curl: (7) couldn't connect to host

Question

curl: (7) couldn't connect to host

I've been troubleshooting a weird problem in PHP -- turns out it's system-level and not PHP related. In a nutshell:

1. file getcontents ($url) doesn't work -- (on remote URLs or local URLs) -- it turns an error
2. file getcontents ($file) works.
3. CURL works on remote URLs, not on local URLs (local.thishost.com).
4. as per php.ini, allow urlfopen On

So, if, at the command line, I enter

curl "http://www.apple.com"

I get the web page. But if I enter a local host:

curl "http://thisbox.domain.com"

I get the error "curl: (7) couldn't connect to host". Now, that same URL if entered on a different machine on the network (but DNS directs to the serveR), it resolves and the page is returned.
Any ideas how to solve this?

...Rene

Xserve Nehalem, Mac OS X (10.6.2)

Posted on Dec 23, 2009 8:40 AM

Reply

Answer 1

MrHoffman

Level 10

146,233 points

Dec 23, 2009 11:00 AM in response to Rene Fournier

The local DNS configuration or local DNS server looks to be incorrectly configured or otherwise not operating as intended, or the local server here is not configured to forward its DNS translations to the appropriate local DNS server.

If the box is configured and running a DNS server, then the host NIC DNS server setting should be aimed at 127.0.0.1 as its DNS server (and no other DNS servers; only your local server(s) and not your ISP servers), and the local DNS services should be configured to respond to the appropriate hosts.

If the local box is not configured as a DNS server, then the host NIC should be aimed at the DNS server(s) for your domain, or at your ISP DNS servers; again, don't mix references to local DNS server(s) and to your ISP DNS servers.

For some notes on configuring the DNS server on Mac OS X Snow Leopard Server 10.6, [start here|http://labs.hoffmanlabs.com/node/1436].

The commands to check DNS here are...

$ dig host.example.com # or whatever host and domain name the target box is using here
$ dig -x 192.168.1.1 # or whatever IP address the target host is using

If you're not comfortable with the terminal and the bash shell and its commands, then you can launch the Network Utility out of the Applications > Utilities folder. But bash is probably easier.

Reply

Answer 2

Dec 23, 2009 6:40 PM in response to Rene Fournier

OK, I finally figured out the problem. Dumb.

In System Preferences Network, I listed 127.0.0.1 instead of 192.168.0.x as the machine's primary DNS. So while other machines were resolving to the box, local apps couldn't get DNS resolution since the machine's nameserver was bound to 192.168.0.x. (As you can see, the Bind manual is something I should start reading.)

Thanks.

...Rene

Reply

Answer 3

Jan 26, 2010 7:15 PM in response to Rene Fournier

OK, strangely, this problem is recurring, ever after I made the corrections to the servers DNS Service. On the server, to re-cap, here's what happens at Terminal:

Tue Jan 26 20:06:23 -- irmo :: host thishost.mydomain.com
thishost.mydomain.com is an alias for thisserver.mydomain.com.
thisserver.mydomain.com has address 192.168.0.123

Tue Jan 26 20:06:59 -- irmo :: curl http://thishost.mydomain.com
curl: (7) couldn't connect to host

Tue Jan 26 20:06:59 -- irmo :: curl http://thisserver.mydomain.com
curl: (7) couldn't connect to host

And the really strange thing, is that if I enter those host names into a web browser *on a different machine* ( http://thishost.mydomain.com/) on the same network or from the outside world, the web page comes up (served by the problem server). So... I can access the host names / web sites from other machines, but not from the actual server itself. This problem went away before, and is now back. So, seems kind of intermittent.

!?!?!?!?!

Reply

Answer 4

Jan 26, 2010 7:52 PM in response to Rene Fournier

As a follow-up, I was wondering, could an improperly configured DNS Service allow virtual hosting to work for other machines (accessing locally hosted web sites), but prevent local access to the same web sites?

Reply

Answer 5

MrHoffman

Level 10

146,233 points

Jan 26, 2010 8:01 PM in response to Rene Fournier

Messed up DNS has knocked +whole countries+ off the Internet.

That is not an exaggeration.

As for what happened within your LAN (or how your LAN is structured), that's not easily determined from here.

Virtual hosting does not use DNS on the web server; that's entirely based on the host name specified by the client within the arriving http traffic. DNS here is only between the client and the translation returned from the client's DNS server(s).

Reply

Answer 6

Jan 26, 2010 8:15 PM in response to MrHoffman

"Virtual hosting does not use DNS on the web server; that's entirely based on the host name specified by the client within the arriving http traffic. DNS here is only between the client and the translation returned from the client's DNS server(s)."

OK, that is what I always thought, and it perfectly explains why the server's hosted web sites continue to work for users on other computers. Which also means, the problem probably lies somewhere in my DNS Server's configuration.

DNS and Bind are the things in my Xserve I admittedly understand the least. I had the DNS service configured and working perfectly fine previously in OS X Server 10.4.11. But the UI is a little different now, so I wonder if that is why I've got an error in there, somewhere.

Is there anything I can do from here to isolate the source of the configuration problem? Thanks.

...Rene

Reply

Answer 7

Jan 26, 2010 10:56 PM in response to MrHoffman

Thanks for the info and link to your web site. I'm reading it now, but in the meantime, something even weird has happened: The problem:

curl http://thishost.mydomain.com

curl: (7) couldn't connect to host

...has gone away. Now, when I try to curl to any of the server's own hosted web sites from the server itself (or from a web browser on the server), it works. And I've done nothing. Just a couple hours have passed, and it's fine again.

Ah, my least favourite kind of problem, the intermittent kind. Any ideas what could cause this? (In the meantime, I'll finish reading your article on 10.6 DNS, but I thought I should post this update.) Thanks again.

...Rene

Reply

Answer 8

Jan 27, 2010 12:01 AM in response to Rene Fournier

I found a link describing what seems to be my problem exactly: http://www.mac-forums.com/forums/os-x-operating-system/164649-snow-leopard-keeps -dropping-dns.html

To get DNS resolution for locally host web sites working again:

sudo killall mDNSResponder

...and the hosts listed in the server's DNS Service get resolved again ...for a while. Yup, it seems that, although my DNS configuration could be wonky, there is an intermittent bug in 10.6 (Server and Client). Has anyone else here run into this particular issue?

...Rene

Reply

Answer 9

MrHoffman

Level 10

146,233 points

Jan 27, 2010 8:03 AM in response to Rene Fournier

Within the cited thread, I see a collection of symptoms, a discussion of the TTL settings (and yes, that TTL is comparatively and usually huge) and a discussion of restarted the Bonjour mDNS daemon, but I don't see any consistent set of symptoms there. Buggy DNS will definitely hose you, regardless.

I've been running DNS for a while, and I haven't noticed the issues described in that thread.

I have seen some, um, +very creative+ DNS settings go badly wrong, though.

Reply