On Wed, 21 Nov 2001 at 11:10am, Rafe Thayer wrote

> > > I've been trying to configure an amanda client on a Sun box.  When I do an
> > > "amcheck" the server checks out fine, but I get this warning from the
> > > client:
> > > WARNING: al-bundy.cs.ucla.edu: selfcheck request timed out. Host down?
> > >
> > > I've attached the contents of the amandad.xxx.debug file from the client
> > > (al-bundy.cs.ucla.edu).  So maybe one of you can interpret what's going
> > > wrong.  It seems like the communication between client and server gets out
> > > of sync somehow.  Any ideas how to fix it?  Please let me know!
> >
> > What type of machine is the server?  Is there some sort of a firewall in
> > the way?
> 
> The server is running Redhat linux 7.1.  There's no firewall in between
> them except for the ipchains firewall on the server.  But I opened up port
> 10080, so that shouldn't be a problem right?  I just built a second client
> on a redhat 7.1 box ( a different one) and it has the same trouble when I
> run amcheck).  I'm not sure why the server isn't getting the selfcheck
> packet that the clients send.  But from the amandad.*.debug files and the
> output from amcheck, it seems like that's the basic problem.  Any ideas?
> 
ipchains on the server is blocking the selfcheck responses from the 
clients.  I had this same issue, but I didn't investigate it too much.  I 
fixed it by simply opening up the server to all UDP traffic from each 
client, as in (in /etc/sysconfig/ipchains);

-A input -p udp -s $CLIENT_IP_ADDRESS -d $SERVER_IP_ADDRESS -j ACCEPT

But now you got me curious, so I fired up tcpdump.  The response packets 
come back on random, privileged (i.e. < 1024) ports.  That is, the 
requests go to 10080 on the clients, and the responses come back from 
10080 on the clients, but they go to a port lower than 1024 on the server.  
So a line as above is only a little bit of overkill -- you could get away 
with "just" opening up the privileged ports.

-- 
Joshua Baker-LePain
Department of Biomedical Engineering
Duke University

Reply via email to