|
Re: sendbackup connection problems
2004-06-25 10:47:40
That did it! All of the iptables options were compiled into the kernel,
changed them to modules and that fixed it! Thanks!
Jay
> Jay Ted wrote:
> > Greetings,
> >
> > I'm having trouble with one of my amanda servers. I have one server
> > running 2.4.4p3 compiled from source on a LFS box with 2.6.7. My other
> > server is 2.4.4p3 compiled from source on Slack9.1 with 2.6.7. My clients
> > are a handful of RH with rpm'ed versions of amanda installed and a few
> > others with clients compiled from source. My LFS server can back up all of
> > the clients with out any problems. The Slack box can only backup one of
> > the clients (rpm'd 2.4.2p2-9 on RH8.0). Any other clients (regardless of OS
> > or amanda version) I try to backup using the Slack box get to the point
> > where sendbackup opens up the three ports and waits for the server to
> > connect, as seen here:
> >
> > cat /tmp/amada/sendbackup.20040624103525.debug
> >
> > sendbackup: debug 1 pid 1787 ruid 33 euid 33: start at Thu Jun 24 10:35:25
> > 2004
> > /usr/local/libexec/sendbackup: version 2.4.4p3
> > parsed request as: program `DUMP'
> > disk `/boot'
> > device `/boot'
> > level 0
> > since 1970:1:1:0:0:0
> > options `|;bsd-auth;srvcomp-best;index;'
> > sendbackup: try_socksize: send buffer size is 65536
> > sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1121
> > sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1122
> > sendbackup: time 0.002: stream_server: waiting for connection: 0.0.0.0.1123
> > sendbackup: time 0.002: waiting for connect on 1121, then 1122, then 1123
> > sendbackup: time 30.002: stream_accept: timeout after 30 seconds
> > sendbackup: time 30.002: timeout on data port 1121
> > sendbackup: time 60.002: stream_accept: timeout after 30 seconds
> > sendbackup: time 60.002: timeout on mesg port 1122
> > sendbackup: time 90.002: stream_accept: timeout after 30 seconds
> > sendbackup: time 90.002: timeout on index port 1123
> > sendbackup: time 90.002: pid 1787 finish time Thu Jun 24 10:36:55 2004
> >
> > This is where it eventually times out waiting for the server.
> >
> > Here is a tcpdump of all traffic between the server and that client:
> >
> > 10:34:48.949371 slack.domain.com.522 > amclient.domain.com.10080: udp 117
> > (DF)
> > 0x0000 4500 0091 0004 4000 4011 eeb1 ac10 8d79 E.....@[email protected]
> > 0x0010 ac10 660c 020a 2760 007d 1aec 416d 616e ..f...'`.}..Aman
> > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL
> > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 310a 5345 EQ.1088091291.SE
> > 0x0050 4355 CU
> > 10:34:48.956599 amclient.domain.com.10080 > slack.domain.com.522: udp 50
> > (DF)
> > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c E..N..@.?.....f.
> > 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291.
> > 10:34:48.961428 amclient.domain.com.10080 > slack.domain.com.522: udp 83
> > (DF)
> > 0x0000 4500 006f 0000 4000 3f11 efd7 ac10 660c E..o..@.?.....f.
> > 0x0010 ac10 8d79 2760 020a 005b 2e82 416d 616e ...y'`...[..Aman
> > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL
> > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 310a 4f50 EQ.1088091291.OP
> > 0x0050 5449 TI
> > 10:34:48.961641 slack.domain.com.522 > amclient.domain.com.10080: udp 50
> > (DF)
> > 0x0000 4500 004e 0006 4000 4011 eef2 ac10 8d79 E..N..@[email protected]
> > 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291.
> > 10:34:48.962779 slack.domain.com.522 > amclient.domain.com.10080: udp 237
> > (DF)
> > 0x0000 4500 0109 0007 4000 4011 ee36 ac10 8d79 E.....@[email protected]
> > 0x0010 ac10 660c 020a 2760 00f5 125b 416d 616e ..f...'`...[Aman
> > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL
> > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 330a 5345 EQ.1088091293.SE
> > 0x0050 4355 CU
> > 10:34:48.969593 amclient.domain.com.10080 > slack.domain.com.522: udp 50
> > (DF)
> > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c E..N..@.?.....f.
> > 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293.
> > 10:34:50.540198 amclient.domain.com.10080 > slack.domain.com.522: udp 102
> > (DF)
> > 0x0000 4500 0082 0000 4000 3f11 efc4 ac10 660c E.....@.?.....f.
> > 0x0010 ac10 8d79 2760 020a 006e f4dd 416d 616e ...y'`...n..Aman
> > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL
> > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 330a 4f50 EQ.1088091293.OP
> > 0x0050 5449 TI
> > 10:34:50.540292 slack.domain.com.522 > amclient.domain.com.10080: udp 50
> > (DF)
> > 0x0000 4500 004e 0009 4000 4011 eeef ac10 8d79 E..N..@[email protected]
> > 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S
> > 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293.
> > 10:34:52.081249 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type
> > 0x41) vers 109 seq 28257 [|timed] (DF)
> > 0x0000 4500 00fe 0000 4000 4011 ee48 ac10 8d79 E.....@[email protected]
> > 0x0010 ac10 660c 020d 2760 00ea 0237 416d 616e ..f...'`...7Aman
> > 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL
> > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S
> > 0x0040 4551 2031 3038 3830 3931 3238 380a 5345 EQ.1088091288.SE
> > 0x0050 4355 CU
> > 10:34:52.088201 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type
> > 0x41) vers 109 seq 28257 [|timed] (DF)
> > 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c E..N..@.?.....f.
> > 0x0010 ac10 8d79 2760 020d 003a 1950 416d 616e ...y'`...:.PAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S
> > 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288.
> > 10:34:52.098930 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type
> > 0x41) vers 109 seq 28257 [|timed] (DF)
> > 0x0000 4500 0096 0000 4000 3f11 efb0 ac10 660c E.....@.?.....f.
> > 0x0010 ac10 8d79 2760 020d 0082 ec7f 416d 616e ...y'`......Aman
> > 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL
> > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S
> > 0x0040 4551 2031 3038 3830 3931 3238 380a 434f EQ.1088091288.CO
> > 0x0050 4e4e NN
> > 10:34:52.099174 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type
> > 0x41) vers 109 seq 28257 [|timed] (DF)
> > 0x0000 4500 004e 0001 4000 4011 eef7 ac10 8d79 E..N..@[email protected]
> > 0x0010 ac10 660c 020d 2760 003a 1950 416d 616e ..f...'`.:.PAman
> > 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL
> > 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S
> > 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288.
> >
> > There doesn't seem to be any attempt at all to connect to the client on
> > those three ports, however, when those ports are open I can telnet to them
> > from the server. These machines do run iptables but they still fail even
> > when I try the backup after "iptables -F". I did think at first that it
> > was a simple firewall problem, wasn't that lucky though. The mail message
> > sent sees the problem as a "bad CONNECT response", not much more than that.
> >
> > The debug files for the client are available at
> > http://jayted.freeservers.com/amanda
> >
> > I've been fiddling with this for over a week now, anybody have any ideas of
> > what to check next?
>
> Try removing the amanda specific services in the iptables/netfilter kernel
> configuration (or mark as modules and don't load them)
> I have found out that they cause problems on kernels newer than 2.6.5-rc1, so
> if you have them compiled in static or loaded as
> modules that might be it.
>
> /Andreas
--
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
|
|
|
