Re: 9.3-1101-jdbc41 potential issue resolving DNS names to host names

You nailed it. Not sure how the local IP got into the host file for this hostname, but this would explain the symptoms I am seeing.

From: davecramer(at)gmail(dot)com [mailto:davecramer(at)gmail(dot)com] On Behalf Of Dave Cramer
Sent: Tuesday, April 15, 2014 8:04 PM
To: Mitchell, Scott
Cc: List
Subject: Re: [JDBC] 9.3-1101-jdbc41 potential issue resolving DNS names to host names

Scott,

JDBC only uses java to resolve the host. Is it possible you have something in your hosts file which is not visible to dig ?

Dave Cramer

dave.cramer(at)credativ(dot)ca
http://www.credativ.ca

On 15 April 2014 19:11, Scott Mitchell <smitchel(at)akamai(dot)com<mailto:smitchel(at)akamai(dot)com>> wrote:
Another interesting symptom is that if I try psql I get some strange
behavior...

$ssh <IP address X>
$psql --host="<HOSTNAME>"
psql: could not connect to server: Connection refused
Is the server running on host "<HOSTNAME>" (<IP address X>) and
accepting
TCP/IP connections on port 5432?

It seems like the <HOSTNAME> is resovling to the local IP (which is <IP
address X>)?

But if I explicitly try the IP I am able to connect to the database
(connection is rejected but that is expected).

$ssh <IP address X>
$psql --host="<IP address Y>"
psql: FATAL: connection requires a valid client certificate
FATAL: pg_hba.conf rejects connection for host "<IP address Y>", user
"root", database "root", SSL off

This makes me think it may not be a postgresql jdbc specific issue but I
am still not quite sure.

Another interesting piece of the puzzle is that <IP address X> is
running a warm standby instance of the database. The postgresql
instance is currently not running on this machine but I'm not sure if
that may affect anything.

-Scott

On 04/15/2014 06:55 PM, Scott Mitchell wrote:
> I have tried a few scenarios which I will list below but it seems as
> though there may be an issue with how host names are resolved to IPs.
> This seems like it would be a widely used feature and so I'm not ruling
> out a configuration or other issue on my end.
>
> I am attempting to establish connections from IP address X to IP address Y.
> There is a HOSTNAME which has an A record pointing to IP address Y.
> SSL is involved but should not be relevant because I can get a working
> and non-working scenario while SSL configuration remains unchanged.
>
> Good: The following connection string works as expected (from IP address X):
> jdbc:postgresql://<IP address Y>/<Database>
>
> Bad: The following connection string does not work (from IP address X):
> jdbc:postgresql://<HOSTNAME>/<Database>
>
> The only difference between the two scenarios is the connection string.
>
> I have run the following commands to verify that the DNS name does
> resolve to the correct IP address (and substituted the actual output for
> the variables mentioned)
>
> $ssh <IP address X>
> $dig +noall +answer <HOSTNAME>
> <HOSTNAME>. 120 IN A <IP address Y>
>
> Another scenario I tried is running the same code on IP address X and
> change the connection string host to "localhost". The local host is
> able to resolve and the connection is established as expected. This may
> be a trivial lookup and may just go directly to loopback interface
> without resolving DNS, but this scenario may be relevant to this issue
> as it is not an IP.
>
> Any help is appreciated.
> -Scott
>
>

--
Sent via pgsql-jdbc mailing list (pgsql-jdbc(at)postgresql(dot)org<mailto:pgsql-jdbc(at)postgresql(dot)org>)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-jdbc