-
-
Notifications
You must be signed in to change notification settings - Fork 211
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNS queries for *.my.local-ip.com fail causing development instances to be unreachable #8100
Comments
Research findingsCommercialI did not find any commercial offerings :( OSS/Free services
Related articles |
Two months ago I was in touch with Quad9 thinking that the failure to resolve local-ip.co was with their servers. This is what I got back:
|
Try out MVPIf you want to test the current MVP without needing to do all the setup in "Install self hosted DNS, Web and Cert generator servers", follow these simple 3 steps:
Steps for self hosted MVPContent of this comment moved here. |
I have some insight into why the local-ip.co DNS failures happened: First, reproducing a failed request:
After 1120 msec (1.1 seconds), the query returns an error ( Extrapolating from how nip.io uses a custom PipeBackend written in Python, there's a high chance that local-ip could also be doing the same, and this custom backend is failing somehow, producing the Custom backend failures, coupled with the very low TTL (10 seconds) produces the failures. Example of a successful query:
Thank you @andreibacos for your assistance in debugging this. |
That's very interesting - thanks @dianabarsan (and also thanks @andrablaj !) for the details on this. Given this ticket uses sslip.io's Go based resolver, we should be safe. If either of you wants to give it a try, I welcome any feedback (see "Try out MVP" above). |
Correct me if I am wrong @mrjones-plip, but I didn't contribute to this ticket 😄. Did you mean to tag someone else? I wouldn't like for them to miss your thank you note. 😊 |
aha - you're right @andrablaj 😅 ! I meant to thank @andreibacos instead. Thanks @andreibacos ;) |
Content of this comment moved here |
* update install certs script to use new local-ip service per #8100 * edit nginx config to work around ssl_error_no_cypher_overlap error * cut over to using medic hosted local-ip, stop munging nginx conf * update add cert 4.x script to work w/ medicmobile * use currect URL, use more gentle nginx app restart instead of whole container restart * use currect URL for fullchain per feedback
@mrjones-plip is this still in progress? I see a commit already merged |
I think as far as CHT Core is concerned we have:
we can close this! Thanks for the ping |
Describe the issue
We have 3 projects that heavily rely on the *.my.local-ip.com TLS certs:
Because TLS requires DNS and because the DNS server for my.local-ip.com often fails, it feels like a developers instances is broken, when in fact DNS is failing to resolve for their my.local-ip.com IP.
Describe the improvement you'd like
Provide a new solution that offers the same conveniences as my.local-ip.com but has stable DNS. Either a commercial offering or a self hosted option based on open source
Describe alternatives you've considered
The text was updated successfully, but these errors were encountered: