[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[IDD #JRM-232824]: Loss of link to Unidata server
- Subject: [IDD #JRM-232824]: Loss of link to Unidata server
- Date: Mon, 11 Aug 2014 12:35:54 -0600
Hi James,
re:
> This morning, we lost connection to idd.unidata.ucar.edu(shortly after
> 1700 UTC 11 August). In the ldmd.log this notice appears:
>
> Aug 11 11:10:39 horus idd.unidata.ucar.edu[16793] NOTE: Upstream LDM
> didn't reply to FEEDME request; RPC: Unable to receive; errno =
> Connection reset by peer
>
>
> A similar message occurs for the secondary connection to
> aeolus.ucsd.edu.
The fact that two independent upstreams are now denying your feed
REQUESTs suggests that something is amiss on your side. Please see
my comment further in this reply.
re:
> When I type "notifyme -vl- -f ANY -h idd.unidata.ucar.edu", I see the
> following:
>
> Aug 11 18:09:02 notifyme[16850] NOTE: Starting Up: idd.unidata.ucar.edu:
> 20140811180902.363 TS_ENDT {{ANY, ".*"}}
> Aug 11 18:09:02 notifyme[16850] NOTE: LDM-5 desired product-class:
> 20140811180902.363 TS_ENDT {{ANY, ".*"}}
> Aug 11 18:09:02 notifyme[16850] INFO: Resolving idd.unidata.ucar.edu to
> 128.117.140.3 took 0.001399 seconds
> Aug 11 18:09:02 notifyme[16850] ERROR: NOTIFYME(idd.unidata.ucar.edu):
> 7: Access denied by remote server
>
>
> Again, a similar outcome occurs for aeolus.ucsd.edu.
Since we have made _no_ changes to ALLOWs on our top level IDD relay
cluster, idd.unidata.ucar.edu, it sounds like DNS for your machine is
no longer available. Lack of reverse DNS (IP -> name) would prevent
the ALLOW already in-place for your machines from working.
re:
> If the allow access for horus.atmos.ucla.edu and indra.atmos.ucla.edu
> have been removed, can you please restore them?
The ALLOWs have not been removed. I appreciate you including the fully
qualified names of your LDM machines as this allowed me to see what
is going wrong:
% nslookup horus.atmos.ucla.edu
Server: 192.168.72.2
Address: 192.168.72.2#53
Non-authoritative answer:
Name: horus.atmos.ucla.edu
Address: 128.97.77.43
This shows that forward DNS works correctly for horus.
% nslookup 128.97.77.43
Server: 192.168.72.2
Address: 192.168.72.2#53
Non-authoritative answer:
43.77.97.128.in-addr.arpa name =
horus.atmos.ucla.edu.77.97.128.in-addr.arpa.
Authoritative answers can be found from:
43.77.97.128.in-addr.arpa nameserver = kerberos.atmos.ucla.edu.
kerberos.atmos.ucla.edu internet address = 128.97.58.42
This shows that reverse DNS is _NOT_ working correctly for horus.
However, both forward and reverse DNS are working for indra:
% nslookup indra.atmos.ucla.edu
Server: 192.168.72.2
Address: 192.168.72.2#53
Non-authoritative answer:
Name: indra.atmos.ucla.edu
Address: 128.97.58.212
% nslookup 128.97.58.212
Server: 192.168.72.2
Address: 192.168.72.2#53
Non-authoritative answer:
212.58.97.128.in-addr.arpa name = indra.atmos.ucla.edu.
Authoritative answers can be found from:
212.58.97.128.in-addr.arpa nameserver = zeus.atmos.ucla.edu.
212.58.97.128.in-addr.arpa nameserver = kerberos.atmos.ucla.edu.
zeus.atmos.ucla.edu internet address = 128.97.58.58
kerberos.atmos.ucla.edu internet address = 128.97.58.42
'indra' should, therefore, be able to REQUEST data from idd.unidata.ucar.edu
(and, presumably, from aeolus.ucsd.edu).
re:
> If I'm supposed to
> access different server, I would appreciate the names of a primary and
> secondary source.
Nope, we have valid ALLOWs for your machines. The problem on horus is
reverse DNS has been mucked-up somewhere. Can you check with your
networking folks?
re:
> Thanks in advance.
No worries. Sorry for the hassles!
Cheers,
Tom
--
****************************************************************************
Unidata User Support UCAR Unidata Program
(303) 497-8642 P.O. Box 3000
address@hidden Boulder, CO 80307
----------------------------------------------------------------------------
Unidata HomePage http://www.unidata.ucar.edu
****************************************************************************
Ticket Details
===================
Ticket ID: JRM-232824
Department: Support IDD
Priority: Normal
Status: Closed