I've tried adding RPM repo on Rocky Linux, but package download failed. So I did dnf download elasticsearch --arch x86_64 --url and attempted to use wget on the resulting URL to confirm it fails with 403 error as well. IPv6 are not enabled.
Same url works fine from rented VPS even it has IPv6 working.
Repo configuration and example URL provided below:
# cat /etc/yum.repos.d/elasticsearch-9.x.repo
[elasticsearch-9.x]
name=Elasticsearch repository for 9.x packages
baseurl=https://artifacts.elastic.co/packages/9.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
# dnf download elasticsearch --arch x86_64 --url
Last metadata expiration check: 2:04:12 ago on Tue 17 Mar 2026 02:45:18 PM UTC.
https://artifacts.elastic.co/packages/9.x/yum/9.3.1/elasticsearch-9.3.1-x86_64.rpm
But I'm using a recent Rocky Linux 10, which should be supported as "Red Hat Enterprise Linux 8 and later". I don't really understand how this is related to my issue, because the problem isn't that I can't install the RPM package, it's that I can't download it. The archive links provided point to the same source, which also returns a 403 error for our IP:
Thanks for confirming the version you're using @leont. It wasn't in your original request, and it's always worth ruling out other potential issues first.
I've raised an internal request with the team for this ASN. I'll provide an update when I hear back, but just a heads up that in my experience these requests can take some time.
did you by chance also allow the Hetzner ASN for the docker registry too? We are getting timeouts pulling images:
dial tcp 34.56.16.77:443: i/o timeout`
This works from residential ips, so I guess it is firewall setting.
Pinging the domains works.
Everything http related is blocked as it seems (curl trace):
Failed to connect to docker.elastic.co port 443 after 135173 ms: Could not connect to server
Sorry had to redact/break/shorten logs for new user limitation reasons.
(WTF is a the error message "Sorry you cannot post a link to that host"???)
As far as I'm aware there isn't a separate mechanism for the docker registry. Can you check there isn't a block anywhere on your side, and if not share the full trace and which image you're having issues with.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.