I have successfully configured MariaDB-Galera clusters on my CentOS 6.3 VMs in the past. All of a sudden things are just not working. This seems to be an issue that started as of the MariaDB-Galera-server.x86_64 version 5.5.37-1.el6. The last time I remember this working was with version 5.5.36. Did something change with the setup?
I have tried this with CentOS 6.3 and 6.5 without success.
OK. I have tried a few different things and finally came back to using the previous version. Something has changed from 5.5.36 and 5.5.37 that causes the transfer of datafiles to the new node fail.
I am using SST method of rsync.
My test environment consists of three CentOS 6.5 VMs on my Macbook. I use yum to install MariaDB and Galera. The only difference is in the MariaDB.repo file. The installation that works uses:
baseurl = http://yum.mariadb.org/5.5.36/centos6-amd64
The installation that does not work uses:
baseurl = http://yum.mariadb.org/5.5/centos6-amd64
Everything else is identical.
The log file on the primary node contains the following when I start the second node:
140515 10:30:44 [Note] WSREP: declaring e18ac23e-dc45-11e3-a9cf-226f3dddee1e stable
140515 10:30:44 [Note] WSREP: Node d08d572e-dc45-11e3-927e-ffff30b2f80d state prim
140515 10:30:44 [Note] WSREP: view(view_id(PRIM,d08d572e-dc45-11e3-927e-ffff30b2f80d,2) memb {
d08d572e-dc45-11e3-927e-ffff30b2f80d,0
e18ac23e-dc45-11e3-a9cf-226f3dddee1e,0
} joined {
} left {
} partitioned {
})
140515 10:30:44 [Note] WSREP: New COMPONENT: primary = yes, bootstrap = no, my_idx = 0, memb_num = 2
140515 10:30:44 [Note] WSREP: STATE_EXCHANGE: sent state UUID: e1b4f3cf-dc45-11e3-826a-7ffb98deb745
140515 10:30:44 [Note] WSREP: STATE EXCHANGE: sent state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745
140515 10:30:44 [Note] WSREP: STATE EXCHANGE: got state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745 from 0 (box1)
140515 10:30:45 [Note] WSREP: STATE EXCHANGE: got state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745 from 1 (box2)
140515 10:30:45 [Note] WSREP: Quorum results:
version = 3,
component = PRIMARY,
conf_id = 1,
members = 1/2 (joined/total),
act_id = 0,
last_appl. = 0,
protocols = 0/5/2 (gcs/repl/appl),
group UUID = 672cb2c5-dc41-11e3-827f-e25ede7fb9ba
140515 10:30:45 [Note] WSREP: Flow-control interval: [23, 23]
140515 10:30:45 [Note] WSREP: New cluster view: global state: 672cb2c5-dc41-11e3-827f-e25ede7fb9ba:0, view# 2: Primary, number of nodes: 2, my index: 0, protocol version 2
140515 10:30:45 [Note] WSREP: wsrep_notify_cmd is not defined, skipping notification.
140515 10:30:45 [Note] WSREP: REPL Protocols: 5 (3, 1)
140515 10:30:45 [Note] WSREP: Assign initial position for certification: 0, protocol version: 3
140515 10:30:45 [Note] WSREP: Service thread queue flushed.
The log file on the second node contains the following:
140515 10:30:42 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
140515 10:30:42 mysqld_safe WSREP: Running position recovery with --log_error='/var/lib/mysql/wsrep_recovery.PFBl11' --pid-file='/var/lib/mysql/box2.vagrant-recover.pid'
140515 10:30:44 mysqld_safe WSREP: Recovered position 00000000-0000-0000-0000-000000000000:-1
140515 10:30:44 [Note] WSREP: wsrep_start_position var submitted: '00000000-0000-0000-0000-000000000000:-1'
140515 10:30:44 [Note] WSREP: Setting wsrep_ready to 0
140515 10:30:44 [Note] WSREP: Read nil XID from storage engines, skipping position init
140515 10:30:44 [Note] WSREP: wsrep_load(): loading provider library '/usr/lib64/galera/libgalera_smm.so'
140515 10:30:44 [Note] WSREP: wsrep_load(): Galera 25.3.2(r170) by Codership Oy <info#codership.com> loaded successfully.
140515 10:30:44 [Note] WSREP: CRC-32C: using "slicing-by-8" algorithm.
140515 10:30:44 [Note] WSREP: Found saved state: 00000000-0000-0000-0000-000000000000:-1
140515 10:30:44 [Note] WSREP: Passing config to GCS: base_host = 192.168.33.32; base_port = 4567; cert.log_conflicts = no; gcache.dir = /var/lib/mysql/; gcache.keep_pages_size = 0; gcache.mem_size = 0; gcache.name = /var/lib/mysql//galera.cache; gcache.page_size = 128M; gcache.size = 128M; gcs.fc_debug = 0; gcs.fc_factor = 1; gcs.fc_limit = 16; gcs.fc_master_slave = NO; gcs.max_packet_size = 64500; gcs.max_throttle = 0.25; gcs.recv_q_hard_limit = 9223372036854775807; gcs.recv_q_soft_limit = 0.25; gcs.sync_donor = NO; repl.causal_read_timeout = PT30S; repl.commit_order = 3; repl.key_format = FLAT8; repl.proto_max = 5
140515 10:30:44 [Note] WSREP: Assign initial position for certification: -1, protocol version: -1
140515 10:30:44 [Note] WSREP: wsrep_sst_grab()
140515 10:30:44 [Note] WSREP: Start replication
140515 10:30:44 [Note] WSREP: Setting initial position to 00000000-0000-0000-0000-000000000000:-1
140515 10:30:44 [Note] WSREP: protonet asio version 0
140515 10:30:44 [Note] WSREP: Using CRC-32C (optimized) for message checksums.
140515 10:30:44 [Note] WSREP: backend: asio
140515 10:30:44 [Note] WSREP: GMCast version 0
140515 10:30:44 [Note] WSREP: (e18ac23e-dc45-11e3-a9cf-226f3dddee1e, 'tcp://0.0.0.0:4567') listening at tcp://0.0.0.0:4567
140515 10:30:44 [Note] WSREP: (e18ac23e-dc45-11e3-a9cf-226f3dddee1e, 'tcp://0.0.0.0:4567') multicast: , ttl: 1
140515 10:30:44 [Note] WSREP: EVS version 0
140515 10:30:44 [Note] WSREP: PC version 0
140515 10:30:44 [Note] WSREP: gcomm: connecting to group 'my_wsrep_cluster', peer '192.168.33.31:,192.168.33.32:,192.168.33.33:'
140515 10:30:44 [Warning] WSREP: (e18ac23e-dc45-11e3-a9cf-226f3dddee1e, 'tcp://0.0.0.0:4567') address 'tcp://192.168.33.32:4567' points to own listening address, blacklisting
140515 10:30:44 [Note] WSREP: (e18ac23e-dc45-11e3-a9cf-226f3dddee1e, 'tcp://0.0.0.0:4567') address 'tcp://192.168.33.32:4567' pointing to uuid e18ac23e-dc45-11e3-a9cf-226f3dddee1e is blacklisted, skipping
140515 10:30:45 [Note] WSREP: declaring d08d572e-dc45-11e3-927e-ffff30b2f80d stable
140515 10:30:45 [Note] WSREP: Node d08d572e-dc45-11e3-927e-ffff30b2f80d state prim
140515 10:30:45 [Note] WSREP: view(view_id(PRIM,d08d572e-dc45-11e3-927e-ffff30b2f80d,2) memb {
d08d572e-dc45-11e3-927e-ffff30b2f80d,0
e18ac23e-dc45-11e3-a9cf-226f3dddee1e,0
} joined {
} left {
} partitioned {
})
140515 10:30:45 [Note] WSREP: discarding pending addr without UUID: tcp://192.168.33.33:4567
140515 10:30:45 [Note] WSREP: discarding pending addr proto entry 0x7f48c30b2080
140515 10:30:45 [Note] WSREP: gcomm: connected
140515 10:30:45 [Note] WSREP: Changing maximum packet size to 64500, resulting msg size: 32636
140515 10:30:45 [Note] WSREP: Shifting CLOSED -> OPEN (TO: 0)
140515 10:30:45 [Note] WSREP: Opened channel 'my_wsrep_cluster'
140515 10:30:45 [Note] WSREP: Waiting for SST to complete.
140515 10:30:45 [Note] WSREP: New COMPONENT: primary = yes, bootstrap = no, my_idx = 1, memb_num = 2
140515 10:30:45 [Note] WSREP: STATE EXCHANGE: Waiting for state UUID.
140515 10:30:45 [Note] WSREP: STATE EXCHANGE: sent state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745
140515 10:30:45 [Note] WSREP: STATE EXCHANGE: got state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745 from 0 (box1)
140515 10:30:45 [Note] WSREP: STATE EXCHANGE: got state msg: e1b4f3cf-dc45-11e3-826a-7ffb98deb745 from 1 (box2)
140515 10:30:45 [Note] WSREP: Quorum results:
version = 3,
component = PRIMARY,
conf_id = 1,
members = 1/2 (joined/total),
act_id = 0,
last_appl. = -1,
protocols = 0/5/2 (gcs/repl/appl),
group UUID = 672cb2c5-dc41-11e3-827f-e25ede7fb9ba
140515 10:30:45 [Note] WSREP: Flow-control interval: [23, 23]
140515 10:30:45 [Note] WSREP: Shifting OPEN -> PRIMARY (TO: 0)
140515 10:30:45 [Note] WSREP: State transfer required:
Group state: 672cb2c5-dc41-11e3-827f-e25ede7fb9ba:0
Local state: 00000000-0000-0000-0000-000000000000:-1
140515 10:30:45 [Note] WSREP: New cluster view: global state: 672cb2c5-dc41-11e3-827f-e25ede7fb9ba:0, view# 2: Primary, number of nodes: 2, my index: 1, protocol version 2
140515 10:30:45 [Warning] WSREP: Gap in state sequence. Need state transfer.
140515 10:30:45 [Note] WSREP: Setting wsrep_ready to 0
140515 10:30:45 [Note] WSREP: [debug]: closing client connections for PRIM
140515 10:30:47 [Note] WSREP: waiting for client connections to close: 2
140515 10:30:47 [Note] WSREP: Running: 'wsrep_sst_rsync --role 'joiner' --address '192.168.33.32' --auth 'root:o4guk8x' --datadir '/var/lib/mysql/' --defaults-file '/etc/my.cnf' --parent '19293''
I am not sure just how that all fits yet.
Related
My test setup looks as following:
Ubuntu 22.4
Kernel 5.15.1025 Realtime
I210 enp1s0 (10.1.180.98)
I225 enp2s0 (10.1.180.97)
Netgear GS108 Switch
enp1s0 and enp2s0 are connected to the switch
sending UDP Packets over enp1s0 to multicast address 224.0.0.22
listening on enp2s0 (-> external loop back)
open62541 UDP pubsub
General:
ifconig
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.180.98 netmask 255.255.255.0 broadcast 10.1.180.255
inet6 fe80::36fc:cf83:b6f7:e7eb prefixlen 64 scopeid 0x20<link>
ether 00:07:32:a5:c3:88 txqueuelen 1000 (Ethernet)
RX packets 10823 bytes 3936173 (3.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 287226 bytes 29921782 (29.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0x7fe00000-7fe1ffff
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.180.97 netmask 255.255.255.0 broadcast 10.1.180.255
inet6 fe80::a22:bab1:5e74:d3ad prefixlen 64 scopeid 0x20<link>
ether 00:07:32:a5:c3:89 txqueuelen 1000 (Ethernet)
RX packets 287442 bytes 29411683 (29.4 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3506 bytes 174754 (174.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0x7fc00000-7fcfffff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 10698 bytes 924534 (924.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10698 bytes 924534 (924.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.1.180.10 0.0.0.0 UG 0 0 0 enp1s0
0.0.0.0 10.1.180.10 0.0.0.0 UG 0 0 0 enp2s0
10.1.180.0 0.0.0.0 255.255.255.0 U 0 0 0 enp2s0
10.1.180.0 0.0.0.0 255.255.255.0 U 0 0 0 enp1s0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp2s0
# netstat -g
IPv6/IPv4 Group Memberships
Interface RefCnt Group
--------------- ------ ---------------------
lo 1 224.0.0.251
lo 1 224.0.0.1
enp1s0 1 224.0.0.251
enp1s0 1 224.0.0.1
enp2s0 1 224.0.0.22
enp2s0 1 224.0.0.251
enp2s0 1 224.0.0.1
lo 1 ff02::fb
lo 1 ip6-allnodes
lo 1 ff01::1
enp1s0 1 ff02::fb
enp1s0 1 ff02::1:fff7:e7eb
enp1s0 1 ip6-allnodes
enp1s0 1 ff01::1
enp2s0 1 ff02::fb
enp2s0 1 ff02::1:ff74:d3ad
enp2s0 1 ip6-allnodes
enp2s0 1 ff01::1
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
befor sending:
# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
enp1s0 1500 12397 0 0 0 572786 0 0 0 BMRU
enp2s0 1500 562000 0 0 0 4015 0 0 0 BMRU
lo 65536 12782 0 0 0 12782 0 0 0 LRU
# netstat -s -u
IcmpMsg:
InType3: 6576
OutType3: 6576
Udp:
5710 packets received
902 packets to unknown port received
0 packet receive errors
576693 packets sent
0 receive buffer errors
0 send buffer errors
IgnoredMulti: 259
UdpLite:
IpExt:
InMcastPkts: 110
OutMcastPkts: 567399
InBcastPkts: 259
InOctets: 54256683
OutOctets: 52916072
InMcastOctets: 10142
OutMcastOctets: 50498445
InBcastOctets: 19383
InNoECTPkts: 574627
MPTcpExt:
# ethtool -S enp2s0 | grep rx
rx_packets: 561920
rx_bytes: 59893407
rx_broadcast: 5508
rx_multicast: 556412
rx_crc_errors: 0
rx_no_buffer_count: 0
rx_missed_errors: 0
rx_long_length_errors: 0
rx_short_length_errors: 0
rx_align_errors: 0
rx_flow_control_xon: 0
rx_flow_control_xoff: 0
rx_long_byte_count: 59893407
rx_smbus: 0
os2bmc_rx_by_bmc: 0
os2bmc_rx_by_host: 0
rx_hwtstamp_cleared: 0
rx_lpi_counter: 0
rx_errors: 0
rx_length_errors: 0
rx_over_errors: 0
rx_frame_errors: 0
rx_fifo_errors: 0
rx_queue_0_packets: 561750
rx_queue_0_bytes: 57629925
rx_queue_0_drops: 0
rx_queue_0_csum_err: 0
rx_queue_0_alloc_failed: 0
rx_queue_1_packets: 0
rx_queue_1_bytes: 0
rx_queue_1_drops: 0
rx_queue_1_csum_err: 0
rx_queue_1_alloc_failed: 0
rx_queue_2_packets: 148
rx_queue_2_bytes: 13290
rx_queue_2_drops: 0
rx_queue_2_csum_err: 0
rx_queue_2_alloc_failed: 0
rx_queue_3_packets: 22
rx_queue_3_bytes: 2512
rx_queue_3_drops: 0
rx_queue_3_csum_err: 0
rx_queue_3_alloc_failed: 0
after sending:
# netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
enp1s0 1500 12465 0 0 0 618087 0 0 0 BMRU
enp2s0 1500 607349 0 0 0 4031 0 0 0 BMRU
lo 65536 12800 0 0 0 12800 0 0 0 LRU
# netstat -s -u
IcmpMsg:
InType3: 6588
OutType3: 6588
Udp:
5715 packets received
902 packets to unknown port received
0 packet receive errors
621972 packets sent
0 receive buffer errors
0 send buffer errors
IgnoredMulti: 263
UdpLite:
IpExt:
InMcastPkts: 112
OutMcastPkts: 612677
InBcastPkts: 263
InOctets: 58289081
OutOctets: 56953872
InMcastOctets: 10222
OutMcastOctets: 54527991
InBcastOctets: 19816
InNoECTPkts: 619936
MPTcpExt:
# ethtool -S enp2s0 | grep rx
rx_packets: 607351
rx_bytes: 64748001
rx_broadcast: 5666
rx_multicast: 601685
rx_crc_errors: 0
rx_no_buffer_count: 0
rx_missed_errors: 0
rx_long_length_errors: 0
rx_short_length_errors: 0
rx_align_errors: 0
rx_flow_control_xon: 0
rx_flow_control_xoff: 0
rx_long_byte_count: 64748001
rx_smbus: 0
os2bmc_rx_by_bmc: 0
os2bmc_rx_by_host: 0
rx_hwtstamp_cleared: 0
rx_lpi_counter: 0
rx_errors: 0
rx_length_errors: 0
rx_over_errors: 0
rx_frame_errors: 0
rx_fifo_errors: 0
rx_queue_0_packets: 607176
rx_queue_0_bytes: 62302224
rx_queue_0_drops: 0
rx_queue_0_csum_err: 0
rx_queue_0_alloc_failed: 0
rx_queue_1_packets: 0
rx_queue_1_bytes: 0
rx_queue_1_drops: 0
rx_queue_1_csum_err: 0
rx_queue_1_alloc_failed: 0
rx_queue_2_packets: 153
rx_queue_2_bytes: 13861
rx_queue_2_drops: 0
rx_queue_2_csum_err: 0
rx_queue_2_alloc_failed: 0
rx_queue_3_packets: 22
rx_queue_3_bytes: 2512
rx_queue_3_drops: 0
rx_queue_3_csum_err: 0
rx_queue_3_alloc_failed: 0
Dropwatch output is as followed:
# sudo dropwatch -l ksa
2 drops at igmp_rcv+10c (0xffffffff9dd7202c) [software]
1 drops at unix_stream_connect+36a (0xffffffff9ddbb10a) [software]
2 drops at ip_rcv_finish_core.constprop.0+19c (0xffffffff9dd1930c) [software]
2048 drops at ip_rcv_finish_core.constprop.0+19c (0xffffffff9dd1930c) [software]
2036 drops at ip_rcv_finish_core.constprop.0+19c (0xffffffff9dd1930c) [software]
1 drops at __udp4lib_lib_mcast_deliver+31f (0xffffffff9dd5d67f) [software]
1 drops at __udp4lib_lib_mcast_deliver+31f (0xffffffff9dd5d67f) [software]
If I run this setup (exatly same UDP packets with tcpdump) with a real second windows device, receiving works. But this "external loopback" dosn't receive anything (I want to create so a TSN setup, so the windows machine is no option).
If I don't specify the interface for receiving, I get the packets (but don't know if they come from the loopback)
Following steps I tried without success:
Disabling RP_FILTER (in any combination for all available interfaces)
promisc mode on (but the ethtool output says that there is no problem on the NIC side)
What did I missed?
Best regards,
Patrick
My goal is to send UDP multicast packets on the first interface and receive them on the second interface (for performance analysis and for simulating a current missing Master hardware).
Upgrade to Xamarin Forms 5.0.0.2012 from 4.8 makes the app (only in debug mode) to freeze for few seconds for each interaction and makes tons of outputs:
Thread started: <Thread Pool> #41
[Mono] GC_BRIDGE waiting for bridge processing to finish
[Mono] GC_TAR_BRIDGE bridges 0 objects 0 opaque 0 colors 0 colors-bridged 0 colors-visible 169 xref 4 cache-hit 0 cache-semihit 0 cache-miss 0 setup 0.07ms tarjan 0.09ms scc-setup 0.06ms gather-xref 0.00ms xref-setup 0.00ms cleanup 0.00ms
[Mono] GC_BRIDGE: Complete, was running for 0.05ms
[Mono] GC_MINOR: (Nursery full) time 15.02ms, stw 18.82ms promoted 1445K major size: 33920K in use: 32001K los size: 9472K in use: 7121K
Thread started: <Thread Pool> #42
Thread started: <Thread Pool> #43
Thread started: <Thread Pool> #44
Thread started: <Thread Pool> #45
Thread started: <Thread Pool> #46
Thread started: <Thread Pool> #47
Thread started: <Thread Pool> #48
Thread started: <Thread Pool> #49
Thread started: <Thread Pool> #50
Thread started: <Thread Pool> #51
[Mono] GC_BRIDGE waiting for bridge processing to finish
[Mono] GC_TAR_BRIDGE bridges 0 objects 0 opaque 0 colors 0 colors-bridged 0 colors-visible 169 xref 4 cache-hit 0 cache-semihit 0 cache-miss 0 setup 0.07ms tarjan 0.09ms scc-setup 0.06ms gather-xref 0.00ms xref-setup 0.00ms cleanup 0.00ms
[Mono] GC_BRIDGE: Complete, was running for 0.07ms
[Mono] GC_MINOR: (Nursery full) time 11.92ms, stw 14.43ms promoted 926K major size: 34896K in use: 32961K los size: 12544K in use: 10620K
[mono] Full thread dump:
[Mono] GC_TAR_BRIDGE bridges 0 objects 0 opaque 0 colors 0 colors-bridged 0 colors-visible 169 xref 4 cache-hit 0 cache-semihit 0 cache-miss 0 setup 0.07ms tarjan 0.09ms scc-setup 0.06ms gather-xref 0.00ms xref-setup 0.00ms cleanup 0.00ms
[Mono] GC_BRIDGE waiting for bridge processing to finish
[Mono] GC_BRIDGE: Complete, was running for 0.07ms
[Mono] GC_MINOR: (Nursery full) time 13.09ms, stw 15.10ms promoted 860K major size: 35728K in use: 33849K los size: 17664K in use: 15619K
[Mono] GC_TAR_BRIDGE bridges 0 objects 0 opaque 0 colors 0 colors-bridged 0 colors-visible 169 xref 4 cache-hit 0 cache-semihit 0 cache-miss 0 setup 0.07ms tarjan 0.09ms scc-setup 0.06ms gather-xref 0.00ms xref-setup 0.00ms cleanup 0.00ms
[Mono] GC_BRIDGE: Complete, was running for 0.07ms
[Mono] GC_MINOR: (Concurrent start) time 3.81ms, stw 13.08ms promoted 1K major size: 35728K in use: 33851K los size: 17664K in use: 15619K
[Mono] GC_MAJOR_CONCURRENT_START: (LOS overflow)
[Mono] GC_BRIDGE waiting for bridge processing to finish
Any idea how to bring back useability of a debugger?
removing a CachingStrategy="RecycleElement" from ListView was a partial solution
Xamarin garba collection runs often
The apache server uses up all of the servers (up to ServerLimit) and then does not accept any more connections.
Slot PID Stopping Connections Threads Async connections
total accepting busy idle writing keep-alive closing
0 23257 yes 1 no 0 0 0 0 0
1 27271 no 0 yes 1 24 0 0 0
2 24876 yes 2 no 0 0 0 0 0
3 23117 yes 2 no 0 0 0 0 0
4 22671 yes 1 no 0 0 0 0 0
5 23994 yes 1 no 0 0 0 0 0
6 25159 yes 1 no 0 0 0 0 0
7 24604 yes 1 no 0 0 0 0 0
Sum 8 7 9 1 24 0 0 0
The one pid that was accepting was killed and restarted to get the status report above. Over time this PID would also end up like the rest. How do I find out why Apache stops accepting connections after a while? The timeout is set at 90 seconds.
Additional information:
Server Version: Apache/2.4.33 (Unix) OpenSSL/1.0.2o
Server Built: Apr 18 2018 10:56:21
Server loaded APR Version: 1.6.3
Compiled with APR Version: 1.6.3
Server loaded APU Version: 1.6.1
Compiled with APU Version: 1.6.1
Module Magic Number: 20120211:76
Hostname/port: localhost:8006
Timeouts: connection: 90 keep-alive: 5
MPM Name: event
MPM Information: Max Daemons: 8 Threaded: yes Forked: yes
Server Architecture: 64-bit
I using Centos 7 machine and want to connect to l2tp VPN using nm-l2tp-service:
Output of service:
[gefalko#localhost ~]$ sudo /usr/libexec/nm-l2tp-service --debug
nm-l2tp[20335] nm-l2tp-service (version 1.2.10-1.el7) starting...
nm-l2tp[20335] uses default --bus-name "org.freedesktop.NetworkManager.l2tp"
nm-l2tp[20335] ipsec enable flag: yes
** Message: Check port 1701
connection
id : "L2TP IPSec (PSK) - otravo" (s)
uuid : "49a95a8c-275b-464b-8f62-a7639b48e966" (s)
interface-name : NULL (sd)
type : "vpn" (s)
permissions : ["user:gefalko:"] (s)
autoconnect : FALSE (s)
autoconnect-priority : 0 (sd)
autoconnect-retries : -1 (sd)
timestamp : 0 (sd)
read-only : FALSE (sd)
zone : NULL (sd)
master : NULL (sd)
slave-type : NULL (sd)
autoconnect-slaves : ((NMSettingConnectionAutoconnectSlaves) NM_SETTING_CONNECTION_AUTOCONNECT_SLAVES_DEFAULT) (sd)
secondaries : NULL (sd)
gateway-ping-timeout : 0 (sd)
metered : ((NMMetered) NM_METERED_UNKNOWN) (sd)
lldp : -1 (sd)
stable-id : NULL (sd)
auth-retries : -1 (sd)
ipv6
method : "auto" (s)
dns : [] (s)
dns-search : [] (s)
dns-options : NULL (sd)
dns-priority : 0 (sd)
addresses : ((GPtrArray*) 0x1e8f780) (s)
gateway : NULL (sd)
routes : ((GPtrArray*) 0x1e8f6e0) (s)
route-metric : -1 (sd)
route-table : 0 (sd)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-hostname : NULL (sd)
dhcp-send-hostname : TRUE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
dad-timeout : -1 (sd)
dhcp-timeout : 0 (sd)
ip6-privacy : ((NMSettingIP6ConfigPrivacy) NM_SETTING_IP6_CONFIG_PRIVACY_UNKNOWN) (sd)
addr-gen-mode : 1 (sd)
token : NULL (sd)
proxy
method : 0 (sd)
browser-only : FALSE (sd)
pac-url : NULL (sd)
pac-script : NULL (sd)
vpn
service-type : "org.freedesktop.NetworkManager.l2tp" (s)
user-name : "gefalko" (s)
persistent : FALSE (sd)
data : ((GHashTable*) 0x1e764c0) (s)
secrets : ((GHashTable*) 0x1e76400) (s)
timeout : 0 (sd)
ipv4
method : "auto" (s)
dns : [] (s)
dns-search : [] (s)
dns-options : NULL (sd)
dns-priority : 0 (sd)
addresses : ((GPtrArray*) 0x1e8f560) (s)
gateway : NULL (sd)
routes : ((GPtrArray*) 0x1e8f600) (s)
route-metric : -1 (sd)
route-table : 0 (sd)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-hostname : NULL (sd)
dhcp-send-hostname : TRUE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
dad-timeout : -1 (sd)
dhcp-timeout : 0 (sd)
dhcp-client-id : NULL (sd)
dhcp-fqdn : NULL (sd)
nm-l2tp[20335] starting ipsec
Redirecting to: systemctl stop ipsec.service
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
Redirecting to: systemctl start ipsec.service
002 listening for IKE messages
002 adding interface virbr0/virbr0 192.168.122.1:500
002 adding interface virbr0/virbr0 192.168.122.1:4500
002 adding interface wlp2s0/wlp2s0 192.168.1.176:500
002 adding interface wlp2s0/wlp2s0 192.168.1.176:4500
002 adding interface lo/lo 127.0.0.1:500
002 adding interface lo/lo 127.0.0.1:4500
002 adding interface lo/lo ::1:500
002 loading secrets from "/etc/ipsec.secrets"
002 loading secrets from "/etc/ipsec.d/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.secrets"
opening file: /var/run/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.conf
debugging mode enabled
end of file /var/run/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.conf
Loading conn 49a95a8c-275b-464b-8f62-a7639b48e966
starter: left is KH_DEFAULTROUTE
loading named conns: 49a95a8c-275b-464b-8f62-a7639b48e966
seeking_src = 1, seeking_gateway = 1, has_peer = 1
seeking_src = 0, seeking_gateway = 1, has_dst = 1
dst via 192.168.1.254 dev wlp2s0 src table 254
set nexthop: 192.168.1.254
dst 192.168.1.0 via dev wlp2s0 src 192.168.1.176 table 254
dst 192.168.122.0 via dev virbr0 src 192.168.122.1 table 254
dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
dst 192.168.1.0 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.1.176 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.1.255 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.122.0 via dev virbr0 src 192.168.122.1 table 255 (ignored)
dst 192.168.122.1 via dev virbr0 src 192.168.122.1 table 255 (ignored)
dst 192.168.122.255 via dev virbr0 src 192.168.122.1 table 255 (ignored)
seeking_src = 1, seeking_gateway = 0, has_peer = 1
seeking_src = 1, seeking_gateway = 0, has_dst = 1
dst 192.168.1.254 via dev wlp2s0 src 192.168.1.176 table 254
set addr: 192.168.1.176
seeking_src = 0, seeking_gateway = 0, has_peer = 1
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" labeled_ipsec=0
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgdns=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgdomains=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgbanner=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark-in=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark-out=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" vti_iface=(null)
002 added connection description "49a95a8c-275b-464b-8f62-a7639b48e966"
nm-l2tp[20335] Spawned ipsec auto --up script with PID 21334.
002 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: initiating Main Mode
104 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: initiate
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 0.5 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 1 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 2 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 4 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 8 seconds for response
nm-l2tp[20335] Timeout trying to establish IPsec connection
nm-l2tp[20335] Terminating ipsec script with PID 21334.
nm-l2tp[20335] Could not establish IPsec tunnel.
(nm-l2tp-service:20335): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 16 seconds for response
I believe you need to set the IPsec phase 1 and 2 algorithms to the same as what the VPN server is using, or reconfigure the VPN server to offer stronger proposals.
I install the freeradius in Ubuntu 10 through apt-get.
after make the server running. the local test is valid:
yozloy#SNDA-192-168-21-78:/usr/bin$ echo "User-Name=testuser,Password=123456" | radclient 127.0.0.1:1812 auth testing123 -x
Sending Access-Request of id 245 to 127.0.0.1 port 1812
User-Name = "testuser"
Password = "0054444944"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=245, length=20
But in the remote machine, it seems that there's no response from the radius server machine:
root#SNDA-192-168-14-131:/home/yozloy# echo "User-Name=testuser,Password=123456" | radclient 58.215.164.98:1812 auth testing123 -x
Sending Access-Request of id 36 to 58.215.164.98 port 1812
User-Name = "testuser"
Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
User-Name = "testuser"
Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
User-Name = "testuser"
Password = "0054444944"
radclient: no response from server for ID 36 socket 3
Here's my configure file:
clients.conf
client 58.215.164.98 {
ipaddr = 58.215.164.98
secret = testing123
require_message_authenticator = no
}
users
testuser CLeartext-Password := "0054444944"
update the configure file(I'm not actually change anything)
radiusd.conf
proxy_requests = yes
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
$INCLUDE ${confdir}/modules/
$INCLUDE eap.conf
}
instantiate {
exec
expr
expiration
logintime
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/
yozloy#SNDA-192-168-18-234:/etc/freeradius$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 192.168.18.234:22 123.5.13.20:3274 ESTABLISHED
tcp6 0 0 :::22 :::* LISTEN
udp 0 0 0.0.0.0:1812 0.0.0.0:*
udp 0 0 0.0.0.0:1813 0.0.0.0:*
udp 0 0 0.0.0.0:1814 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 2838 /dev/log
unix 2 [ ACC ] STREAM LISTENING 2166 #/com/ubuntu/upstart
unix 2 [ ] DGRAM 2272 #/org/kernel/udev/udevd
unix 3 [ ] STREAM CONNECTED 3351
unix 3 [ ] STREAM CONNECTED 3350
unix 2 [ ] DGRAM 3173
unix 2 [ ] DGRAM 2893
unix 3 [ ] DGRAM 2304
unix 3 [ ] DGRAM 2303
unix 3 [ ] STREAM CONNECTED 2256 #/com/ubuntu/upstart
unix 3 [ ] STREAM CONNECTED 2255
Correct me if I am wrong but, IP address of SNDA-192-168-14-131 against your RADIUS server (SNDA-192-168-21-78) is not 58.215.164.98, is it ?
If it is not, that is your answer. You RADIUS server will only work against NAS configured in clients.conf with correct secrets.
Try adding 192.168.14.131 (if it is that host's IP address) to clients.conf and try then.