[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
20000627: LDM setup at INM (cont.)

Subject: 20000627: LDM setup at INM (cont.)
Date: Tue, 27 Jun 2000 16:54:38 -0600
>From: Pepo Juega <address@hidden>
>Organization: Instituto Nacional de Meteorologia
>Keywords: 200006220829.e5M8TZT11974 LDM

Pepo,

>alfa is my box, and meteosat is the ADDE server. I want meteosat to feed
>alfa, (or alfa to request from meteosat ?)

OK.  So, my simplified LDM setup was exactly wrong.  'meteosat's LDM
will feed data to 'alfa's.

>So I put this on alfa's ldmd.conf:
>----------------------------------------
>exec    "pqexpire -i 300"
>request MCIDAS  ".*"    meteosat.inm.es
>----------------------------------------

OK.  This is correct initially.  You may want to expand it slightly to:

exec    pqact
exec    "pqexpire -i 300"

request MCIDAS  ".*"    meteosat.inm.es


>...and I put this on meteosat's ldmd.conf:
>--------------------------------------------------
>exec    "pqexpire -i 300"
>allow   ANY
>        ^((localhost|loopback)|(127\.0\.0\.1\.?$))
>allow   ANY     alfa.inm.es
>--------------------------------------------------

Looks OK to me.  Perhaps you could also add Unidata machines so I could
do some remote testing from our offices here in Boulder, Colorado.
To do this, you would add:

allow   ANY
    ^(([a-z].*\.unidata\.ucar\.edu\.?$))

re: start the LDMs on both machines

>Done. Cheked ps for rpc.ldmd's and I got two of those running on alfa
>and just one running on meteosat. One pqexpire each.

Good.

>I get on alfa's ldmd.log:
>Jun 27 17:16:28 alfa rpc.ldmd[5220]: Starting Up (built: Jun 15 2000
>14:34:03)
>Jun 27 17:16:28 alfa meteosat[5222]: run_requester: Starting Up:
>meteosat.inm.es
>Jun 27 17:16:28 alfa meteosat[5222]: run_requester: 20000627161628.149
>TS_ENDT {{MCIDAS,  ".*"}}
>Jun 27 17:16:28 alfa meteosat[5222]: FEEDME(meteosat.inm.es): 7: Access
>denied by remote server
>Jun 27 17:16:28 alfa pqexpire[5221]: Starting Up ...etc...

OK, so you are still getting an 'Access denied by remote server' error.
The LDM expects to be able to do a reverse name lookup for machines
requesting to be fed.  This means that an 'nslookup name' must return
the same information as an 'nslookup IP'.  If this condition is not met,
then the upstream site will deny service.  This reaction is for
security.

I just checked both alfa.inm.es and meteosat.inm.es and both appear
to have reverse name lookup compatiblity.

What happens when you do the following on meteosat.inm.es:

nslookup alfa.inm.es

The 'Denying connection from' message in meteosat's ldmd.log file
names the requesting machine as 'alfa', not 'alfa.inm.es'.  This may
be happening by someone having defined the machine as 'alfa' in
meteosat's /etc/hosts file.  Can you check on this?  What I would
think you might find is something like:

127.0.0.1       localhost loopback
#
193.144.158.228 alfa

An acceptable entry would be:

193.144.158.228      alfa.inm.es      alfa

>-------------------------------------------------------------------
>and on meteosat's ldmd.log:
>Jun 27 17:15:57 meteosat rpc.ldmd[10724]: Starting Up (built: Jun 16
>2000 11:27:01)
>Jun 27 17:15:57 meteosat pqexpire[10727]: Starting Up
>Jun 27 17:16:23 meteosat rpc.ldmd[10724]: Denying connection from alfa
>Jun 27 17:20:23 meteosat last message repeated 8 times
>Jun 27 17:24:22 meteosat localhost[11067]: Connection from localhost
>Jun 27 17:24:22 meteosat localhost(noti)[11067]: Starting Up:
>20000627162422.193 TS_ENDT {{MCIDAS,  ".*"}}
>Jun 27 17:24:22 meteosat localhost(noti)[11067]: topo:  localhost MCIDAS
>Jun 27 17:29:52 meteosat localhost(noti)[11067]: nullproc(localhost):
>RPC: Unable to receive
>Jun 27 17:29:52 meteosat localhost(noti)[11067]: Exiting ...etc...

re: insert a product into the first machine's LDM queue (use pqinsert)

Since a connection was denied to alfa, we would not expect anything
good to happen when doing a pqinsert.  We need to get past meteosat's
denying a connection before proceeding.

>Back to the drawing board...

Your machines do not seem to be accessible to us over the Internet.  Are
they behind a firewall?

>Pepo
>+*+*+*+*+*+*+*+*+*+*+*+*+*+*+**+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
>Jose Juega                        Instituto Nacional de Meteorologia.
>Tecnico de Sistemas                         Camino de las Moreras s/n
>Area de Telematica      JJJJJJJ   JJJJJJJ   Ciudad Universitaria     
>I.N.M.-Madrid-SPAIN       JJJ       JJJ     Aptdo. 285   28040 Madrid
>                          JJJ       JJJ     Tel :     +34 91 581-9654
>                      JJJ JJJ   JJJ JJJ     FAX :     +34 91 544-5307
>UAM (McIDAS)           JJJJJ     JJJJJ    e-mail:         address@hidden
>+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*++*++*+*+*+*+*+*+*+*+*+*+*+*+*+
>Visit http://www.geocities.com/SiliconValley/5659

Tom
Prev by Date: Re: 20000626: steps in the binary installation of the LDM
Next by Date: 20000628: LDM setup at INM (cont.)
Previous by thread: 20000622: LDM setup at INM
Next by thread: 20000628: LDM setup at INM (cont.)
Index(es):
- Date
- Thread