Greetings,
I'm having trouble with one of my amanda servers. I have one server running 2.4.4p3 compiled from source on a LFS box with 2.6.7. My other server is 2.4.4p3 compiled from source on Slack9.1 with 2.6.7. My clients are a handful of RH with rpm'ed versions of amanda installed and a few others with clients compiled from source. My LFS server can back up all of the clients with out any problems. The Slack box can only backup one of the clients (rpm'd 2.4.2p2-9 on RH8.0). Any other clients (regardless of OS or amanda version) I try to backup using the Slack box get to the point where sendbackup opens up the three ports and waits for the server to connect, as seen here:
cat /tmp/amada/sendbackup.20040624103525.debug
sendbackup: debug 1 pid 1787 ruid 33 euid 33: start at Thu Jun 24 10:35:25 2004 /usr/local/libexec/sendbackup: version 2.4.4p3 parsed request as: program `DUMP' disk `/boot' device `/boot' level 0 since 1970:1:1:0:0:0 options `|;bsd-auth;srvcomp-best;index;' sendbackup: try_socksize: send buffer size is 65536 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1121 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.1122 sendbackup: time 0.002: stream_server: waiting for connection: 0.0.0.0.1123 sendbackup: time 0.002: waiting for connect on 1121, then 1122, then 1123 sendbackup: time 30.002: stream_accept: timeout after 30 seconds sendbackup: time 30.002: timeout on data port 1121 sendbackup: time 60.002: stream_accept: timeout after 30 seconds sendbackup: time 60.002: timeout on mesg port 1122 sendbackup: time 90.002: stream_accept: timeout after 30 seconds sendbackup: time 90.002: timeout on index port 1123 sendbackup: time 90.002: pid 1787 finish time Thu Jun 24 10:36:55 2004
This is where it eventually times out waiting for the server.
Here is a tcpdump of all traffic between the server and that client:
10:34:48.949371 slack.domain.com.522 > amclient.domain.com.10080: udp 117 (DF) 0x0000 4500 0091 0004 4000 4011 eeb1 ac10 8d79 [EMAIL PROTECTED]@......y 0x0010 ac10 660c 020a 2760 007d 1aec 416d 616e ..f...'`.}..Aman 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S 0x0040 4551 2031 3038 3830 3931 3239 310a 5345 EQ.1088091291.SE 0x0050 4355 CU 10:34:48.956599 amclient.domain.com.10080 > slack.domain.com.522: udp 50 (DF) 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291. 10:34:48.961428 amclient.domain.com.10080 > slack.domain.com.522: udp 83 (DF) 0x0000 4500 006f 0000 4000 3f11 efd7 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020a 005b 2e82 416d 616e ...y'`...[..Aman 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S 0x0040 4551 2031 3038 3830 3931 3239 310a 4f50 EQ.1088091291.OP 0x0050 5449 TI 10:34:48.961641 slack.domain.com.522 > amclient.domain.com.10080: udp 50 (DF) 0x0000 4500 004e 0006 4000 4011 eef2 ac10 8d79 [EMAIL PROTECTED]@......y 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 322d 3638 3739 3036 3038 2053 E.002-68790608.S 0x0040 4551 2031 3038 3830 3931 3239 310a EQ.1088091291. 10:34:48.962779 slack.domain.com.522 > amclient.domain.com.10080: udp 237 (DF) 0x0000 4500 0109 0007 4000 4011 ee36 ac10 8d79 [EMAIL PROTECTED]@..6...y 0x0010 ac10 660c 020a 2760 00f5 125b 416d 616e ..f...'`...[Aman 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S 0x0040 4551 2031 3038 3830 3931 3239 330a 5345 EQ.1088091293.SE 0x0050 4355 CU 10:34:48.969593 amclient.domain.com.10080 > slack.domain.com.522: udp 50 (DF) 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020a 003a 2b47 416d 616e ...y'`...:+GAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293. 10:34:50.540198 amclient.domain.com.10080 > slack.domain.com.522: udp 102 (DF) 0x0000 4500 0082 0000 4000 3f11 efc4 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020a 006e f4dd 416d 616e ...y'`...n..Aman 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S 0x0040 4551 2031 3038 3830 3931 3239 330a 4f50 EQ.1088091293.OP 0x0050 5449 TI 10:34:50.540292 slack.domain.com.522 > amclient.domain.com.10080: udp 50 (DF) 0x0000 4500 004e 0009 4000 4011 eeef ac10 8d79 [EMAIL PROTECTED]@......y 0x0010 ac10 660c 020a 2760 003a 2b47 416d 616e ..f...'`.:+GAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 322d 3338 3839 3036 3038 2053 E.002-38890608.S 0x0040 4551 2031 3038 3830 3931 3239 330a EQ.1088091293. 10:34:52.081249 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type 0x41) vers 109 seq 28257 [|timed] (DF) 0x0000 4500 00fe 0000 4000 4011 ee48 ac10 8d79 [EMAIL PROTECTED]@..H...y 0x0010 ac10 660c 020d 2760 00ea 0237 416d 616e ..f...'`...7Aman 0x0020 6461 2032 2e34 2052 4551 2048 414e 444c da.2.4.REQ.HANDL 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S 0x0040 4551 2031 3038 3830 3931 3238 380a 5345 EQ.1088091288.SE 0x0050 4355 CU 10:34:52.088201 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type 0x41) vers 109 seq 28257 [|timed] (DF) 0x0000 4500 004e 0000 4000 3f11 eff8 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020d 003a 1950 416d 616e ...y'`...:.PAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288. 10:34:52.098930 amclient.domain.com.10080 > slack.domain.com.525: (tsp_type 0x41) vers 109 seq 28257 [|timed] (DF) 0x0000 4500 0096 0000 4000 3f11 efb0 ac10 660c [EMAIL PROTECTED] 0x0010 ac10 8d79 2760 020d 0082 ec7f 416d 616e ...y'`......Aman 0x0020 6461 2032 2e34 2052 4550 2048 414e 444c da.2.4.REP.HANDL 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S 0x0040 4551 2031 3038 3830 3931 3238 380a 434f EQ.1088091288.CO 0x0050 4e4e NN 10:34:52.099174 slack.domain.com.525 > amclient.domain.com.10080: (tsp_type 0x41) vers 109 seq 28257 [|timed] (DF) 0x0000 4500 004e 0001 4000 4011 eef7 ac10 8d79 [EMAIL PROTECTED]@......y 0x0010 ac10 660c 020d 2760 003a 1950 416d 616e ..f...'`.:.PAman 0x0020 6461 2032 2e34 2041 434b 2048 414e 444c da.2.4.ACK.HANDL 0x0030 4520 3030 302d 3530 4536 3036 3038 2053 E.000-50E60608.S 0x0040 4551 2031 3038 3830 3931 3238 380a EQ.1088091288.
There doesn't seem to be any attempt at all to connect to the client on those three ports, however, when those ports are open I can telnet to them from the server. These machines do run iptables but they still fail even when I try the backup after "iptables -F". I did think at first that it was a simple firewall problem, wasn't that lucky though. The mail message sent sees the problem as a "bad CONNECT response", not much more than that.
The debug files for the client are available at http://jayted.freeservers.com/amanda
I've been fiddling with this for over a week now, anybody have any ideas of what to check next?
Try removing the amanda specific services in the iptables/netfilter kernel configuration (or mark as modules and don't load them)
I have found out that they cause problems on kernels newer than 2.6.5-rc1, so if you have them compiled in static or loaded as modules that might be it.
/Andreas
