| From: | Scott Mitchell <smitchel(at)akamai(dot)com> |
|---|---|
| To: | <pgsql-jdbc(at)postgresql(dot)org> |
| Subject: | Re: 9.3-1101-jdbc41 potential issue resolving DNS names to host names |
| Date: | 2014-04-15 23:11:12 |
| Message-ID: | 534DBC90.2080401@akamai.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Another interesting symptom is that if I try psql I get some strange
behavior...
$ssh <IP address X>
$psql --host="<HOSTNAME>"
psql: could not connect to server: Connection refused
Is the server running on host "<HOSTNAME>" (<IP address X>) and
accepting
TCP/IP connections on port 5432?
It seems like the <HOSTNAME> is resovling to the local IP (which is <IP
address X>)?
But if I explicitly try the IP I am able to connect to the database
(connection is rejected but that is expected).
$ssh <IP address X>
$psql --host="<IP address Y>"
psql: FATAL: connection requires a valid client certificate
FATAL: pg_hba.conf rejects connection for host "<IP address Y>", user
"root", database "root", SSL off
This makes me think it may not be a postgresql jdbc specific issue but I
am still not quite sure.
Another interesting piece of the puzzle is that <IP address X> is
running a warm standby instance of the database. The postgresql
instance is currently not running on this machine but I'm not sure if
that may affect anything.
-Scott
On 04/15/2014 06:55 PM, Scott Mitchell wrote:
> I have tried a few scenarios which I will list below but it seems as
> though there may be an issue with how host names are resolved to IPs.
> This seems like it would be a widely used feature and so I'm not ruling
> out a configuration or other issue on my end.
>
> I am attempting to establish connections from IP address X to IP address Y.
> There is a HOSTNAME which has an A record pointing to IP address Y.
> SSL is involved but should not be relevant because I can get a working
> and non-working scenario while SSL configuration remains unchanged.
>
> Good: The following connection string works as expected (from IP address X):
> jdbc:postgresql://<IP address Y>/<Database>
>
> Bad: The following connection string does not work (from IP address X):
> jdbc:postgresql://<HOSTNAME>/<Database>
>
> The only difference between the two scenarios is the connection string.
>
> I have run the following commands to verify that the DNS name does
> resolve to the correct IP address (and substituted the actual output for
> the variables mentioned)
>
> $ssh <IP address X>
> $dig +noall +answer <HOSTNAME>
> <HOSTNAME>. 120 IN A <IP address Y>
>
> Another scenario I tried is running the same code on IP address X and
> change the connection string host to "localhost". The local host is
> able to resolve and the connection is established as expected. This may
> be a trivial lookup and may just go directly to loopback interface
> without resolving DNS, but this scenario may be relevant to this issue
> as it is not an IP.
>
> Any help is appreciated.
> -Scott
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Cramer | 2014-04-16 00:03:32 | Re: 9.3-1101-jdbc41 potential issue resolving DNS names to host names |
| Previous Message | Scott Mitchell | 2014-04-15 22:55:22 | 9.3-1101-jdbc41 potential issue resolving DNS names to host names |