Hi all :) I humbly apologise if this question was ever asked before (in that case I would really appreciate a nice link to the answer :) ) but I'm afraid that Google searches have failed me utterly...
As part of the diversification/expansion of our own internal OpenSim grid (but visitable!), we're trying to add regions using extreme configurations... e.g. looking at different CPU/memory/bandwidth alternatives and get a feeling what works best. One of those tests was to launch a few regions on a server behind a SonicWALL router/firewall. Now I have zero experience configuring one of those. SonicWALL seems to be a very advanced, highly flexible, tremendously powerful router/firewall for its class; and, as it's usually the case, it's also tough to configure! It's not part of the list at http://opensimulator.org/wiki/NAT_Loopback_Routers This particular router/firewall has a DSL connection with a cable connection as failover. Both are usually active (not always though!) and there is some level of load balancing between them. DynDNS flawlessly recognises what IP address was last active and updates it accordingly, giving priority to the "primary" address. After some head-banging, I admit I'm stumped to what the proper configuration is supposed to be. All ports in the range 8000-8006 (TCP) and 9000-9100 (TCP + UDP) are open, as well as SSH/Web/monit. The database is on a remote server, physically hosted elsewhere. SSH/Web/monit work flawlessly under all circumstances. So I know that at least the basics are right. Initiating connections from the server also work fine. The database is easily reached. No problems there, either. When launching OpenSim, all regions are launched, the server properly connects to the Robust server on a different data centre (at this moment, we have our grid scattered among three data centres, and a "test sim" running from my home iMac, also behind a Linksys router/firewall). It registers correctly and Robust also correctly shows the relevant data. The regions also show on the map — even the default island texture gets properly updated. So some basic things are indeed working. But teleports always fail. Here is what I get on this server (metrics.betatechnologies.info): 19:54:29 - [LOCAL SIMULATION CONNECTOR]: Found region JeffBush to send SendCreateChildAgent 19:54:29 - [CONNECTION BEGIN]: Region JeffBush told of incoming child agent Gwyneth Llewelyn 35c965ac-0b37-4b36-968a-6dbdc127a544 (circuit code 930048553, teleportflags 16) 19:54:31 - [CONNECTION BEGIN]: Region JeffBush authenticated and authorized incoming child agent Gwyneth Llewelyn 35c965ac-0b37-4b36-968a-6dbdc127a544 (circuit code 930048553) 19:54:31 - [CAPS]: Registered seed capability /CAPS/b371218d-c3c2-402c-9ad6-3237e23af90f0000/ for 35c965ac-0b37-4b36-968a-6dbdc127a544 19:54:31 - [OBJECTADD]: /CAPS/OA/03216999-25b1-4509-b428-63c41f151fe7/ 19:54:31 - [EVENTQUEUE]: Adding new queue for agent 35c965ac-0b37-4b36-968a-6dbdc127a544 in region JeffBush 19:54:31 - [VC]: OnRegisterCaps: agentID 35c965ac-0b37-4b36-968a-6dbdc127a544 caps OpenSim.Framework.Capabilities.Caps 19:54:31 - [GETTEXTURE]: /CAPS/6db85c61-5166-4d21-86b6-ad47428ed3cc 19:54:31 - [LOCAL SIMULATION CONNECTOR]: Found region JeffBush 4007719884176640 to send AgentUpdate 19:54:31 - [SCENE]: Incoming child agent update for 35c965ac-0b37-4b36-968a-dbdc127a544 in JeffBush 19:54:32 - [CAPS]: Seed Caps Request in region: JeffBush 19:54:43 - [CAPS]: Seed Caps Request in region: JeffBush 19:55:02 - >>> DoDelete action:; RegionID:f154dd20-a558-11df-981c-0800200c9a66 19:55:02 - [AGENT HANDLER]: Agent Released/Deleted. Ok, so this server timed out and gave up. Now let's see what happens on the side of the server where the avatar originally was (opensim.betatechnologies.info; timestamps are slightly different because of timezone differences and probably a clock out of sync): 2010-08-13 16:52:29,177 DEBUG - OpenSim.Region.CoreModules.Framework.EntityTransfer.HGEntityTransferModule [HG ENTITY TRANSFER MODULE]: region f154dd20-a558-11df-981c-0800200c9a66 flags: 4 2010-08-13 16:52:29,177 DEBUG - OpenSim.Region.CoreModules.Framework.EntityTransfer.EntityTransferModule [ENTITY TRANSFER MODULE]: Final destination is x=3645 y=3645 uuid=f154dd20-a558-11df-981c-0800200c9a66 2010-08-13 16:52:29,177 DEBUG - OpenSim.Region.CoreModules.Framework.EntityTransfer.EntityTransferModule [ENTITY TRANSFER MODULE]: Request Teleport to metrics.betatechnologies.info:9000:JeffBush/<106.4307, 149.6743, 22.09751> 2010-08-13 16:52:29,246 DEBUG - OpenSim.Region.CoreModules.ServiceConnectorsOut.Simulation.LocalSimulationConnectorModule [LOCAL SIMULATION CONNECTOR]: Did not find region JeffBush for SendCreateChildAgent 2010-08-13 16:52:29,378 INFO - OpenSim.Services.Connectors.Simulation.SimulationServiceConnector [REMOTE SIMULATION CONNECTOR]: Posted CreateAgent request to remote sim http://76.250.194.143:9000/agent/35c965ac-0b37-4b36-968a-6dbdc127a544/, region JeffBush, x=933120 y=933120 2010-08-13 16:52:30,603 INFO - OpenSim.Services.Connectors.Simulation.SimulationServiceConnector [REMOTE SIMULATION CONNECTOR]: DoCreateChildAgentCall reply was {"success":true} 2010-08-13 16:52:30,604 DEBUG - OpenSim.Region.Framework.Scenes.ScenePresence [SCENE PRESENCE]: Closing child agents. Checking 4 regions in Terreiro Paco Oeste 2010-08-13 16:52:30,604 DEBUG - OpenSim.Region.Framework.Scenes.ScenePresence [SCENE PRESENCE]: Closing 3 child agents 2010-08-13 16:52:30,604 DEBUG - OpenSim.Region.Framework.Scenes.SceneCommunicationService [INTERGRID]: Sending close agent to 4012117930690048 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.ClientStack.LindenUDP.LLClientView [CLIENT]: Close has been called for Gwyneth Llewelyn attached to scene Terreiro Paco Noroeste 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.Framework.Scenes.Scene [SCENE]: Removing child agent 35c965ac-0b37-4b36-968a-6dbdc127a544 from region Terreiro Paco Noroeste 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.CoreModules.Framework.EventQueue.EventQueueGetModule [EVENTQUEUE]: Closed client 35c965ac-0b37-4b36-968a-6dbdc127a544 in region Terreiro Paco Noroeste 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.Framework.Scenes.SceneCommunicationService [INTERGRID]: Sending close agent to 4013217442317824 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.ClientStack.LindenUDP.LLClientView [CLIENT]: Close has been called for Gwyneth Llewelyn attached to scene Terreiro Paco Norte 2010-08-13 16:52:30,606 DEBUG - OpenSim.Region.Framework.Scenes.Scene [SCENE]: Removing child agent 35c965ac-0b37-4b36-968a-6dbdc127a544 from region Terreiro Paco Norte 2010-08-13 16:52:30,606 DEBUG - OpenSim.Region.CoreModules.Framework.EventQueue.EventQueueGetModule [EVENTQUEUE]: Closed client 35c965ac-0b37-4b36-968a-6dbdc127a544 in region Terreiro Paco Norte 2010-08-13 16:52:30,605 DEBUG - OpenSim.Region.Framework.Scenes.SceneCommunicationService [INTERGRID]: Sending close agent to 4013217442317568 2010-08-13 16:52:30,606 DEBUG - OpenSim.Region.ClientStack.LindenUDP.LLClientView [CLIENT]: Close has been called for Gwyneth Llewelyn attached to scene Terreiro do Paco 2010-08-13 16:52:30,606 DEBUG - OpenSim.Region.Framework.Scenes.Scene [SCENE]: Removing child agent 35c965ac-0b37-4b36-968a-6dbdc127a544 from region Terreiro do Paco 2010-08-13 16:52:30,606 DEBUG - OpenSim.Region.CoreModules.Framework.EventQueue.EventQueueGetModule [EVENTQUEUE]: Closed client 35c965ac-0b37-4b36-968a-6dbdc127a544 in region Terreiro do Paco 2010-08-13 16:52:40,939 INFO - OpenSim.Services.Connectors.Simulation.SimulationServiceConnector [REMOTE SIMULATION CONNECTOR]: exception on reply of ChilAgentUpdate The request timed out 2010-08-13 16:52:40,939 DEBUG - OpenSim.Region.CoreModules.Framework.EntityTransfer.EntityTransferModule [ENTITY TRANSFER MODULE]: Sending new CAPS seed url http://metrics.betatechnologies.info:9000/CAPS/b371218d-c3c2-402c-9 ad6-3237e23af90f0000/ to client 35c965ac-0b37-4b36-968a-6dbdc127a544 This seems not to get any reply!... So it aborts the teleport and continues to fall back to the original sim where it was: 2010-08-13 16:52:53,026 DEBUG - OpenSim.Services.Connectors.UserAccountServicesConnector [ACCOUNTS CONNECTOR]: GetUserAccount c89b204e-6c8e-4979-b21d-1ae62d767053 2010-08-13 16:52:53,095 DEBUG - OpenSim.Region.CoreModules.ServiceConnectorsOut.UserAccounts.UserAccountCache [USER CACHE]: cached user c89b204e-6c8e-4979-b21d-1ae62d767053 2010-08-13 16:53:02,196 INFO - OpenSim.Region.CoreModules.Framework.EntityTransfer.EntityTransferModule [ENTITY TRANSFER MODULE]: Starting to inform client about neighbour 3649, 3654(64.150.191.205:9009) [etc... which works flawlessly as it should] And here go the logs on Imprudence: 2010-08-13T23:52:24Z INFO: sendMapLayerRequest: LLWorldMap::sendMapLayerRequest via capability 2010-08-13T23:52:25Z INFO: parse: LLSDXMLParser::Impl::parse: XML_STATUS_ERROR parsing:OpenSim.Framework.Capabilities.LLSDMapLayerResponse 2010-08-13T23:52:25Z INFO: result: LLMapLayerResponder::result from capabilities 2010-08-13T23:52:28Z INFO: LLAgent::teleportRequest: TeleportRequest: '4007719884176640':{ 106.431, 149.674, 22.0975 } 2010-08-13T23:52:28Z INFO: updateGeometry: WL Skydome strips in 1 batches. 2010-08-13T23:52:30Z INFO: removeRegion: Removing region 934144:935424 2010-08-13T23:52:30Z INFO: stop: LLEventPollResponder::stop <24> http://opensim.betatechnologies.info:9000/CAPS/EQG/8686fe89-951b-4db0-a05f-2a00007f2cc0/ 2010-08-13T23:52:30Z INFO: disableCircuit: LLMessageSystem::disableCircuit for 64.150.191.205:9009 2010-08-13T23:52:30Z WARNING: disableCircuit: Couldn't find circuit code for 64.150.191.205:9009 2010-08-13T23:52:30Z INFO: removeRegion: Removing region 934400:935168 2010-08-13T23:52:30Z INFO: stop: LLEventPollResponder::stop <22> http://opensim.betatechnologies.info:9000/CAPS/EQG/1e35a957-d433-485f-8e4e-a57ec96ea4cb/ 2010-08-13T23:52:30Z INFO: disableCircuit: LLMessageSystem::disableCircuit for 64.150.191.205:9002 2010-08-13T23:52:30Z WARNING: disableCircuit: Couldn't find circuit code for 64.150.191.205:9002 2010-08-13T23:52:30Z INFO: removeRegion: Removing region 934400:935424 2010-08-13T23:52:30Z INFO: stop: LLEventPollResponder::stop <23> http://opensim.betatechnologies.info:9000/CAPS/EQG/4240a9b1-15e4-4049-a99d-a6d9fd286ec3/ 2010-08-13T23:52:30Z INFO: disableCircuit: LLMessageSystem::disableCircuit for 64.150.191.205:9008 2010-08-13T23:52:30Z WARNING: disableCircuit: Couldn't find circuit code for 64.150.191.205:9008 2010-08-13T23:52:30Z WARNING: processObjectUpdate: Object update from unknown region! 2010-08-13T23:52:31Z WARNING: processObjectUpdate: Object update from unknown region! 2010-08-13T23:52:31Z WARNING: processObjectUpdate: Object update from unknown region! 2010-08-13T23:52:31Z WARNING: processObjectUpdate: Object update from unknown region! 2010-08-13T23:52:31Z INFO: addCircuitData: LLCircuit::addCircuitData for 76.250.194.143:9014 2010-08-13T23:52:31Z INFO: addRegion: Adding new region (3645:3645) 2010-08-13T23:52:31Z INFO: addRegion: Host: 76.250.194.143:9014 2010-08-13T23:52:31Z INFO: process_enable_simulator: simulator_enable() Enabling 76.250.194.143:9014 with code 930048553 2010-08-13T23:52:31Z INFO: setSeedCapability: posting to seed http://metrics.betatechnologies.info:9000/CAPS/b371218d-c3c2-402c-9ad6-3237e23af90f0000/ 2010-08-13T23:52:31Z INFO: stop: LLEventPollResponder::stop <23> http://opensim.betatechnologies.info:9000/CAPS/EQG/4240a9b1-15e4-4049-a99d-a6d9fd286ec3/ 2010-08-13T23:52:31Z INFO: stop: LLEventPollResponder::stop <22> http://opensim.betatechnologies.info:9000/CAPS/EQG/1e35a957-d433-485f-8e4e-a57ec96ea4cb/ 2010-08-13T23:52:31Z INFO: stop: LLEventPollResponder::stop <24> http://opensim.betatechnologies.info:9000/CAPS/EQG/8686fe89-951b-4db0-a05f-2a00007f2cc0/ 2010-08-13T23:52:32Z INFO: LLEventPollResponder: LLEventPoll initialized with sender 76.250.194.143:9014 2010-08-13T23:52:32Z INFO: start: LLEventPollResponder::start <25> http://metrics.betatechnologies.info:9000/CAPS/EQG/61096563-91f5-489d-8b53-3853dfca7441/ 2010-08-13T23:52:33Z INFO: dumpResendCountAndReset: Circuit: 76.250.194.143:9015 resent 6 packets 2010-08-13T23:52:34Z INFO: display_stats: FPS: 20.20 2010-08-13T23:52:34Z INFO: idle: Kills on unknown objects: 3 2010-08-13T23:52:42Z INFO: process_teleport_finish: process_teleport_finish() Enabling 76.250.194.143:9014 with code 930048553 2010-08-13T23:52:42Z INFO: setSeedCapability: posting to seed http://metrics.betatechnologies.info:9000/CAPS/b371218d-c3c2-402c-9ad6-3237e23af90f0000/ 2010-08-13T23:52:42Z INFO: LLEventPollResponder: LLEventPoll initialized with sender 76.250.194.143:9014 2010-08-13T23:52:42Z INFO: start: LLEventPollResponder::start <26> http://metrics.betatechnologies.info:9000/CAPS/EQG/61096563-91f5-489d-8b53-3853dfca7441/ 2010-08-13T23:52:44Z INFO: display_stats: FPS: 12.20 2010-08-13T23:52:54Z INFO: display_stats: FPS: 12.20 2010-08-13T23:53:01Z WARNING: LLAlertDialog: Alert: Could not teleport. Problems connecting to destination. 2010-08-13T23:53:01Z WARNING: loadWAV: LLAudioBufferOpenAL::loadWAV() Error loading /Users/lms/Library/Caches/Imprudence/ed124764-705d-d497-167a-182cd9fa2e6c.dsf There was already an AL error on entry to an ALUT function 2010-08-13T23:53:03Z INFO: dumpResendCountAndReset: Circuit: 76.250.194.143:9014 resent 7 packets So... Imprudence seems to encounter the same problem. It correctly communicates with the server, exchanges a bit of data, attempts a teleport... and fails. I've tried connecting from my own computer from the console to, say, http://metrics.betatechnologies.info:9000/CAPS/EQG/61096563-91f5-489d-8b53-3853dfca7441/just to see if I can initiate a HTTP request to the server on that port. No problem with that (of course, it retrieves an error, but it shows that at least the router/firewall is NOT blocking the call, and correctly provides an answer). At this stage either the OpenSim configuration was wrong, or the router/firewall configuration has a problem. To eliminate the OpenSim configuration, I copied the config from metrics.betatechnologies.info, and just dumped it on another server (which has a fixed IP address and no firewall), as well as to my iMac at home (which has a DynDNS address and a Linksys router in front of it — which is quite easier to configure). The only difference in terms of configuration is on the region data itself, (OpenSim.ini is exactly the same) and I took into account the binding to the local (internal) IP address and the information related to the external; also note that in all cases the database access is always remotely done to the same server cluster (the same database serves all sims). Teleporting works in both cases flawlessly. (Hypergrid teleporting to HG 1.5-enabled grids also work like a charm! Thanks to Ai Austin to help me with some setting up and the many tests we did!). I thus guess that the SonicWALL configuration is not correct. My first suspicion was that the load balancing might not be working fine, but this seems to be contradicted by the ability to call services from the outside to at least SSH, Web, monit... and on port 9000, which definitely replies to requests. Similarly, initiating communications from within the server to the outside world also work fine. The only thing I cannot test is UDP connections; they certainly are configured on the firewall, but I don't know if the configuration is working. I'd be very grateful if anyone with SonicWALL configuration experience would provide some useful tips :) Thanks in advance! Cheers, - Gwyn -- "I'm not building a game. I'm building a new country." -- Philip "Linden" Rosedale, interview to Wired, 2004-05-08
_______________________________________________ Opensim-users mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-users
