Skip to Content.
Sympa Menu

inc-ops-notifications - Re: [InCommon NOTICE] InCommon MDQ metadata retrieval issues for some clients

Subject: InCommon Operations Notifications

List archive

Re: [InCommon NOTICE] InCommon MDQ metadata retrieval issues for some clients


Chronological Thread 
  • From: "Nicole Roy" <>
  • To:
  • Subject: Re: [InCommon NOTICE] InCommon MDQ metadata retrieval issues for some clients
  • Date: Thu, 07 Oct 2021 14:34:04 -0600
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vOJNDTu4g1xC7tqgL9MSDTqULND1deS5LI3U5OZ9u7c=; b=kzltbm01GC/c5gCdsCQnzbJSm8gEfLrf5Gty7gkcHKmZyFjvlERax5qGjA+UQ11j6c5obYw8T2+EpD0v0u2BGAMkkGtvmtBM5TzZZX1nlVkaKmrCyDzr9K5DaXWN0RKD3zSx2c2LpAbpR6yoO/ielqu7YsfNV9kZSBpoiYa6nF8aodDDDRJ6uCVHottu6i9D6BG3YbMc19P/YTGQhIRl8tkxRDklOpYq9l2NHaNClsWpIw9CSU9ng4SDNmZqAVH+PfoMHPH7nnrm56eThVon4c4Vsgsaf4FKnflFmEJef0GTGlOQrXAZx9CyeEjwEZGCyWStX7lFqqHtI23l6rGB7g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V22LrD2ymzrFt3Nrq05VS12cWzsosQWxXcqc9rVPhLXi6QsXrFHpegqZQ1uChj4MAQ82fP21QFXW26tYWORKNXSiRff8u5kEM7gUFAvYtyEFpO5/6uSFQStusNjfkDYYd0btLg/XGSqvYGT1J2K0qsknzqFCfaJFW1fzzUA9T8dauUW18DLRMalPs+xflfd5oT+MAK4Aarn7iXSzJZPmTssTjyM6Kz8Xd0G6ze4A6GBurAYojA6FtBD+3pZnKDD6T0wadBlZ9nSsnJPtDVpDcKwdgeKIznsHw3EHYo6ZYUOG4rODRtl5nQPvvzowWnnEROZe8c9aIWM7ceRpdnapGQ==

Another update, we have identified a method of temporarily pinning MDQ requests to a specific, currently-known-good CloudFront edge location. Details at: https://spaces.at.internet2.edu/display/federationops/2021-10-07+MDQ+intermittent+outage

Deployers are advised to test this approach locally, and ensure that whichever CloudFront edge location they pick, actually works before updating hosts files on their affected systems.

Best,

Nicole

On 7 Oct 2021, at 12:35, Nicole Roy wrote:

All future status updates will be posted in the Internet2 wiki, at: https://spaces.at.internet2.edu/display/federationops/2021-10-07+MDQ+intermittent+outage

As of 12:30 MDT, AWS support is able to reproduce this issue and is escalating it within AWS.

Best,

Nicole

On 7 Oct 2021, at 10:06, Nicole Roy wrote:

Update 2020-10-07 10:00 MDT

We have opened a support case with Amazon Web Services with regard to the edge cache locations which appear to be failing:

13.32.208.20
13.32.208.84
13.32.208.58
13.32.208.38

On 7 Oct 2021, at 9:31, Nicole Roy wrote:

As of 9:15 a.m. MDT on October 7, we are able to reproduce the issue and it appears to be isolated to a number of CloudFront servers. We are working to further identify the problem with these distribution points.

Best Regards,

Nicole

On 7 Oct 2021, at 9:06, Nicole Roy wrote:

Hello,

This morning, InCommon operations was notified of some intermittent issues by some metadata clients, in retrieving SAML metadata from https://mdq.incommon.org. We are actively investigating this issue and will share more information when we know more. In the meantime, if you are experiencing issues with the MDQ service, please send email to , including (if possible) detailed information about the client you’re using (SAML software and version), IP address of the client, physical location (approximate), log data if share-able, etc.

Best Regards,

Nicole Roy
Pronouns: She/her/hers
Director of Technology and Strategy
InCommon / Internet2 Trust and Identity Services

Attachment: signature.asc
Description: OpenPGP digital signature




Archive powered by MHonArc 2.6.24.

Top of Page