Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: can't repeat "Mesg read: Connection reset by peer"

2007-11-16 04:20:07
Subject: Re: can't repeat "Mesg read: Connection reset by peer"
From: Paul Bijnens <paul.bijnens AT xplanation DOT com>
To: Takashi Kurakata <t.kurakata AT gmail DOT com>
Date: Fri, 16 Nov 2007 10:11:59 +0100 
Takashi Kurakata wrote:

Hi all
I'm sorry if you understand my English.I have the pleasure of writing to you again. 

I examine why this log "Mesg read: Connection reset by peer" is output.

To want to repeat it, I executed the following commands on the server.
 - amdump daily
- iptables -A INPUT -p tcp -d "IPaddress of the client" -j REJECT --reject-with tcp-reset - iptables -A OUTPUT -p tcp -d "IPaddress of the client" -j REJECT --reject-with tcp-reset 

Ok, so those entries effectivily block any traffic from/to the client,
and immediately send the tcp-reset on each packet.




I executed the command "iptables" while executing the command "amdump".

Unfortunately, I can't repeat it.

The following error messages are output.
 - data read: Connection reset by peer


So the first packet that the server sends seems to be a packet on the
data channel.  And that gets the tcp-reset back.  That results in the
connection reset by peer.

So what exactly are you trying to simulate?  You want the tcp-reset only
on the message channel and not on the data channel?
In that case you need to let the data channel open, but firewall only
the message channel instead.
That is difficult because you'll need to find out which of the three
channels that were negotiated is the message channel.
You may trace the UDP traffic on port 10080 for that and dump the
packets.  One of those packets has a payload like:

 CONNECT DATA 40121 MESG 40122 INDEX 40123
 OPTIONS features=fffffeff9ffeffffff7f;

And there you find the different tcp ports used by the three channels.
And then block only the MESG channel (40122 in the above example).




I checked the URL as follow, but I don't solve the problem.
http://wiki.zmanda.com/index.php/Mesg_read:_Connection_reset_by_peer 


I don't understand which problem you're trying to solve.

You cannot solve the problem that you created using the iptables
blocking, with the solution in the webpage that just tries to send
MORE packets to avoid a statefull firewall timing out idle connections.
Those "keep alive" packets will be the iptables rule as well and
get a tcp-reset as well.




If you have done, could you tell me how to repeat it?

I consider that I can repeat it if the local valiable "n" returns "-1".
----common-src/bsd-security.c
    do {
        n = read(bs->fd, bs->databuf, sizeof(bs->databuf));
    } while ((n < 0) && ((errno == EINTR) || (errno == EAGAIN)
----


Indeed, when the read syscall returns -1, it failed and in that
case the reason of failure is found in the errno variable.
Do you mean "reproduce" the error or "repeat" the error (subtle difference in meaning). 




system configuration as follow:
 - server/client
  - OS:RHEL5
  - amanda:2.5.0p2-4(bundle in RHEL5)

The result was the same though I had tried amanda2.5.2-p2.

Yours sincerely,

Takashi Kurakata
2007/11/15, Takashi Kurakata <t.kurakata AT gmail DOT com <mailto:t.kurakata AT gmail DOT com>>: 

    Hi,all

    I do the following with the server to let error message "Mesg read:
    Connection reset by peer" reappear.
     - amdump DailySet1
     - iptables -A INPUT -p tcp -d "IPaddress of the client" -j REJECT
    --reject-with tcp-reset(during amdump)
     - iptables -A OUTPUT -p tcp -d "IPaddress of the client" -j REJECT
    --reject-with tcp-reset(during amdump)

    However, the error message is not reproduced.

    The following error message "data read: Connection reset by peer" is
    output.

    I checked the URL as follow, but I don't solve the problem.
    http://wiki.zmanda.com/index.php/Mesg_read:_Connection_reset_by_peer
    <http://wiki.zmanda.com/index.php/Mesg_read:_Connection_reset_by_peer>

    Have you reproduced this?  If there is some good method, Would you
    tell me how to reproduce the error message "Mesg read: Connection
    reset by peer"?

    The system constitution is as follow:
     - I use amanda2.5.0p2-4(with RHEL5) and amanda2.5.2p1(Source).
     - There isn't a firewall between the server and client.

    Your prompt reply would be greatly appreciated.
Thanks in advance. 




--
Paul Bijnens, Xplanation                            Tel  +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM    Fax  +32 16 397.512
http://www.xplanation.com/          email:  Paul.Bijnens AT xplanation DOT com
***********************************************************************
* I think I've got the hang of it now:  exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit,  ZZ, :q, :q!,  M-Z, ^X^C,  logoff, logout, close, bye,  /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt,  abort,  hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e,  kill -1 $$,  shutdown, *
* kill -9 1,  Alt-F4,  Ctrl-Alt-Del,  AltGr-NumLock,  Stop-A,  ...    *
* ...  "Are you sure?"  ...   YES   ...   Phew ...   I'm out          *
***********************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: can't repeat "Mesg read: Connection reset by peer", Takashi Kurakata
Next by Date:  Re: Question about dumporder, Jean-Louis Martineau
Previous by Thread:  Re: can't repeat "Mesg read: Connection reset by peer", Takashi Kurakata
Next by Thread:  Probably very stupid question about chg-disk, Francis Galiegue
Indexes:  [Date] [Thread] [Top] [All Lists]