[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Error in recon.log
From: |
TELEHOST Office |
Subject: |
Re: [Sks-devel] Error in recon.log |
Date: |
Tue, 03 Feb 2015 22:31:40 +0100 |
User-agent: |
Roundcube Webmail/0.8.6 |
Am 2015-02-03 22:09, schrieb Kristian Fiskerstrand:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 02/03/2015 09:39 PM, TELEHOST Office wrote:
Am 2015-02-03 21:19, schrieb Kristian Fiskerstrand: On 02/03/2015
08:46 PM, TELEHOST Office wrote:
Am 2015-02-03 11:00, schrieb Kristian Fiskerstrand: On
02/03/2015 10:30 AM, TELEHOST Office wrote:
Dear Kristian,
Both distris have the membership located in /etc/sks/membership.
Unless centos is doing something with the package that is likely
wrong, it should be in the SKS basedir.
Ah :-) new result.
Moved to /var/sks on CentOS and now I get:
2015-02-03 16:33:17 <reconciliation handler> error in callback.:
Failure("configuration of remote host (<ADDR_INET [194.0.229.60]:35325>)
rejected: filters do not match.\n\tlocal filters: [ yminsky.dedup
yminsky.merge ]\n\tremote filters: [ yminsky.dedup ]")
2015-02-03 16:34:16 <recon as client> error in callback.:
Sys_error("Connection reset by peer")
2015-02-03 16:34:18 <reconciliation handler> error in callback.:
Failure("configuration of remote host (<ADDR_INET [194.0.229.60]:37578>)
rejected: filters do not match.\n\tlocal filters: [ yminsky.dedup
yminsky.merge ]\n\tremote filters: [ yminsky.dedup ]")
2015-02-03 16:35:13 <recon as client> error in callback.:
Sys_error("Connection reset by peer")
2015-02-03 16:35:19 <reconciliation handler> error in callback.:
Failure("configuration of remote host (<ADDR_INET [194.0.229.60]:46073>)
rejected: filters do not match.\n\tlocal filters: [ yminsky.dedup
yminsky.merge ]\n\tremote filters: [ yminsky.dedup ]")
...
2015-02-03 16:45:35 <reconciliation handler> error in callback.:
Failure("configuration of remote host (<ADDR_INET [194.0.229.60]:56597>)
rejected: filters do not match.\n\tlocal filters: [ yminsky.dedup
yminsky.merge ]\n\tremote filters: [ yminsky.dedup ]")
2015-02-03 16:47:23 <recon as client> callback timed out.
2015-02-03 16:49:05 <recon as client> callback timed out.
2015-02-03 16:50:52 <recon as client> callback timed out.
gossip errors disappeared ... but no other lines inside log.
address@hidden sks]# ls -al total 24 drwxr-xr-x 2 sks sks
4096 Feb 3 15:04 . drwxr-xr-x 66 root root 4096 Feb 2 16:16 ..
-rw-r--r-- 1 sks sks 2333 Jan 30 08:25 mailsync -rw-r--r-- 1
sks sks 36 Feb 3 15:04 membership -rw-r--r-- 1 root root
1319 Feb 3 15:03 membership_original -rw-r--r-- 1 sks sks
2591 Feb 2 15:44 sksconf
Is this server accessible somewhere? I tried connecting to
http://194.0.229.61:11371/pks/lookup?op=stats and ditto for
194.0.229.60 without getting a connection at least so you would be
unable to peer with outside servers.
194.0.229.61 was not open to public (CentOS). Public avaiable is
194.0.229.60.
telnet 194.0.229.60 11371
Trying 194.0.229.60...
... timeout
I granted access for testing to 194.0.229.61 now, too.
So on both engines port 80, 11370 and 11371 are open to public.
telnet 194.0.229.61 11371
Trying 194.0.229.61...
timeout
very strange ... other connections works well (even sks peerings):
16:32:26.270246 IP keyserver.xxx.yyy.54268 > gpg.directory.11370: Flags
[.], ack 1, win 229, options [nop,nop,TS val 607276213 ecr 563290285],
length 0
16:32:26.270268 IP keyserver.xxx.yyy.54268 > gpg.directory.11370: Flags
[P.], seq 1:131, ack 1, win 229, options [nop,nop,TS val 607276213 ecr
563290285], length 130
16:32:26.270274 IP gpg.directory.11370 > ulmo.erat.systems.54268: Flags
[.], ack 131, win 122, options [nop,nop,TS val 563290311 ecr 607276213],
length 0
16:32:26.270366 IP gpg.directory.11370 > ulmo.erat.systems.54268: Flags
[R.], seq 1, ack 131, win 122, options [nop,nop,TS val 563290311 ecr
607276213], length 0
16:32:26.286354 IP google-public-dns-a.google.com.domain >
gpg.directory.58124: 4966 1/0/0 PTR ulmo.erat.systems. (73)
16:32:33.551854 IP gpg.directory.45305 >
google-public-dns-a.google.com.domain: 2332+ A?
keyserver2.gpg.directory. (42)
16:32:33.551875 IP gpg.directory.45305 >
google-public-dns-a.google.com.domain: 7122+ AAAA?
keyserver2.gpg.directory. (42)
16:32:33.570504 IP google-public-dns-a.google.com.domain >
gpg.directory.45305: 7122 0/1/0 (125)
16:32:33.586650 IP google-public-dns-a.google.com.domain >
gpg.directory.45305: 2332 1/0/0 A 194.0.229.61 (58)
16:32:33.586754 IP gpg.directory.35325 > 194.0.229.61.11370: Flags [S],
seq 1358898085, win 14600, options [mss 1460,sackOK,TS val 563297628 ecr
0,nop,wscale 7], length 0
16:32:33.586771 IP 194.0.229.61.11370 > gpg.directory.35325: Flags
[S.], seq 2785559846, ack 1358898086, win 14480, options [mss
1460,sackOK,TS val 563297628 ecr 563297628,nop,wscale 7], length 0
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State User Inode PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN 0 349063 1917/apache2
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LISTEN 0 348771 1545/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:*
LISTEN 0 348974 1826/exim4
tcp 0 0 0.0.0.0:11370 0.0.0.0:*
LISTEN 0 430926 3262/sks
tcp 0 0 0.0.0.0:11371 0.0.0.0:*
LISTEN 0 430918 3261/sks
tcp6 0 0 :::22 :::*
LISTEN 0 348773 1545/sshd
tcp6 0 0 ::1:25 :::*
LISTEN 0 348975 1826/exim4
I also copied membership to /var/lib/sks on debian - new result:
2015-02-03 16:47:58 Recon partner: <ADDR_INET [www.xxx.yyy.zzz]:11370>
2015-02-03 16:47:59 Initiating reconciliation
2015-02-03 16:47:59 Marshalling: Config
2015-02-03 16:47:59 Unmarshalling: Config
2015-02-03 16:47:59 <recon as client> error in callback.:
Failure("configuration of remote host (<ADDR_INET
[www.xxx.yyy.zzz]:11370>) rejected: filters do not match.\n\tlocal
filters: [ yminsky.dedup ]\n\tremote filters: [ yminsky.dedup
yminsky.merge ]")
2015-02-03 16:48:02 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:48:02 Unmarshalling: LogResp: 0 events
2015-02-03 16:48:07 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:48:07 Unmarshalling: LogResp: 0 events
...
2015-02-03 16:50:05 Recon partner: <ADDR_INET [ww.xx.yyy.zzz]:11370>
2015-02-03 16:50:50 <recon as client> callback timed out.
2015-02-03 16:50:50 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:50:50 Unmarshalling: LogResp: 0 events
2015-02-03 16:50:55 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:50:55 Unmarshalling: LogResp: 0 events
...
2015-02-03 16:51:50 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:51:50 Unmarshalling: LogResp: 0 events
2015-02-03 16:51:51 Recon partner: <ADDR_INET [www.xx.yy.z]:11370>
2015-02-03 16:51:51 Initiating reconciliation
2015-02-03 16:51:51 Marshalling: Config
2015-02-03 16:51:51 <recon as client> error in callback.:
Sys_error("Connection reset by peer")
2015-02-03 16:51:56 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:51:56 Unmarshalling: LogResp: 0 events
...
2015-02-03 16:52:51 Recon partner: <ADDR_INET [ww.xxx.y.zz]:11370>
2015-02-03 16:52:51 Initiating reconciliation
2015-02-03 16:52:51 Marshalling: Config
2015-02-03 16:52:51 Unmarshalling: Config
2015-02-03 16:52:51 <recon as client> error in callback.:
Failure("configuration of remote host (<ADDR_INET [ww.xxx.y.zz]:11370>)
rejected: filters do not match.\n\tlocal filters: [ yminsky.dedup
]\n\tremote filters: [ yminsky.dedup yminsky.merge ]")
2015-02-03 16:52:56 Marshalling: LogQuery: (5000,0.000000)
2015-02-03 16:52:56 Unmarshalling: LogResp: 0 events
Want to have SSH? There's nothing else than SKS on both engines.
not really, should be able to figure this out without it.
Can you provide me with your IP that I can check firewalls and IDS.
Glad ... now somethings seems to happen when moving membership files
:-) not perfect but much more than before :-)
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Aut dosce, aut disce, aut discede
Either teach, or study, or leave
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJU0TjtAAoJEP7VAChXwav6zuoH/RxHarKRSi89adgUqv4Vf4mZ
i5jYbwtkJJex7DVWRN03ZDwFB4sOJoQoo3Ur9BRH1OX8n1G6GBmcJ/hz5UdJhNW3
RHBhrpIAfb4FQ08KoOSmxgn1nWOZd05wWFvSMUfoSL5SRpVOr+gvG66qi+fSBW22
K/sM56nEWFiETvrxsJt8Bw+lnGVkiIP7prFCgWUUltk2tgODiX9t+rxgrbOyx3Cn
PXeA1s5F/Wj014/AimL3jR/xKfVFzB0fBFADHZT/awauZB/96ZpJ7PXnMZuG41Md
/+h1Ar18l3emZTecvHlHdXIejXuK/Fp78red+YLiz80atNsiM8eYustDKA/pweI=
=Fne3
-----END PGP SIGNATURE-----
--
--
TELEHOST Datendienste GmbH
Stadthausstrasse 12
CH-8400 Winterthur
Tel. +41 (0)44 - 515 75 66
Fax. +41 (0)44 - 515 75 67
Sitz der Gesellschaft:
CH-8400 Winterthur
Eingetragen beim Handelsregisteramt des Kantons Zürich
Handelsregisternummer CHE-317.799.873
Geschäftsführer: Francesco Renzo
--
smime.p7s
Description: S/MIME Cryptographic Signature
- Re: [Sks-devel] Error in recon.log, (continued)
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, TELEHOST Office, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Pete Stephenson, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, TELEHOST Office, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, TELEHOST Office, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Andreas Puls, 2015/02/03
- Re: [Sks-devel] Error in recon.log,
TELEHOST Office <=
- Re: [Sks-devel] Error in recon.log, Kristian Fiskerstrand, 2015/02/03
- Re: [Sks-devel] Error in recon.log, Daniel Kahn Gillmor, 2015/02/04
- Re: [Sks-devel] Error in recon.log, TELEHOST Office, 2015/02/04