Roberts A.L. wrote:
> loop which strangely resulted in
> only some of the metadata servers' IPs being unreachable.
The various metadata servers are in colos spread around the UK for
resilience. So I'm not very surprised that a route to one of them might
get lost while the route to another might be untouched.
> The problem seems to have been resolved following communication with
> the company and we can now access the metadata - hooray.
Hooray indeed!
> Our comms guys informed me that the issue should have affected anyone
> trying to access the metadata in Wales which is a bit worrying as
> theoretically every IdP in Wales should have had out of date metadata
> since the 11th June which is when we first noticed something strange
> was going on.
There are four A records in the DNS for the metadata.ukfederation.org.uk
domain, and I'd expect the one used to be chosen more or less randomly
(the logs indicate this isn't quite true, for reasons we don't entirely
understand yet). So even if there was only one server reachable, I'd
expect one in four attempts to succeed. Of course you might not notice
the occasional absence of an error message...
-- Ian
|