I think it might make sense for you to do a local mirror of the packages. There's rsync available at rsync.sury.org

None of this is local, it's all on various CI environments like GitHub Actions etc.

I should note that people all over the world can hit this when using DDEV, which may add a build step including apt-get update at runtime. So it's not just a testing problem, and not something that I know how to solve with a mirror or anything.

I have a PR going trying to gather more information, ddev/ddev#5473

But can this be something about DNS or b-cdn.net? Is there possibly one bad IP address returned for debsuryorg.b-cdn.net. ?

I saw this error today. In this case, apt was running inside of GitHub actions. I agree it's intermittent, as other jobs passed as did a rebuild.

I was able to fix this in one particular situation after an extended bit of trouble by changing wireless networks (to phone hotspot). I wish I knew what the error message actually meant.

I had this problem consistently today on a coffee-shop wifi.

I looked at DNS server settings, and I was using 1.1.1.1 (Cloudflare).

I changed to use the coffee-shop's default DNS and it worked fine.

I had this problem consistently today on a coffee-shop wifi.

I looked at DNS server settings, and I was using 1.1.1.1 (Cloudflare).

I changed to use the coffee-shop's default DNS and it worked fine.

Hmm, but you haven't recorded the DNS responses by any chance?

Sorry, that would have been a good test.

I switched back to 1.1.1.1 and now I don't seem to be able to recreate the problem.

The response below is working.

$ nslookup -type=ns packages.sury.org
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.

Authoritative answers can be found from:
debsuryorg.b-cdn.net
	origin = ns1.bunnydns.com
	mail addr = hostmaster.bunnydns.com
	serial = 2020612118
	refresh = 7200
	retry = 900
	expire = 1209600
	minimum = 86400

rfay@rfay-tag1-m1:~/workspace/ddev/containers/ddev-webserver$ nslookup packages.sury.org
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 84.17.63.178

I'm seeing this error today consistenly. In this case, apt is running inside of GitHub actions.

@penyaskito on GitHub hosted runners, our self hosted ones at Linode, or both?

This issue is about the "Splitting up" message.

It's not related to the cert expiration message that @penyaskito was getting due to actually having an expired key. That problem is covered in

• GPG error: https://packages.sury.org/php bullseye InRelease: The following signatures were invalid ddev/ddev#5795

The answer for @penyaskito was to update DDEV to v1.22.7. There is also a workaround in the issue for DDEV v1.22.6.

I'm having this error right now, happening on both amd64 and arm64, on two networks:

GPG error: https://packages.sury.org/php bookworm InRelease: Splitting up /var/lib/apt/lists/packages.sury.org_php_dists_bookworm_InRelease into data and signature failed

$ nslookup packages.sury.org 1.1.1.1
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 84.17.63.178

$ nslookup packages.sury.org 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 84.17.63.178

On another internet-based system where apt update is working I see

# nslookup packages.sury.org 1.1.1.1
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 169.150.221.147

All I can figure here is that my ISP is spoofing 1.1.1.1 and 8.8.8.8

If I add a line to /etc/hosts with
169.150.221.147 packages.sury.org

everything works fine.

I switched to hotspot, completely different network, and I still get the same failure, different IP address

$ nslookup packages.sury.org 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 84.17.63.178

rfay@d10-web:/var/www/html$ nslookup packages.sury.org 1.1.1.1
Server:		1.1.1.1
Address:	1.1.1.1#53

Non-authoritative answer:
packages.sury.org	canonical name = debsuryorg.b-cdn.net.
Name:	debsuryorg.b-cdn.net
Address: 212.102.40.114

But maybe it's bunnydns? It either isn't serving, or isn't willing to talk to me:

$ nslookup packages.sury.org ns1.bunnydns.com
Server:		ns1.bunnydns.com
Address:	157.53.226.1#53

*** Can't find packages.sury.org: No answer

I guess maybe this is something about BunnyCDN caching @oerdnj ?

On the affected systems I'm seeing a 304 "no need to re-transmit" with a curl:

% curl -I https://packages.sury.org/php/dists/bookworm/InRelease
HTTP/2 304
date: Sat, 01 Jun 2024 20:22:59 GMT
server: BunnyCDN-DEN1-919
cdn-pullzone: 717719
cdn-uid: a7a277f7-2828-404b-9c94-f3b9b03c0434
cdn-requestcountrycode: US
cache-control: public, proxy-revalidate, max-age=7200
expires: Sat, 01 Jun 2024 22:06:18 GMT
last-modified: Tue, 14 May 2024 20:00:45 GMT
cache-tag: metadata,dists
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 304
cdn-cachedat: 06/01/2024 20:06:18
cdn-edgestorageid: 919
cdn-status: 304
cdn-requestid: 0e84a891e6127db41f669675e232145b
cdn-cache: HIT

On unaffected systems I see a 200:

$ curl -I https://packages.sury.org/php/dists/bookworm/InRelease
HTTP/2 200
date: Sat, 01 Jun 2024 20:25:28 GMT
content-type: application/octet-stream
content-length: 7542
server: BunnyCDN-TX1-881
cdn-pullzone: 717719
cdn-uid: a7a277f7-2828-404b-9c94-f3b9b03c0434
cdn-requestcountrycode: US
cache-control: public, proxy-revalidate, max-age=7200
expires: Sat, 01 Jun 2024 22:06:42 GMT
last-modified: Tue, 14 May 2024 20:00:45 GMT
cache-tag: metadata,dists
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 06/01/2024 20:06:42
cdn-edgestorageid: 950
cdn-status: 200
cdn-requestid: da088787700c024d7c9b552262700e31
cdn-cache: HIT
accept-ranges: bytes

As I think we'd expect here, on a working system we get this from a curl, fully PGP-signed:

curl  -s  https://packages.sury.org/php/dists/bookworm/InRelease
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Origin: deb.sury.org
Suite: bookworm
Codename: bookworm
Date: Tue, 14 May 2024 20:00:45 UTC
Architectures: amd64 i386 arm64 armhf
Components: main
Signed-By: 15058500A0235D97F5D10063B188E2B695BD4743
MD5Sum:
 fbe4ad12865414b255e966ebddeb8b0f 1817232 main/binary-amd64/Packages
 5d27727440be7770248ba373dc68a7a6 402365 main/binary-amd64/Packages.gz
 e83ddd0b3723ccc618f621b825e07151 229188 main/binary-amd64/Packages.xz
 b164231371f38edfd6ccbcb1f74f5a89 75 main/binary-amd64/Release
 285136698027c1849e1afff39e9e1391 1772641 main/binary-i386/Packages
 1db3ab23c023611241b662204918a0e1 391545 main/binary-i386/Packages.gz
 fc1cd9229bfbb6a30ec0bda9d9bce6a0 223916 main/binary-i386/Packages.xz
 97351b0ba73773198270c10448a65cf8 74 main/binary-i386/Release
 f98171de29795ddc813a4151b76c0042 1761166 main/binary-arm64/Packages
 5561899527871280f54db4a0e0ce55ee 387778 main/binary-arm64/Packages.gz
 de2f01bb423708e45a1a878f0d1ddf9d 221428 main/binary-arm64/Packages.xz
 da08a4cc3f54b325f1ef609a9dd8d910 75 main/binary-arm64/Release
 be3c6e1c759b43beee09d445dfd9be2a 1750141 main/binary-armhf/Packages
 13bafc7b696680b86bc854fe678174c7 385288 main/binary-armhf/Packages.gz
 2495137ad39cb70209cbc7a548d7765e 220668 main/binary-armhf/Packages.xz
 ca3cd33d520115b831cdf660983895f6 75 main/binary-armhf/Release
 0f5e562821a460523bf0f03b2615763a 275942 main/source/Sources
 c3dd3d6473cd71b75beeb77ee778a7d5 55175 main/source/Sources.gz
 148520af633d8895c2968d47f0e87cc1 45816 main/source/Sources.xz
 5944aeb204de3bdf10909ca7ed897616 76 main/source/Release
 f679dcde3c636fbf50f685225fe132df 822432 main/Contents-amd64
 15d52fc5c01b72a0ff6ee1d3c84df6f4 100943 main/Contents-amd64.gz
 3ccef546f2d95ca7caa55ec9e13347ad 763619 main/Contents-i386
 b6d4ea5c5cecf82b2e12dbd3ebfcc746 93571 main/Contents-i386.gz
 8f593c588e9e826134a954388159e399 788166 main/Contents-arm64
 d625e2376a62a98e9f358634139c0f4d 96763 main/Contents-arm64.gz
 ac120f3984b40394a576f977258f79eb 757370 main/Contents-armhf
 0f65cb1b005d191a6400d7212ecfdab6 92676 main/Contents-armhf.gz
SHA1:
 1ccb54098918cfbdf54a66e0ca04df746dd70cde 1817232 main/binary-amd64/Packages
 bf80004733e224e09c7b6568d2914650616e3f7b 402365 main/binary-amd64/Packages.gz
 37895949047ebbb3be658c2daab949e6a258dac6 229188 main/binary-amd64/Packages.xz
 6cc4b93c817b160e8709c55463d404b052adb432 75 main/binary-amd64/Release
 a87c2bb3a92d3e821edc581aa8c80cc92ebf7e08 1772641 main/binary-i386/Packages
 5b98e4d716e80115602a28fc52c4e6fc2364338c 391545 main/binary-i386/Packages.gz
 5c7e5bb14c906ed1221f359dd1d4c9e6798c15fa 223916 main/binary-i386/Packages.xz
 4aea3ef2a5a5d704829ad1cf8c336eafe04db689 74 main/binary-i386/Release
 ed03226083ad91c9608bf53878533474fb064079 1761166 main/binary-arm64/Packages
 8cc5d7dfb419b6729ef1ca0a8ada6faf5b227477 387778 main/binary-arm64/Packages.gz
 4d931ef85c27937a9a48d232959058f8bc9a4246 221428 main/binary-arm64/Packages.xz
 84e556b06d3eab8a63d3c65509fb056f5d6b6609 75 main/binary-arm64/Release
 b19c9b999e12675faf844abf81809a1d1812b1fd 1750141 main/binary-armhf/Packages
 11f11f01fbd6891fe78fbe0a9902252d232fbdd7 385288 main/binary-armhf/Packages.gz
 18b0c5b9c5dcb3cfe514f6676a738f092823c9bf 220668 main/binary-armhf/Packages.xz
 60ea84a18d8379dbb68105ef5cd2973cab3f07c7 75 main/binary-armhf/Release
 c553d56f8e6247f0ccb463a356f916bde4f2be1f 275942 main/source/Sources
 950904ad44d39220a72e2f753034e5b7da210640 55175 main/source/Sources.gz
 92d1e1fd0b90aede2d0ffd21bf248d1a37856efc 45816 main/source/Sources.xz
 4ad2a32f9353d48a027f89bb6dfb559f3789edd3 76 main/source/Release
 1c6bbd3f4194994380bfe1c4a7e9e723aee65f0a 822432 main/Contents-amd64
 3af05b330e2a81e8242789b9e5a6b9d9874ffcd5 100943 main/Contents-amd64.gz
 c63c10a662d98c051e5ca130a79ec3cc6295f7e8 763619 main/Contents-i386
 a13ce421d57b5e214a9c4dd38ea5c761854e3cc3 93571 main/Contents-i386.gz
 af76507b6d88b04aef4c5dd6dec8bc9cae19647b 788166 main/Contents-arm64
 28e1863d418c7f24a379f7583aac3e22e2f39f7a 96763 main/Contents-arm64.gz
 008dfa23325d289788eb23956eba025789ede534 757370 main/Contents-armhf
 be995505d4d59c5a3d684ea4f439b2f96f1ee372 92676 main/Contents-armhf.gz
SHA256:
 fe8c2db11b2cca11102fdf6eb312071a143ab99915988e10d66914747241b052 1817232 main/binary-amd64/Packages
 2f9772ab4846b77c8e37cc8d04866d577a882206b86b7a60811b21e051cfd807 402365 main/binary-amd64/Packages.gz
 df8e8be847cadfb7d764d582a6864f04933c4c9e13428ac1b7e64563812db179 229188 main/binary-amd64/Packages.xz
 d561db745afd6a5f0b405eaf73bcec647b93ba60143f30a34e1b18ffb0a22014 75 main/binary-amd64/Release
 7904358d0612ec6d4e8a529a9a71d6a2da3872d790903467f05978faa8963172 1772641 main/binary-i386/Packages
 a298f2e00d3e763e22d4e860752a45c3f83a8bf8e7cde767ad0e102305f51e14 391545 main/binary-i386/Packages.gz
 87e7f4807e0d2700a0461c0286f1084d87b97443068a63f00474d01184293af4 223916 main/binary-i386/Packages.xz
 01e4b67a49e26c78439f3f4c0b71d610c7a7519eafb2dbe4ba405f9162a076ca 74 main/binary-i386/Release
 8604e488817f3a7d1184c5e3f87f9a8170452522ede3ff05c8818b95ab825e98 1761166 main/binary-arm64/Packages
 4cc9be38940ce637e58e9f8270ab30a5a0a3277b313cde971438582a3b37c822 387778 main/binary-arm64/Packages.gz
 b25c08d88b9e2dbea3c259b065d0b3547154424a890e0d2f134b1c503d1deede 221428 main/binary-arm64/Packages.xz
 ea9f3cfd5cf0e8c856230d53f73164b60e2be50b7b2ac0099e476faef2254d04 75 main/binary-arm64/Release
 4ee5705bcd0790e8b0f44826cd3a7f8960aebb624c3ec03378c616d3abe6e23b 1750141 main/binary-armhf/Packages
 e4625cb03139a2b60bf3a703bbbc4c1695f060cd88a5010f8f85cfab624b4558 385288 main/binary-armhf/Packages.gz
 8b6f802f47f82adec8754931c020215f16eae9a570117e68112ed65b05bd5629 220668 main/binary-armhf/Packages.xz
 64294113ee9a74e2ca2e7540ab47176e748060e6de0934f46263c46ecb719c94 75 main/binary-armhf/Release
 3b935b7a2e8ec0ce8804860403013350f810908ba71ece05ff2468577bf7aa24 275942 main/source/Sources
 c66429d5a2ff61b38ccc1c1cc4d07292b3d250ad29ff8cc1670c1595b385eea9 55175 main/source/Sources.gz
 81b7df711df330ac9b44306d47436697b3d7363c7d3e31de4e762d0d4bd997c6 45816 main/source/Sources.xz
 2c398967fb30860157907e6170cb6a90eed7c9391f33ea14b94898746f50a94e 76 main/source/Release
 630998b100b8b352fae39a05c492f01cfc0afc5f3274c21e66918e0c1d3de9f0 822432 main/Contents-amd64
 0993aba68c23993f730d927467ba5f07436f40abe662fd73733eb25f1d2558fc 100943 main/Contents-amd64.gz
 638c2d11900c0abbf680c9d0a163c6424538b30ca6ad4260f6fa3f98744f37b2 763619 main/Contents-i386
 a8c7e414341093a1d36a238fb3f730e095334566aff435ea0c4eb539f9dd45f2 93571 main/Contents-i386.gz
 280b9a12a1dcd0bfde9e5e88fd998c8fbf049ca09150b9868410112e758d54db 788166 main/Contents-arm64
 5f15b5cb8ea0534fb3555d21786c986e79d217cab39037f7d43eb4d307c48cd7 96763 main/Contents-arm64.gz
 3f34cad47c9590419f08f69960c5c43623112bee355abdcab96572d1ed6877b7 757370 main/Contents-armhf
 c5dde5edc05d6299795c9ae07aae441e1b21d359c5d1d78c09d1c2508ec09c8b 92676 main/Contents-armhf.gz
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEFQWFAKAjXZf10QBjsYjitpW9R0MFAmZDwu0ACgkQsYjitpW9
R0MfkQv/ZLRojfUhrVj5eoLh8yCUFpr14Q81jr2XBBTEsJ3rhOLLoLOmId8T/a8K
Wq5oPK9zjXq97zJn2FlakVU/W0Li7J4X33gNhjah48CojBDcHb21XQZZGpqMX05Y
7Il2g6HUq7SpBRTc/CLMJ4OOx30kSLO0/7iZG06PHtAb3VFoHaOlcnlrgyXQbwGb
SrXe3xomFTVbLDAtWtqakPfx7mDrVR5kwYQHwUh7o0hYjNcAfgow0BRCPMVgpnQd
O9X0YoN0hwX8uDk6Se4pOoU92fhUfnsWBq9bvm0k2rZDhaxzW29dARkGOO3PdbUb
Pzknx72iww9djLKdV4IyMzw2gmPm4Qf6j8eAKbdohb4cWL5BjF2xmJj5/xAUjmx2
G8yHgd8NJl0Wsxe7en4Gqn+TPpy9E00QsiJotgpjj4tPSzrPkL12x6CTpsyNsSzV
QNVrhEio4FwUjZHjXaJx1mkOMyAb8PLd5oeYjS7cWjeAL6mc1LxcRzpcRC5Rq3QG
y0PO0zce
=WZ8F
-----END PGP SIGNATURE-----

On a broken system as expected, because of the 304, we get absolutely nothing back:

% curl  -s  https://packages.sury.org/php/dists/bookworm/InRelease
%

I’ll open a ticket with BunnyCDN.

Hello,

I have the exact same problem today after upgrading from Debian buster to bullseye.
apache2 repository is working fine but php repo is returning the error

Err:5 https://packages.sury.org/php bullseye InRelease                 
  Splitting up /var/lib/apt/lists/packages.sury.org_php_dists_bullseye_InRelease into data and signature failed

Also returning HTTP 304 and nothing for the InRelease file.

Any advice ?

Seems to be working again. Strange :/

It has appeared again in a GitHub Actions build :(

#19 [linux/arm64 base 6/7] RUN apt-get -qq update
#19 CANCELED
------
 > [linux/amd64 ddev-xdebug-build 1/3] RUN curl -sSLo /tmp/debsuryorg-archive-keyring.deb https://packages.sury.org/debsuryorg-archive-keyring.deb &&     dpkg -i /tmp/debsuryorg-archive-keyring.deb && rm -f /tmp/debsuryorg-archive-keyring.deb &&     echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list && apt-get update:

1.044 W: GPG error: https://packages.sury.org/php bookworm InRelease: Splitting up /var/lib/apt/lists/packages.sury.org_php_dists_bookworm_InRelease into data and signature failed
1.044 E: The repository 'https://packages.sury.org/php bookworm InRelease' is not signed.
------

Did BunnyCDN ever answer the ticket?

As I think we'd expect here, on a working system we get this from a curl, fully PGP-signed:
curl -s https://packages.sury.org/php/dists/bookworm/InRelease

On a broken system as expected, because of the 304, we get absolutely nothing back:

% curl  -s  https://packages.sury.org/php/dists/bookworm/InRelease
%

I am using ddev and am also getting this on two different systems. The system where ddev is working outputs where the one that doesn't work returns nothing.

and non working system outputs nothing.

This has been happening on the non-working system for the last 45 minutes at least and as I was writing this post it has now resolved itself.

</details>

If this is the same as last time I studied it, it's the CDN returning empty from https://packages.sury.org/php/dists/bookworm/InRelease, which ends up with this crazy cryptic error. And since the CDN is apparently doing this on only one edge server maybe... it happens to different systems at different times.

Is there an alternate mirror we could use, at least for testing? If not, could we or someone create a mirror just for testing? If we keep it to ddev it would presumably have much less traffic.

As I think we'd expect here, on a working system we get this from a curl, fully PGP-signed:

curl -s https://packages.sury.org/php/dists/bookworm/InRelease

On a broken system as expected, because of the 304, we get absolutely nothing back:

% curl -s https://packages.sury.org/php/dists/bookworm/InRelease

%

I am using ddev and am also getting this on two different systems. The system where ddev is working outputs where the one that doesn't work returns nothing.

Working system:

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512



Origin: deb.sury.org

Suite: bookworm

Codename: bookworm

Date: Wed, 30 Oct 2024 23:00:47 UTC

Architectures: amd64 i386 arm64 armhf

Components: main

Signed-By: 15058500A0235D97F5D10063B188E2B695BD4743

MD5Sum:

 6fc18bc174199596bf5cafae4121fa45 1938081 main/binary-amd64/Packages

 c2d31b8d3fa18fcf38359c1e9750ca44 429058 main/binary-amd64/Packages.gz

 2e9fd0b096fd8a261e69d294269b9d24 244128 main/binary-amd64/Packages.xz

 b164231371f38edfd6ccbcb1f74f5a89 75 main/binary-amd64/Release

 31ddb671d8ffe90cd108a1679403d62c 1909164 main/binary-i386/Packages

 bda9d59ef3d36692f13df0417b33fc15 422561 main/binary-i386/Packages.gz

 b8ea08155520924a07706d416b0d5430 240812 main/binary-i386/Packages.xz

 97351b0ba73773198270c10448a65cf8 74 main/binary-i386/Release

 c3da96f5d64746ccb5ca244736acd994 1889220 main/binary-arm64/Packages

 4b1e854444fe21920503a8bc7bf2ed8d 417119 main/binary-arm64/Packages.gz

 d10750cb80cdb85f1eaceff4990ad0bb 237256 main/binary-arm64/Packages.xz

 da08a4cc3f54b325f1ef609a9dd8d910 75 main/binary-arm64/Release

 43c66a4f818c10632d51e389a2788947 1886898 main/binary-armhf/Packages

 da5da691bc980f3ed12f12acdf80c74f 416507 main/binary-armhf/Packages.gz

 0de6616bfea6ac0119ab9af1717d2ab7 237512 main/binary-armhf/Packages.xz

 ca3cd33d520115b831cdf660983895f6 75 main/binary-armhf/Release

 0b12b7b996cea5a390b8782ebbeb67de 294988 main/source/Sources

 563f42f241d8b939c71b3cae866622d1 58887 main/source/Sources.gz

 e6a4108245d7997eba408e84152d4b7d 48788 main/source/Sources.xz

 5944aeb204de3bdf10909ca7ed897616 76 main/source/Release

 21a403b56ced8566f8f8a5eb84d3024d 882712 main/Contents-amd64

 21e9ac65a88dd58075fa6690b2ca3ea0 107745 main/Contents-amd64.gz

 971535060c1dc89a53af03c845a21131 828994 main/Contents-i386

 8daea1b24ab5534dc4e01c29272b7568 101313 main/Contents-i386.gz

 00ee1d19eb9a754ebc607ed8b4a0abc3 851071 main/Contents-arm64

 cc5ff7e27ff5e4e85985dd719283007f 104087 main/Contents-arm64.gz

 6d20fe883315a01089331ece7cd282e3 822770 main/Contents-armhf

 fb504e0dbcd9d70613a1b2d1e8a95854 100438 main/Contents-armhf.gz

SHA1:

 95256d40115592183ba76c9bc8c88d8c6291e181 1938081 main/binary-amd64/Packages

 b25909c2c6e30916aae59ec309048c375f591062 429058 main/binary-amd64/Packages.gz

 2386ac5c81464c0f8f8fe6d85f33d0d340e4a6e0 244128 main/binary-amd64/Packages.xz

 6cc4b93c817b160e8709c55463d404b052adb432 75 main/binary-amd64/Release

 49894ed34d86281600953ec40a2d7c713f396a81 1909164 main/binary-i386/Packages

 49729512bf24fc111eb4174f32e3f9c66c02dd0b 422561 main/binary-i386/Packages.gz

 887a4a9f2467d3e99d3723130c5a51998e8eb7e8 240812 main/binary-i386/Packages.xz

 4aea3ef2a5a5d704829ad1cf8c336eafe04db689 74 main/binary-i386/Release

 bbac30e9cda2f0a3ab17e26e833038eaa7f341c9 1889220 main/binary-arm64/Packages

 c605b665de11ad4e2c2baf824a605fec5282a45e 417119 main/binary-arm64/Packages.gz

 fdd0574151dba9fc8e96c5116c568e3125c58f78 237256 main/binary-arm64/Packages.xz

 84e556b06d3eab8a63d3c65509fb056f5d6b6609 75 main/binary-arm64/Release

 6c6934fa90ba40e97cf9b51607bc1a443345d6c9 1886898 main/binary-armhf/Packages

 de2eb4fd21eff84e61b923981f619fd0f71bdb16 416507 main/binary-armhf/Packages.gz

 545931c7d6fe4a8906eae8c7fe2229fe2299904e 237512 main/binary-armhf/Packages.xz

 60ea84a18d8379dbb68105ef5cd2973cab3f07c7 75 main/binary-armhf/Release

 6789ac8a51ebfc7aa433530f0a5538f50ec7fc73 294988 main/source/Sources

 18494f727511ee617634910dee2208a05e230bad 58887 main/source/Sources.gz

 fdc80ce14e92d5cc1a396d04ed1c2e379b793939 48788 main/source/Sources.xz

 4ad2a32f9353d48a027f89bb6dfb559f3789edd3 76 main/source/Release

 e0cde519f99be00c9d2b537359844fa034c8befd 882712 main/Contents-amd64

 5005b969ee88b0eca1912a547efb28413cdbe87a 107745 main/Contents-amd64.gz

 796abe407a7299629aa70d64946ee7c25e145426 828994 main/Contents-i386

 a797fdf0693ef0aa6545ee55c64432ef8d9a623a 101313 main/Contents-i386.gz

 045f85e54bc7e6d52700fb0a4cc28cc900656d9f 851071 main/Contents-arm64

 0938d4b7b051b605b595efd00bb7ace3aca0efcd 104087 main/Contents-arm64.gz

 8e5a3e0212fd01aa6773cb125c41876574888889 822770 main/Contents-armhf

 64d44b74affdad4a468747312b2daba79a613578 100438 main/Contents-armhf.gz

SHA256:

 39eb48904065b7ac1a0fd31c1478cdadd536a3919d7eac9007bda501ad62a6b7 1938081 main/binary-amd64/Packages

 79f992edefabe1e676f3b65aa741b26bb9ad4a8224503e25293b55923f822c85 429058 main/binary-amd64/Packages.gz

 a0b876c22d6a7dec56bec104defc04ef6e4f502994dbffe38d3a853a522d1bf2 244128 main/binary-amd64/Packages.xz

 d561db745afd6a5f0b405eaf73bcec647b93ba60143f30a34e1b18ffb0a22014 75 main/binary-amd64/Release

 a35cfc578760a584f59be68ef1b3224784cc4da7f49e96ce950641966db97012 1909164 main/binary-i386/Packages

 a644273b11e3b29e6f5ce4d6d09d47cc1ef950eb4b8770b02e0da84c252827af 422561 main/binary-i386/Packages.gz

 8d9a3e595483841c85276a8aced71fd4ce8b7add11d5aa310d2d868b4085e52c 240812 main/binary-i386/Packages.xz

 01e4b67a49e26c78439f3f4c0b71d610c7a7519eafb2dbe4ba405f9162a076ca 74 main/binary-i386/Release

 9821b4baec79d03f3c771b58aad6f9d94466b54110673f68b4e88c63c86f3941 1889220 main/binary-arm64/Packages

 9af6ad3c5f6ac0de223a7c35193aa881283e5cc9bea2ee6ccd8e31ad915a3d8a 417119 main/binary-arm64/Packages.gz

 054ecf738b844fd5eb5bb8bf6167c09688c3dfa7998d31ff11f831d8ea2807dc 237256 main/binary-arm64/Packages.xz

 ea9f3cfd5cf0e8c856230d53f73164b60e2be50b7b2ac0099e476faef2254d04 75 main/binary-arm64/Release

 39993169db219702008c0f222144f54dd095964cfae8d1381ece9d1a732e7f89 1886898 main/binary-armhf/Packages

 1862f2e15785044cc9ac1136afa02e413e3c08210be9472d1dd5ee2d3c5e37df 416507 main/binary-armhf/Packages.gz

 e07e6772f5b82ad2a19f2668bac3dd3bc0cf057be9870a9626dc319086456756 237512 main/binary-armhf/Packages.xz

 64294113ee9a74e2ca2e7540ab47176e748060e6de0934f46263c46ecb719c94 75 main/binary-armhf/Release

 9d9289bfdca1ad8dc4a4a9a3c0030b8b0f503fa96085ef03b24cffd17c48e688 294988 main/source/Sources

 908b55baa95c55f5862e09c85f384237beb546af751316f6f1cc581542a42ae8 58887 main/source/Sources.gz

 aae4c2f1fca2d57609356aca480663e1a617e14437f04d726153976ecaded5b4 48788 main/source/Sources.xz

 2c398967fb30860157907e6170cb6a90eed7c9391f33ea14b94898746f50a94e 76 main/source/Release

 f0c87573708e186c0c2a7f9215deeccb4dd25eedce20b4e22520a670e7648615 882712 main/Contents-amd64

 fe699107ea9a683fffaffddad1e65d932f4b44e77d2b4a8ee225222762433333 107745 main/Contents-amd64.gz

 55d61d8578b6f37349b57e96b6f442b080c91d5cf750731079b46ee36c9ae2e1 828994 main/Contents-i386

 a3d020f7805e3e67177ede7f502b9cbd7c2e03a4d29691196fabef2bbde544d1 101313 main/Contents-i386.gz

 0b23868808ca3bf6e326d15aa82402cc620f19e8611b64ff35fbc1b8a940a6ae 851071 main/Contents-arm64

 199feaabaeb7b1b2d5c9590c6299d3cf8617ca8fde61cb06ac6d3bb2559160f2 104087 main/Contents-arm64.gz

 5808c9b1a9e2ea277244a0df03782d03dd4a9030a7ce67db12f0c4290dabaa35 822770 main/Contents-armhf

 bc7eca7b234af0725883a3be059cf8bfb938d06914312008e382caa4f99ed397 100438 main/Contents-armhf.gz

-----BEGIN PGP SIGNATURE-----



iQGzBAEBCgAdFiEEFQWFAKAjXZf10QBjsYjitpW9R0MFAmciup8ACgkQsYjitpW9

R0OLfgv+K4+ghf/m7cRW3y5QV+at7NpYV6fmKi3dHb8og6eWspmwn8vdCq+O2fyP

zaLV5bnMfhTicUA9A8/4T1OvS2ixvX3elF/KpTke8ISQ99eJ9mS9mpK6553316IB

xI10SjlddHnzaOGT3c18BLlJI2DG/AZuFWyujdYy6TW38UvVKRtCdQhcwcY7Yty/

641IcKPv5QwP7ceNgXgoKjTG08oc6t4I3H5K1H3z7C1Yl/tg/WugBIkMQWQsKBwW

IMaCXhGK84Jc9aqLZgU/kMKglXXUVcMWzmQbRK/3KYwdla98B4Yys5XCbTcotVlc

1dvcNloV2XV9HAzwIS5CqWFpzwcBbw2l+Fs1W9e1mG5eSMeiJ5bm+tM7ClxxJR3n

nx9kAh7INZx5JKmD50eoiWJXW5btd+Jjp/oDnAXwvIEvzH6UAE8krBtD6bASAuol

UNfGjDHovW3SeVp/Ky8Nl+pVJWol5gjnl9F6pMhR/r9/xWPu+E2giaUMBSW9DQc/

gEv9WjhC

=5nnR

-----END PGP SIGNATURE-----```

</details>



and non working system outputs nothing.



This has been happening on the non-working system for the last 45 minutes at least and as I was writing this post it has now resolved itself.



<details>

<summary>The non-working system is now outputting:</summary>

```curl -s https://packages.sury.org/php/dists/bookworm/InRelease                                                                     ✔  36s  

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512



Origin: deb.sury.org

Suite: bookworm

Codename: bookworm

Date: Wed, 30 Oct 2024 23:00:47 UTC

Architectures: amd64 i386 arm64 armhf

Components: main

Signed-By: 15058500A0235D97F5D10063B188E2B695BD4743

MD5Sum:

 6fc18bc174199596bf5cafae4121fa45 1938081 main/binary-amd64/Packages

 c2d31b8d3fa18fcf38359c1e9750ca44 429058 main/binary-amd64/Packages.gz

 2e9fd0b096fd8a261e69d294269b9d24 244128 main/binary-amd64/Packages.xz

 b164231371f38edfd6ccbcb1f74f5a89 75 main/binary-amd64/Release

 31ddb671d8ffe90cd108a1679403d62c 1909164 main/binary-i386/Packages

 bda9d59ef3d36692f13df0417b33fc15 422561 main/binary-i386/Packages.gz

 b8ea08155520924a07706d416b0d5430 240812 main/binary-i386/Packages.xz

 97351b0ba73773198270c10448a65cf8 74 main/binary-i386/Release

 c3da96f5d64746ccb5ca244736acd994 1889220 main/binary-arm64/Packages

 4b1e854444fe21920503a8bc7bf2ed8d 417119 main/binary-arm64/Packages.gz

 d10750cb80cdb85f1eaceff4990ad0bb 237256 main/binary-arm64/Packages.xz

 da08a4cc3f54b325f1ef609a9dd8d910 75 main/binary-arm64/Release

 43c66a4f818c10632d51e389a2788947 1886898 main/binary-armhf/Packages

 da5da691bc980f3ed12f12acdf80c74f 416507 main/binary-armhf/Packages.gz

 0de6616bfea6ac0119ab9af1717d2ab7 237512 main/binary-armhf/Packages.xz

 ca3cd33d520115b831cdf660983895f6 75 main/binary-armhf/Release

 0b12b7b996cea5a390b8782ebbeb67de 294988 main/source/Sources

 563f42f241d8b939c71b3cae866622d1 58887 main/source/Sources.gz

 e6a4108245d7997eba408e84152d4b7d 48788 main/source/Sources.xz

 5944aeb204de3bdf10909ca7ed897616 76 main/source/Release

 21a403b56ced8566f8f8a5eb84d3024d 882712 main/Contents-amd64

 21e9ac65a88dd58075fa6690b2ca3ea0 107745 main/Contents-amd64.gz

 971535060c1dc89a53af03c845a21131 828994 main/Contents-i386

 8daea1b24ab5534dc4e01c29272b7568 101313 main/Contents-i386.gz

 00ee1d19eb9a754ebc607ed8b4a0abc3 851071 main/Contents-arm64

 cc5ff7e27ff5e4e85985dd719283007f 104087 main/Contents-arm64.gz

 6d20fe883315a01089331ece7cd282e3 822770 main/Contents-armhf

 fb504e0dbcd9d70613a1b2d1e8a95854 100438 main/Contents-armhf.gz

SHA1:

 95256d40115592183ba76c9bc8c88d8c6291e181 1938081 main/binary-amd64/Packages

 b25909c2c6e30916aae59ec309048c375f591062 429058 main/binary-amd64/Packages.gz

 2386ac5c81464c0f8f8fe6d85f33d0d340e4a6e0 244128 main/binary-amd64/Packages.xz

 6cc4b93c817b160e8709c55463d404b052adb432 75 main/binary-amd64/Release

 49894ed34d86281600953ec40a2d7c713f396a81 1909164 main/binary-i386/Packages

 49729512bf24fc111eb4174f32e3f9c66c02dd0b 422561 main/binary-i386/Packages.gz

 887a4a9f2467d3e99d3723130c5a51998e8eb7e8 240812 main/binary-i386/Packages.xz

 4aea3ef2a5a5d704829ad1cf8c336eafe04db689 74 main/binary-i386/Release

 bbac30e9cda2f0a3ab17e26e833038eaa7f341c9 1889220 main/binary-arm64/Packages

 c605b665de11ad4e2c2baf824a605fec5282a45e 417119 main/binary-arm64/Packages.gz

 fdd0574151dba9fc8e96c5116c568e3125c58f78 237256 main/binary-arm64/Packages.xz

 84e556b06d3eab8a63d3c65509fb056f5d6b6609 75 main/binary-arm64/Release

 6c6934fa90ba40e97cf9b51607bc1a443345d6c9 1886898 main/binary-armhf/Packages

 de2eb4fd21eff84e61b923981f619fd0f71bdb16 416507 main/binary-armhf/Packages.gz

 545931c7d6fe4a8906eae8c7fe2229fe2299904e 237512 main/binary-armhf/Packages.xz

 60ea84a18d8379dbb68105ef5cd2973cab3f07c7 75 main/binary-armhf/Release

 6789ac8a51ebfc7aa433530f0a5538f50ec7fc73 294988 main/source/Sources

 18494f727511ee617634910dee2208a05e230bad 58887 main/source/Sources.gz

 fdc80ce14e92d5cc1a396d04ed1c2e379b793939 48788 main/source/Sources.xz

 4ad2a32f9353d48a027f89bb6dfb559f3789edd3 76 main/source/Release

 e0cde519f99be00c9d2b537359844fa034c8befd 882712 main/Contents-amd64

 5005b969ee88b0eca1912a547efb28413cdbe87a 107745 main/Contents-amd64.gz

 796abe407a7299629aa70d64946ee7c25e145426 828994 main/Contents-i386

 a797fdf0693ef0aa6545ee55c64432ef8d9a623a 101313 main/Contents-i386.gz

 045f85e54bc7e6d52700fb0a4cc28cc900656d9f 851071 main/Contents-arm64

 0938d4b7b051b605b595efd00bb7ace3aca0efcd 104087 main/Contents-arm64.gz

 8e5a3e0212fd01aa6773cb125c41876574888889 822770 main/Contents-armhf

 64d44b74affdad4a468747312b2daba79a613578 100438 main/Contents-armhf.gz

SHA256:

 39eb48904065b7ac1a0fd31c1478cdadd536a3919d7eac9007bda501ad62a6b7 1938081 main/binary-amd64/Packages

 79f992edefabe1e676f3b65aa741b26bb9ad4a8224503e25293b55923f822c85 429058 main/binary-amd64/Packages.gz

 a0b876c22d6a7dec56bec104defc04ef6e4f502994dbffe38d3a853a522d1bf2 244128 main/binary-amd64/Packages.xz

 d561db745afd6a5f0b405eaf73bcec647b93ba60143f30a34e1b18ffb0a22014 75 main/binary-amd64/Release

 a35cfc578760a584f59be68ef1b3224784cc4da7f49e96ce950641966db97012 1909164 main/binary-i386/Packages

 a644273b11e3b29e6f5ce4d6d09d47cc1ef950eb4b8770b02e0da84c252827af 422561 main/binary-i386/Packages.gz

 8d9a3e595483841c85276a8aced71fd4ce8b7add11d5aa310d2d868b4085e52c 240812 main/binary-i386/Packages.xz

 01e4b67a49e26c78439f3f4c0b71d610c7a7519eafb2dbe4ba405f9162a076ca 74 main/binary-i386/Release

 9821b4baec79d03f3c771b58aad6f9d94466b54110673f68b4e88c63c86f3941 1889220 main/binary-arm64/Packages

 9af6ad3c5f6ac0de223a7c35193aa881283e5cc9bea2ee6ccd8e31ad915a3d8a 417119 main/binary-arm64/Packages.gz

 054ecf738b844fd5eb5bb8bf6167c09688c3dfa7998d31ff11f831d8ea2807dc 237256 main/binary-arm64/Packages.xz

 ea9f3cfd5cf0e8c856230d53f73164b60e2be50b7b2ac0099e476faef2254d04 75 main/binary-arm64/Release

 39993169db219702008c0f222144f54dd095964cfae8d1381ece9d1a732e7f89 1886898 main/binary-armhf/Packages

 1862f2e15785044cc9ac1136afa02e413e3c08210be9472d1dd5ee2d3c5e37df 416507 main/binary-armhf/Packages.gz

 e07e6772f5b82ad2a19f2668bac3dd3bc0cf057be9870a9626dc319086456756 237512 main/binary-armhf/Packages.xz

 64294113ee9a74e2ca2e7540ab47176e748060e6de0934f46263c46ecb719c94 75 main/binary-armhf/Release

 9d9289bfdca1ad8dc4a4a9a3c0030b8b0f503fa96085ef03b24cffd17c48e688 294988 main/source/Sources

 908b55baa95c55f5862e09c85f384237beb546af751316f6f1cc581542a42ae8 58887 main/source/Sources.gz

 aae4c2f1fca2d57609356aca480663e1a617e14437f04d726153976ecaded5b4 48788 main/source/Sources.xz

 2c398967fb30860157907e6170cb6a90eed7c9391f33ea14b94898746f50a94e 76 main/source/Release

 f0c87573708e186c0c2a7f9215deeccb4dd25eedce20b4e22520a670e7648615 882712 main/Contents-amd64

 fe699107ea9a683fffaffddad1e65d932f4b44e77d2b4a8ee225222762433333 107745 main/Contents-amd64.gz

 55d61d8578b6f37349b57e96b6f442b080c91d5cf750731079b46ee36c9ae2e1 828994 main/Contents-i386

 a3d020f7805e3e67177ede7f502b9cbd7c2e03a4d29691196fabef2bbde544d1 101313 main/Contents-i386.gz

 0b23868808ca3bf6e326d15aa82402cc620f19e8611b64ff35fbc1b8a940a6ae 851071 main/Contents-arm64

 199feaabaeb7b1b2d5c9590c6299d3cf8617ca8fde61cb06ac6d3bb2559160f2 104087 main/Contents-arm64.gz

 5808c9b1a9e2ea277244a0df03782d03dd4a9030a7ce67db12f0c4290dabaa35 822770 main/Contents-armhf

 bc7eca7b234af0725883a3be059cf8bfb938d06914312008e382caa4f99ed397 100438 main/Contents-armhf.gz

-----BEGIN PGP SIGNATURE-----



iQGzBAEBCgAdFiEEFQWFAKAjXZf10QBjsYjitpW9R0MFAmciup8ACgkQsYjitpW9

R0OLfgv+K4+ghf/m7cRW3y5QV+at7NpYV6fmKi3dHb8og6eWspmwn8vdCq+O2fyP

zaLV5bnMfhTicUA9A8/4T1OvS2ixvX3elF/KpTke8ISQ99eJ9mS9mpK6553316IB

xI10SjlddHnzaOGT3c18BLlJI2DG/AZuFWyujdYy6TW38UvVKRtCdQhcwcY7Yty/

641IcKPv5QwP7ceNgXgoKjTG08oc6t4I3H5K1H3z7C1Yl/tg/WugBIkMQWQsKBwW

IMaCXhGK84Jc9aqLZgU/kMKglXXUVcMWzmQbRK/3KYwdla98B4Yys5XCbTcotVlc

1dvcNloV2XV9HAzwIS5CqWFpzwcBbw2l+Fs1W9e1mG5eSMeiJ5bm+tM7ClxxJR3n

nx9kAh7INZx5JKmD50eoiWJXW5btd+Jjp/oDnAXwvIEvzH6UAE8krBtD6bASAuol

UNfGjDHovW3SeVp/Ky8Nl+pVJWol5gjnl9F6pMhR/r9/xWPu+E2giaUMBSW9DQc/

gEv9WjhC

=5nnR

-----END PGP SIGNATURE-----

Can you get the HTTP headers from the broken connection?

We did in #2046 (comment)

I imagine it's the same. (304 "no need to re-transmit")

I'll consider adding a curl -I to one of the image builds where this happens, but it's so sporadic it's hard to study.

Can you get the HTTP headers from the broken connection?

Unfortunately things started to work while I was writing out the post so I'm not able to get that information now. If it comes up again I will try to get that information as well.