Getting network timeouts for the API, don't if I alter URL slightly
Closed this issue · 3 comments
mr-bo-jangles commented
If I use https://api.plex.tv/api/downloads/1.json?channel=plexpass as my API endpoint I don't get a network is unreachable error however the standard https://plex.tv/api/downloads/1.json?channel=plexpass does
demonbane commented
Just did some tests and I can't see any difference between the two. I expected maybe a redirect or something, but the server responses are virtually identical for both:
curl -s -o /dev/null -v https://api.plex.tv/api/downloads/1.json?channel=plexpass
* Trying 52.208.191.234...
* TCP_NODELAY set
* Connected to api.plex.tv (52.208.191.234) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /usr/local/etc/openssl/cert.pem
CApath: /usr/local/etc/openssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [89 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3244 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=4762731; street=449 N Santa Cruz Ave; postalCode=95030; C=US; ST=California; L=Los Gatos; O=Plex, Inc.; CN=app.plex.tv
* start date: May 1 00:00:00 2017 GMT
* expire date: May 6 12:00:00 2019 GMT
* subjectAltName: host "api.plex.tv" matched cert's "api.plex.tv"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
* SSL certificate verify ok.
} [5 bytes data]
> GET /api/downloads/1.json?channel=plexpass HTTP/1.1
> Host: api.plex.tv
> User-Agent: curl/7.56.1
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 OK
< Cache-Control: no-cache
< Content-Type: application/json; charset=utf-8
< Date: Thu, 09 Nov 2017 00:31:42 GMT
< Server: nginx
< Set-Cookie: _mkra_ctxt=9eb26317c16697271ed34d004a16d30a--200; path=/; max-age=5; secure
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< X-Request-Id: 227d5ca6-bf6a-4ce8-9eab-dadf91969e99
< X-Runtime: 0.010107
< X-UA-Compatible: chrome=1
< X-XSS-Protection: 1; mode=block
< transfer-encoding: chunked
< Connection: keep-alive
<
{ [7761 bytes data]
* Connection #0 to host api.plex.tv left intact
curl -s -o /dev/null -v https://plex.tv/api/downloads/1.json?channel=plexpass
* Trying 54.171.208.164...
* TCP_NODELAY set
* Connected to plex.tv (54.171.208.164) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /usr/local/etc/openssl/cert.pem
CApath: /usr/local/etc/openssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [89 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3125 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=4762731; street=449 N Santa Cruz Ave; postalCode=95030; C=US; ST=CA; L=Los Gatos; O=Plex, Inc; CN=plex.tv
* start date: Oct 14 00:00:00 2015 GMT
* expire date: Jan 11 12:00:00 2018 GMT
* subjectAltName: host "plex.tv" matched cert's "plex.tv"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
* SSL certificate verify ok.
} [5 bytes data]
> GET /api/downloads/1.json?channel=plexpass HTTP/1.1
> Host: plex.tv
> User-Agent: curl/7.56.1
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 OK
< Cache-Control: no-cache
< Content-Type: application/json; charset=utf-8
< Date: Thu, 09 Nov 2017 00:30:32 GMT
< Server: nginx
< Set-Cookie: _mkra_ctxt=5428d9b359cc9c8dc67952525afa8998--200; path=/; max-age=5; secure
< Vary: Origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< X-Request-Id: 0fd48d58-429f-4329-8238-77040aed1fda
< X-Runtime: 0.008840
< X-UA-Compatible: chrome=1
< X-XSS-Protection: 1; mode=block
< transfer-encoding: chunked
< Connection: keep-alive
<
{ [11857 bytes data]
* Connection #0 to host plex.tv left intact
Which means that:
a) this shouldn't make any difference
b) it also shouldn't hurt anything if we change the default endpoint.
@mrworf thoughts?
mr-bo-jangles commented
I would have it try alternates on failure as this seems to only happen when my network traffic is going out via a specific ISP
mr-bo-jangles commented
We can close this, I discovered the route cause of this issue was related to OpenVPN restarting on an upstream device and setting some really dodgy routes