[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
20030812: Problems connecting behind a firewall version 6
- Subject: 20030812: Problems connecting behind a firewall version 6
- Date: Tue, 12 Aug 2003 12:45:23 -0600
Robert,
>Date: Tue, 12 Aug 2003 13:02:22 -0500
>From: Robert Leche <address@hidden>
>Organization: SRCC
>To: Unidata Support <address@hidden>,
>To: ldm-users <address@hidden>
>Subject: Problems connecting behind a firewall version 6
The above message contained the following:
> Hello Tom and all....
>
> We ran into a problem with our LDM system: Hurricane.srcc.lsu.edu. When
> opeating off site, Hurricane is not receiving LDM data. The offsite
> location is the state Office of Emergency Preparedness (OEP) and this is
> behind a firewall. This system operated, on location, until the LDM was
> upgraded to the version 6.x. Hurricane operates correctly when running
> locally at LSU which is the real non-firewalled open networking.
>
> At OEP the system is connected to the internet via a NAT'ed (Network
> Address Translation) firewalled network. As I indicated above the
> problem has not occurred in earlier versions 5.2x but problems are
> showing up in version 6.x.
>
> The systems serving the LDM data is Datoo.srcc.lsu.edu and
> Seistan.srcc.lsu.edu. I found the following errors in the logs:
>
>
> Jul 19 16:45:12 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
> Jul 19 16:46:12 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
> Jul 19 16:47:21 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
> Jul 19 16:49:42 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
> Jul 19 16:50:04 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
> Jul 19 16:50:38 seistan rpc.ldmd[24797]: gethostbyaddr: failed for
> 204.196.102.99
The above messages come from the same LDM 5 code that they've always
come from. There's no difference between LDM 6 and LDM 5 in this
regard.
> The 204.196.102.99 address is the Nat'd address located on the 'real'
> side of the internet. Seistan and Datoo are not able to reverse the
> connection to the remote. Hurricane is able to connect to Seistan and
> Datoo. Applications such as ssh, sftp and ldmping are able to connect to
> Seistan and/or Datoo. LDM, however, will not complete a connection. The
> servers, Seistan and Datoo detect connection requests, but when the
> gethostbyaddr command fails in the reverse direction, the LDM stream is
> not started. The servers "error out" the connection and produce the
> errors above.
Is there an ALLOW entry for host "204.196.102.99" in the LDM
configuration-file on Seistan and Datoo?
> I am assuming there is a reason to do a gethostbyname in LDM version
> 6.X. I am also assuming the gethostbyaddr function was not part of the
> earlier LDM 5.x versions as this problem was not apparent. No changes
> have occoured in networking between OEP and our office at LSU since we
> used it last year.
>
> Can LDM be reconfigured to skip the gethostbyaddr function?. Or do I
> need to set up another LDM server with old code?
>
> Regards,
> Bob
> --
> ----------------------------------------------------------------
> Robert Leche
> System Administrator
> Louisiana State University - Southern Regional Climate Center
> E328 Howe-Russell Building
> Baton Rouge, La. 70803
> address@hidden
> 225 578 5023
Regards,
Steve Emmerson