[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??

Subject: [IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??
Date: Sat, 18 Jul 2020 11:43:14 -0600

Hi again Christian,

Here is another thing that is puzzling:

- I am unable to do a 'notifyme' to the LDM running on vkepler

  This is puzzling since the LDM configuration file on vkepler
  has an explicit ALLOW for all machines in the unidata.ucar.edu
  domain:

# Give permission to the Unidata Program Center
ALLOW   ANY     ^[a-z].*\.unidata\.ucar\.edu\.?$

  And, you commented that port 388 was fully open.

Since the 'notifyme' doesn't appear to even reach your machine:

~: notifyme -vl- -f EXP -h vkepler.sca.uqam.ca
20200718T173231.850305Z notifyme[15371]             notifyme.c:main:363         
        NOTE  Starting Up: vkepler.sca.uqam.ca: 20200718173231.850048 TS_ENDT 
{{EXP, ".*"}}
20200718T173231.850365Z notifyme[15371]             ldm5_clnt.c:forn5:460       
        NOTE  LDM-5 desired product-class: 20200718173231.850048 TS_ENDT {{EXP, 
".*"}}
20200718T173231.955863Z notifyme[15371]             error.c:err_log:236         
        INFO  Resolving vkepler.sca.uqam.ca to 132.208.147.22 took 0.105405 
seconds
20200718T173321.956267Z notifyme[15371]             ldm5_clnt.c:forn5:460       
        NOTE  LDM-5 desired product-class: 20200718173231.850048 TS_ENDT {{EXP, 
".*"}}
20200718T173322.060914Z notifyme[15371]             error.c:err_log:236         
        INFO  Resolving vkepler.sca.uqam.ca to 132.208.147.22 took 0.104576 
seconds
 ...

I am left with the thought that there is some firewall/security
perimeter setting somewhere at/near vkepler that is blocking
the connection on port 388.  This is supported by my attempt
to contact vkepler's LDM using 'telnet':

~: telnet vkepler.sca.uqam.ca 388
Trying 132.208.147.22...

I get the same result from a machine I have SSH access to at UW/SSEC
as I get from the iddb.unidata.ucar.edu cluster backend real-server
that is (trying to) service an EXP feed REQUEST to vkepler.

The 'notifyme' and 'telnet' failures point to there being a block
for inbound traffic on port 388.  Can you check the firewall (iptables)
on vkepler to make sure that inbound traffic on port 388 is, in fact,
open?



Cheers,

Tom
--
****************************************************************************
Unidata User Support                                    UCAR Unidata Program
(303) 497-8642                                                 P.O. Box 3000
address@hidden                                   Boulder, CO 80307
----------------------------------------------------------------------------
Unidata HomePage                       http://www.unidata.ucar.edu
****************************************************************************


Ticket Details
===================
Ticket ID: AIZ-345619
Department: Support IDD
Priority: Normal
Status: Open
===================
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata 
inquiry tracking system and then made publicly available through the web.  If 
you do not want to have your interactions made available in this way, you must 
let us know in each email you send to us.

Prev by Date: [IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??
Next by Date: [IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??
Previous by thread: [IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??
Next by thread: [IDD #AIZ-345619]: LDM: pattern in ldmd.conf and pact.conf no longer works for CONDUIT??
Index(es):
- Date
- Thread