>From: Dave Dempsey <address@hidden> >Organization: SFSU >Keywords: 200506082323.j58NNnZu018248 LDM Hi Dave, >I've just installed and configured LDM 6.3.0 on a Linux PC running Red Hat >Enterprise Linux WS release 3 (Taroon Update 4) for the National Weather >Service in Monterey. OK, I have direct experience with loading the LDM on this platform (and have had no problems with it). >As I understand it, the machine is installed on the >Naval Postgraduate School network because NWS offices are so heavily >firewalled. The machine has an IP address only (220.127.116.11), no fully >qualified domain name. OK. >I've configured it to feed from norte.sfsu.edu (18.104.22.168). However, >when I start the LDM the following message appears in the ldmd.log file: > > Jun 08 22:43:24 model 22.214.171.124: ERROR: requester6.c:457; >ldm_clnt.c:277: Couldn't connect to LDM 6 on 126.96.36.199 using either port >388 or portmapper; ldm_clnt.c:116: : RPC: Remote system error - Connection >timed out Is there a firewall on the 188.8.131.52 machine? The connection timed out error typically indicates that the request is not getting to the destination. >So I know that the two machines aren't making contact correctly. The >upstream machine won't respond to pings, nor can it issue pings, because >pinging has been disabled as a security measure at our institution. OK. >However, >is feeding happily from a machine upstream of it, and it permits ssh logins >and ftp (both directions), so it's certainly on-line. Got it. >The question is, why might the LDM software on the two machines not be >connecting properly, and what might I do about it? I suspect the firewall on the downstream machine, and/or a firewall on the upstream machine, and/or firewalls at the sites where the machines are hosted. The reason I say this is that it is very easy to configure a firewall to disable traffic to particular domains or to allow traffic to/from specific domains. >Here's some configuration information: > >On norte.sfsu.edu (184.108.40.206) (the upstream machine): > > (1) The ldmd.conf file contains the line: > > allow ANY ^(205\.155\.73\.71\.?$) > > (Those are tabs in there, not spaces, in case it matters here.) Tabs are not necessary here. Your specification for the downstream machine is OK, but it could also be written as: allow ANY ^205\.155\.73\.71$ >On 220.127.116.11 (the downstream machine): > > (1) The ldmd.conf file contains the line: > > request WMO ".*" 18.104.22.168 > > (Tabs separate everything.) Tabs are not crutial here either (but they may help readability. > (2) The /etc/services file contains the lines: > > # LDM Services > ldm 388/udp ldm # UCAR Unidata LDM > ldm 388/tcp ldm # UCAR Unidata LDM The LDM only uses tcp, so the 388/udp line can safely be removed. also, I would change the entry to: ldm 388/tcp ldmd # Unidata LDM-6 The comment doesn't matter... > (Tab between the first two items on each line but not between the >second and third items.) Tabs are important here. > (3) The /etc/rpc file contains the line: > > ldmd 300029 ldm > > (Tab between the first two items but not the second and third items.) This should be: ldm 300029 ldm >I've attached the LDM config.log file. Anything else that I should be >passing along? There is noting in config.log or in your configuration. I really suspect that the problem is related to a firewall somewhere (especially since we are talking about the NPS). Cheers, Tom -- NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.