Failed to connect to www.googleapis.com port 443: Network unreachable
I'm trying to implement google sign-in in my website that is written in Symfony2 using Google Client API. I followed the instructions here, but when I call $client->authenticate($code); command an exception is thrown telling that:
Failed to connect to www.googleapis.com port 443: Network unreachable
What is the problem?
Answer
Solution 2 (from update). it seems to be some bug with ipv6 interfaces and curl with php, so another solution is to set the appropiate option in curl function to connect to the remote server with ipv4 in your php script
curl_setopt( $curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
Solution 1.
The same happened to me (solved by adding the ip v4 and hostname to /etc/hosts file), As pointed by @hans-z in another answer comment, I tried using next command to validate the network issue.
curl -v https://www.googleapis.com
It turned out that it was randomly, and only 1 in 10 tries the curl command could connect to the server, the response was something like: ("La red es inaccesible" means in english "network unreachable" :) )
$ curl -v https://www.googleapis.com
* Rebuilt URL to: https://www.googleapis.com/
* Hostname was NOT found in DNS cache
* Trying 64.233.186.95...
* Trying 2800:3f0:4003:c00::5f...
* connect to 2800:3f0:4003:c00::5f port 443 failed: La red es inaccesible
* Failed to connect to www.googleapis.com port 443: La red es inaccesible
* Closing connection 0
curl: (7) Failed to connect to www.googleapis.com port 443: La red es inaccesible
And the successfull response was:
curl -v https://www.googleapis.com
* Rebuilt URL to: https://www.googleapis.com/
* Hostname was NOT found in DNS cache
* Trying 64.233.186.95...
* Trying 2800:3f0:4003:c00::5f...
* Connected to www.googleapis.com (64.233.186.95) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.storage.googleapis.com
* start date: 2015-04-08 14:12:01 GMT
* expire date: 2015-07-07 00:00:00 GMT
* subjectAltName: www.googleapis.com matched
* issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.googleapis.com
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Fri, 01 Jan 1990 00:00:00 GMT
< Date: Tue, 21 Apr 2015 21:38:12 GMT
< Vary: X-Origin
< Content-Type: text/html; charset=UTF-8
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
* Server GSE is not blacklisted
< Server: GSE
< Alternate-Protocol: 443:quic,p=1
< Accept-Ranges: none
< Vary: Origin,Accept-Encoding
< Transfer-Encoding: chunked
<
* Connection #0 to host www.googleapis.com left intact
The weird message was "Hostname was NOT found in DNS cache", I was using google DNS's 4.4.4.4 and 8.8.8.8, so I added that domain to my /etc/hosts file using the ipv4 from the curl command output and the problem was solved.
#/etc/hosts
...
64.233.186.95 www.googleapis.com
#DONT COPY THIS IP, USE THE ONE FROM YOUR CURL OUTPUT
...