23s $ echo $? 1It seems to stop at
5.9.119.208, which seems close to the destination5.9.119.202.Note to self:
traceroutehas to be run withsudo, otherwise only gives asterisks.Edit: I’m getting almost exactly the same result when connecting via mobile network, when the connection to the site works. Am I doing it right?
It’s same for me, and I can open chaos.social, so from this I would guess you are blocked by chaos.social, not isp.
https://en.m.wikipedia.org/wiki/Traceroute
So they can easily block traceroute requests, it’s common that you can’t hop fully until the destination, it times out at some point.
You shouldn’t need sudo for a traceroute, so that’s something special on your system.
It’s kind of like ping, it uses raw sockets and does need special privileges, but some distros make those SUID binaries so normal users can use them anyway.
I’m on NixOS. The use of sudo doesn’t really bother me. I just wish to understand what’s going on. It’s still like this today.