I can't reach github.com
; the DNS resolves but then the connection times out (on Safari, Firefox and Chrome). I'm running macOS 10.15.5.
I've run sudo dscacheutil -flushcache
and sudo killall -HUP mDNSResponder
, to no avail.
See this superuser question for all the debugging I've done so far
I'm asking a separate question here because one key clue is that when logging in with my laptop's guest account, I can reach github.com. If I create another admin user account however, the issue is still there.
For that reason I'm wondering: what are the networking-related settings that would apply to regular users but not the guest account?
Edit Adding more debugging info
dig
output showing that DNS resolves:
$ dig github.com
; <<>> DiG 9.10.6 <<>> github.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54977
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;github.com. IN A
;; ANSWER SECTION:
github.com. 59 IN A 140.82.112.3
;; Query time: 109 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jun 09 22:07:32 CEST 2020
;; MSG SIZE rcvd: 55
- Request timing out in
curl
$ curl -v --insecure -L 140.82.112.3
* Trying 140.82.112.3...
* TCP_NODELAY set
* Connected to 140.82.112.3 (140.82.112.3) port 80 (#0)
> GET / HTTP/1.1
> Host: 140.82.112.3
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Content-length: 0
< Location: https://140.82.112.3/
<
* Connection #0 to host 140.82.112.3 left intact
* Issue another request to this URL: 'https://140.82.112.3/'
* Trying 140.82.112.3...
* TCP_NODELAY set
* Connected to 140.82.112.3 (140.82.112.3) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
[...TLS handshake details]
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com
* start date: May 5 00:00:00 2020 GMT
* expire date: May 10 12:00:00 2022 GMT
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: 140.82.112.3
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Content-length: 0
< Location: https://github.com/
<
* Connection #1 to host 140.82.112.3 left intact
* Issue another request to this URL: 'https://github.com/'
* Trying 192.30.253.113...
* TCP_NODELAY set
* Connection failed
* connect to 192.30.253.113 port 443 failed: Operation timed out
* Failed to connect to github.com port 443: Operation timed out
* Closing connection 2
curl: (7) Failed to connect to github.com port 443: Operation timed out
* Closing connection 0
* Closing connection 1
If I curl without -L
(i.e. without redirects) then I do get to the site, and get the HTML back:
$ curl -H "Host: github.com" --insecure -v https://140.82.112.3/
...
< HTTP/1.1 200 OK
<!DOCTYPE html>
<html lang="en">
...
Best Answer
The fix was given by the answer to https://superuser.com/questions/1559142/github-com-resolves-but-times-out
My /etc/hosts had the 192.30.253.113 IP for github.com; that IP probably became invalid recently. Removing that line fixed the issue.