Project

General

Profile

[Abandoned] Lighttpd keeps sending status 400

Added by P14r73 about 2 months ago

Hello!
I am encountering a hair-pulling issue and am hoping someone here much smarter than me can figure it out
I am using 2 Lighttpd webservers, both running Pihole. However, One of them has started returning error 400. I am using a button on my Steamdeck that pulls the status of the Pi. Both Pis have near identical Lighttpd config, however one is returning 400 and one isn't.

OS: Debian Bullseye
I am on lighttpd/1.4.59 (ssl)

Ive opened a related ticket here, but really hoping anyone can help.
https://github.com/johnholbrook/streamdeck-pihole/issues/8

I am seeing in my error logs:

2022-08-05 20:03:33: connections.c.800) fd: 11 request-len: 80\n\x16\x03\x01\x02
2022-08-05 20:03:33: request.c.359) missing CR before LF in header -> 400
2022-08-05 20:03:33: request.c.1332) request-header:\n\x16\x03\x01\x02
2022-08-05 20:03:33: response.c.158) Response-Header:\nHTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 06 Aug 2022 00:03:33 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n
2022-08-05 20:03:33: connections.c.750) invalid request-line -> sending Status 400
2022-08-05 20:03:33: response.c.158) Response-Header:\nHTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 06 Aug 2022 00:03:33 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n
2022-08-05 20:03:38: connections.c.750) invalid request-line -> sending Status 400
2022-08-05 20:03:38: response.c.158) Response-Header:\nHTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 06 Aug 2022 00:03:38 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n
2022-08-05 20:03:38: connections.c.750) invalid request-line -> sending Status 400
2022-08-05 20:03:38: response.c.158) Response-Header:\nHTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 06 Aug 2022 00:03:38 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n
2022-08-05 20:03:38: connections.c.750) invalid request-line -> sending Status 400
2022-08-05 20:03:38: response.c.158) Response-Header:\nHTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 06 Aug 2022 00:03:38 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n
2022-08-05 20:03:38: connections.c.800) fd: 11 request-len: 118\n\x16\x03\x01\x02
2022-08-05 20:03:38: request.c.359) missing CR before LF in header -> 400

Whereas my other Pi has no such issues:

2022-08-07 15:16:07: response.c.158) Response-Header:\nHTTP/1.1 200 OK\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: persistentlogin=REDACTED; expires=Sun, 14-Aug-2022 19:16:07 GMT; Max-Age=604800; HttpOnly\r\nContent-type: application/json\r\nX-Pi-hole: The Pi-hole Web interface is working!\r\nX-Frame-Options: DENY\r\nContent-Length: 689\r\nDate: Sun, 07 Aug 2022 19:16:07 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n

My config:

# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
# Lighttpd config for Pi-hole
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
##############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE
#
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:
# /etc/lighttpd/external.conf
##############################################################################
server.modules = (
"mod_access",
"mod_accesslog",
"mod_alias",
"mod_auth",
"mod_expire",
"mod_deflate",
"mod_redirect",
"mod_setenv",
"mod_rewrite",
"mod_proxy",
"mod_openssl" 
)

server.document-root = "/var/www/html/" 
server.error-handler-404 = "/var/www/html/pihole/CustomBlockPage.php" 
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log" 
server.pid-file = "/run/lighttpd.pid" 
server.username = "www-data" 
server.groupname = "www-data" 
server.port = 82
server.use-ipv6 = "disable" 
accesslog.filename = "/var/log/lighttpd/access.log" 
accesslog.format = "%{%s}t|%V|%r|%s|%b" 

# enable debugging
debug.log-request-header = "enable" 
debug.log-response-header = "enable" 
debug.log-request-handling = "enable" 
debug.log-file-not-found = "enable" 
debug.log-condition-handling = "enable" 
# Allow streaming response
# reference: https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_stream-response-bodyDetails
server.stream-response-body = 1
#ssl.read-ahead = "disable" 
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

mimetype.assign = (
".ico" => "image/x-icon",
".jpeg" => "image/jpeg",
".jpg" => "image/jpeg",
".png" => "image/png",
".svg" => "image/svg+xml",
".css" => "text/css; charset=utf-8",
".html" => "text/html; charset=utf-8",
".js" => "text/javascript; charset=utf-8",
".json" => "application/json; charset=utf-8",
".map" => "application/json; charset=utf-8",
".txt" => "text/plain; charset=utf-8",
".eot" => "application/vnd.ms-fontobject",
".otf" => "font/otf",
".ttc" => "font/collection",
".ttf" => "font/ttf",
".woff" => "font/woff",
".woff2" => "font/woff2" 
)

# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null" 
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl" 
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null" 
# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" { # Create a response header for debugging using curl -I
  setenv.add-response-header = (
    "X-Pi-hole" => "The Pi-hole Web interface is working!",
    "X-Frame-Options" => "DENY" 
  )
  $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" { # Allow Block Page access to local fonts
    setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
  }
}

# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
  url.access-deny = ("")
}
# allow teleporter and API qr code iframe on settings page
$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
  $HTTP["referer"] =~ "/admin/settings\.php" {
    setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
  }
}
# Default expire header
expire.url = ( "" => "access plus 0 seconds" )

My external config:

# Ensure the Pi-hole Block Page knows that this is not a blocked domain
setenv.add-environment = ("fqdn" => "true")

# Enable the SSL engine with a LE cert, only for this specific host
$SERVER["socket"] == ":443" {
    ssl.engine = "enable" 
    ssl.pemfile = "/etc/letsencrypt/live/mydomain.com/combined.pem" 
    ssl.ca-file =  "/etc/letsencrypt/live/mydomain.com/fullchain.pem" 
    ssl.honor-cipher-order = "enable" 
    ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH" 
    ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.2",
                                "CipherString" => "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH")

}

# Redirect HTTP to HTTPS
$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")
    }
}


Replies (12)

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

Ive also tried with a external.conf without all the customizations I added that did not change my results

# Ensure the Pi-hole Block Page knows that this is not a blocked domain
setenv.add-environment = ("fqdn" => "true")

# Enable the SSL engine with a LE cert, only for this specific host
$SERVER["socket"] == ":443" {
    ssl.engine = "enable" 
    ssl.pemfile = "/etc/letsencrypt/live/mydomain/combined.pem" 
    ssl.honor-cipher-order = "enable" 
    ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH" 
    ssl.use-sslv2 = "disable" 
    ssl.use-sslv3 = "disable" 
}

# Redirect HTTP to HTTPS
$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")
    }
}

RE: Lighttpd keeps sending status 400 - Added by gstrauss about 2 months ago

afk for a few hours. What version of lighttpd are you running? Check if you are connecting using http or https.

RE: Lighttpd keeps sending status 400 - Added by gstrauss about 2 months ago

2022-08-05 20:03:33: connections.c.800) fd: 11 request-len: 80\n\x16\x03\x01\x02
2022-08-05 20:03:33: request.c.359) missing CR before LF in header -> 400
2022-08-05 20:03:33: request.c.1332) request-header:\n\x16\x03\x01\x02

It looks like some client is sending an "https" request to a port on which lighttpd is expecting clear-text "http".

Have you tried manually connecting to your Pi using http and using https? What does it show you?
One of the following should error (when adapted to your site URL). Is it the one you expect?
curl -v "http://example.com:4444/"
curl -v "https://example.com:4444/"

RE: Lighttpd keeps sending status 400 - Added by gstrauss about 2 months ago

The requests that are resulting in the 400 are coming over http
https://github.com/johnholbrook/streamdeck-pihole/blob/main/us.johnholbrook.pihole.sdPlugin/code.js#L21

While that line of code looks like it sends an "http" request, "\n\x16\x03\x01\x02" is not an "http" request and looks to me more like TLS (e.g. "https"). Some place else might be sending that.

Print the configuration that lighttpd sees with lighttpd -p -f /etc/lighttpd/lighttpd.conf and review it.
Are there multiple places in the config files which attempt to configure the same port with $SERVER["socket"]?

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

@gsrauss thank you so much for your time helping me figure this out. I really appreciate it.
Yes, there are 3 sockets, but none with the same port:
https://pastebin.com/wSZ7yCQK
Im listening on 82 (Pihole) 444 (Pihole)
Ive tried to simplify my install by removing some of my customizations

How can I tell which client are sending the requests?
When I turn off the Streamdeck button, the requests seem to stop in the logs. However all of the requests of that app are http in the code.
https://github.com/johnholbrook/streamdeck-pihole/blob/main/us.johnholbrook.pihole.sdPlugin/code.js#L21
I did a control+F on the page and can't find any reference

As well, my second Pihole with the exact same Lighttpd config does NOT have these 400- only 200 on the other Pihole:

My Pi that works:

2022-08-08 13:05:13: response.c.158) Response-Header:\nHTTP/1.1 200 OK\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-type: application/json\r\nX-Pi-hole: The Pi-hole Web interface is working!\r\nX-Frame-Options: DENY\r\nContent-Length: 683\r\nDate: Mon, 08 Aug 2022 17:05:13 GMT\r\nServer: lighttpd/1.4.59\r\n\r\n

curl -v "https://192.168.1.186:444/"

       
*   Trying 192.168.1.186:444...
* Connected to domain.domain.com (192.168.1.186) port 444 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=domain.domain.com
*  start date: Aug  8 16:59:00 2022 GMT
*  expire date: Nov  6 16:58:59 2022 GMT
*  subjectAltName: host "domain.domain.com" matched cert's "domain.domain.com" 
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0xde1770)
> GET /admin HTTP/2
> Host: domain.domain.com:444
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 8)!
< HTTP/2 301
< location: /admin/
< content-length: 0
< date: Mon, 08 Aug 2022 18:10:06 GMT
< server: lighttpd/1.4.59
<
* Connection #0 to host domain.domain.com left intact

curl -v "http://192.168.1.186:444/"


*   Trying 192.168.1.186:444...
* Connected to 192.168.1.186 (192.168.1.186) port 444 (#0)
> GET / HTTP/1.1
> Host: 192.168.1.186:444
> User-Agent: curl/7.74.0
> Accept: */*
>
* Empty reply from server
* Connection #0 to host 192.168.1.186 left intact
curl: (52) Empty reply from server

curl -v "http://192.168.1.186:82/admin"

*   Trying 192.168.1.186:82...
* Connected to 192.168.1.186 (192.168.1.186) port 82 (#0)
> GET /admin HTTP/1.1
> Host: 192.168.1.186:82
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Location: /admin/
< Content-Length: 0
< Date: Mon, 08 Aug 2022 18:05:15 GMT
< Server: lighttpd/1.4.59
<
* Connection #0 to host 192.168.1.186 left intact

curl -v "https://192.168.1.186:82/admin"

                                                                                                     
*   Trying 192.168.1.186:82...
* Connected to 192.168.1.186 (192.168.1.186) port 82 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

Let me change 2 of those responses:

Let me change 2 of those responses:
curl -v "https://domain.domain.com:444/admin"                                                                                              
*   Trying 192.168.1.186:444...
* Connected to domain.domain.com (192.168.1.186) port 444 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=domain.domain.com
*  start date: Aug  8 16:59:00 2022 GMT
*  expire date: Nov  6 16:58:59 2022 GMT
*  subjectAltName: host "domain.domain.com" matched cert's "domain.domain.com" 
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x1f6b770)
> GET /admin HTTP/2
> Host: domain.domain.com:444
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 8)!
< HTTP/2 301
< location: /admin/
< content-length: 0
< date: Mon, 08 Aug 2022 18:21:52 GMT
< server: lighttpd/1.4.59
<
* Connection #0 to host domain.domain.com left intact

 curl -v "https://192.168.1.186:444/admin"                                                                                                      
*   Trying 192.168.1.186:444...
* Connected to 192.168.1.186 (192.168.1.186) port 444 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 192.168.1.186:444
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 192.168.1.186:444

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

Update: Ive got it to work by changing the button to point to Hostname:82 instead of 192.168.1.X:82
Im not sure why accessing it by hostname instead of IP works....
I do resolve the IP to the hostname directly so I dont understand the difference...

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

Interesting result: the 400s in my access.log dont show an IP:

1659988910|harbormaster:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988911|-|  |400|345
1659988911|-|  |400|345
1659988911|harbormaster:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988912|harbormaster:82|GET /admin/api.php HTTP/1.1|200|699
1659988912|192.168.1.186:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988912|harbormaster:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988912|192.168.1.186:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988912|harbormaster:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699
1659988914|harbormaster:82|GET /admin/api.php?summaryRaw HTTP/1.1|200|699

RE: Lighttpd keeps sending status 400 - Added by gstrauss about 2 months ago

Update: Ive got it to work by changing the button to point to Hostname:82 instead of 192.168.1.X:82
Im not sure why accessing it by hostname instead of IP works....
I do resolve the IP to the hostname directly so I dont understand the difference...

Interesting result: the 400s in my access.log dont show an IP:

Both TLS SNI (TLS extension Server Name Indication) and HTTP "Host" are taken (by curl) from the URL you gave to curl.

As I noted in #3168, $SERVER["socket"] must not be nested inside other lighttpd.conf conditions.

Additionally, lighttpd.conf $HTTP["host"] is a name-based virtual host config and uses the name (or IP) provided in the HTTP "Host" header -- or HTTP/2 ":authority" pseudo-header -- sent by the client. lighttpd.conf does not resolve $HTTP["host"] to IPs; $HTTP["host"] is used literally as you provided it in lighttpd.conf. lighttpd also uses the Host sent by the client in url.redirect in your lighttpd.conf.

I hope that helps explain why you changing your Steamdeck button to use names helped make things work.

RE: Lighttpd keeps sending status 400 - Added by P14r73 about 2 months ago

$SERVER["socket"] must not be nested inside other lighttpd.conf conditions. -> this part is actually working though, for other Pihole users as well as my other Pi

The Pi thats giving the 400s used to work via IP, but now only works via hostname. Additionally, the other (working) Pi still works via IP
How can I get the non working one to work via IP like it used to / like the other one is?

Appreciate your patience!

RE: Lighttpd keeps sending status 400 - Added by gstrauss about 2 months ago

$SERVER["socket"] must not be nested inside other lighttpd.conf conditions. -> this part is actually working though, for other Pihole users as well as my other Pi

Please read the docs where this is called out:

Docs_Configuration
"$SERVER["socket"] is valid in global scope; placing $SERVER["socket"] inside other conditions may have undesirable results (and would be rejected if not for historic (mis)use)."

Docs_SSL
"Note: ssl.* configuration options are generally valid only in global scope or in the top level of a $SERVER["socket"] configuration condition, as they are needed when the socket connection is established, before the host is known. In cases where the client adds SNI (server name indication), some ssl.* options can be specified in $HTTP["host"] or $HTTP["scheme"] conditions, e.g. to select certificates for that specific connection. All other conditions occur after TLS negotiation has completed, so ssl.* directives nested in other configuration conditions may be ignored, including $SERVER["socket"] or $HTTP["host"] or $HTTP["scheme"] nested in other configuration conditions."

Just because it happens not to break in some cases, does not make it "right". If not for historic (mis)use, I would configure lighttpd to reject $SERVER["socket"] nested in other conditions.

In other words, the Raspberry Pi package for lighttpd is configured suboptimally. You will find that many of the ssl.* directives in your config are suboptimal if you read Docs_SSL. I do not have control over external packages in Raspberry Pi or other distros (and do not have the time to do so).

The Pi thats giving the 400s used to work via IP, but now only works via hostname. Additionally, the other (working) Pi still works via IP
How can I get the non working one to work via IP like it used to / like the other one is?

If your configs are identical when you compare lighttpd -p -f /etc/lighttpd/lighttpd.conf, and the lighttpd version is identical, then your issue may be elsewhere. Please confirm that your configs are identical. If your configs are identical, then you probably want to check and validate your DNS records, and your /etc/hosts or other resolver configs to check that they are identical.

    (1-12/12)