Well crap.
Thanks Kade! I've opened up ssh so that I can cut/paste easily now.
Yes, that did it, that wget did work thankfully.
Connecting to 127.0.0.1:443... connected.
WARNING: cannot verify 127.0.0.1’s certificate, issued by “/”:
Self-signed certificate encountered.
WARNING: certificate common name “ ndt101.itcc.unc.edu” doesn't match requested host name “127.0.0.1”.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: “reverse_traceroute.cgi”
[ <=> ] 1,375 --.-K/s in 0s
2014-06-05 16:17:56 (9.53 MB/s) - “reverse_traceroute.cgi” saved [1375]
[root@ndt101 ~]#
On Jun 5, 2014, at 4:12 PM, Kade P Cole <> wrote:
Try the command again: wget
https://127.0.0.1/toolkit/gui/reverse_traceroute.cgi
The screen shot you sent showed 172.0.0.1 not 127.0.0.1
On Jun 5, 2014, at 1:56 PM, Florio, Christopher N <> wrote:
No dice.
On Jun 5, 2014, at 2:42 PM, Aaron Brown <> wrote:
Hey Chris,
This is bizarre. Could you try running the following on the host itself?
wget https://127.0.0.1/toolkit/gui/reverse_traceroute.cgi
Cheers,
Aaron
On Jun 5, 2014, at 2:05 PM, Florio, Christopher N <> wrote:
I've attached the /var/log/httpd directory
On Jun 5, 2014, at 2:01 PM, Aaron Brown <> wrote:
Hey Chris,
It looks like I can get to the host. Something just goes wonky when the GET is done:
$ curl -v http://152.2.61.21/toolkit/
* About to connect() to 152.2.61.21 port 80 (#0)
* Trying 152.2.61.21...
* Adding handle: conn: 0x7faed980aa00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7faed980aa00) send_pipe: 1, recv_pipe: 0
* Connected to 152.2.61.21 (152.2.61.21) port 80 (#0)
GET /toolkit/ HTTP/1.1
User-Agent: curl/7.30.0
Host: 152.2.61.21
Accept: */*
* Empty reply from server
* Connection #0 to host 152.2.61.21 left intact
curl: (52) Empty reply from server
Trying some of the other pages, I’m getting the same kind of hanging. Does the Apache log say anything?
Cheers,
Aaron
On Jun 5, 2014, at 9:59 AM, Florio, Christopher N <> wrote:
Doesn't look to be hanging.
I'm very certain that it's all of the services are bound to the ipv6 address (even though I've got ipv6 specifically in the ifcfg-eth0 file) and is ignoring ipv4.
On Jun 5, 2014, at 7:57 AM, Aaron Brown <> wrote:
Hey Chris,
Can you try running the following on the server, and see what the response time is? I think the main CGI may be hanging.
time sudo /opt/perfsonar_ps/toolkit/web/root/gui/services/index.cgi
Cheers,
Aaron
On Jun 4, 2014, at 4:35 PM, Florio, Christopher N <> wrote:
OK I've edited that -
Thanks.
Still no web page listening. You do a netstat and see the http listening, supposedly on * ... I really am at a loss.
On Jun 4, 2014, at 4:07 PM, Joseph Bernard <> wrote:
Chris,
Have you tried just configuring your network by only editing the ifcfg-eth0 file and not running any scripts afterwards? You don’t need to restart if you just do “service network restart”. The config is PastedGraphic-8.tiff looks like it would work with "BOOTPROTO=none”
instead of “static"
Thanks,
Joseph B.
On Jun 4, 2014, at 3:46 PM, Florio, Christopher N <> wrote:
Hey Andrew,
I got side tracked on another project but I need to get back to getting this working.
Here's what is happening on installing the Netinstall toolkit on a vlan that has IPv6 enabled. I don't want IPv6 on, and I've even got it blocked by policy on the port on our enterasys switch.
I am attaching screen shots to better show what I'm doing and what's happening to me.
So here's my first configuration window, I've deselected IPv6 support and am going to assign a static IPV4 manually.
Here's my configuration with my IPv4 that I'm inputting.
So far, so good, it's on the network at this point using the IPv4 address I gave it and is getting the install stuff from the yum repo or whatever.
At this stage I can even ping the host while it's installing, so it's definitely working on the network.
floriodesktop:~ florio$ ping ndt101.itcc.unc.edu
PING ndt101.itcc.unc.edu (152.2.61.21): 56 data bytes
64 bytes from 152.2.61.21: icmp_seq=0 ttl=62 time=2.259 ms
64 bytes from 152.2.61.21: icmp_seq=1 ttl=62 time=1.999 ms
64 bytes from 152.2.61.21: icmp_seq=2 ttl=62 time=1.802 ms
Yay success. I can also at this moment still ping the host.
So I click the reboot....
It boots, and I can't ping the IPv4 address:
floriodesktop:~ florio$ ping ndt101.itcc.unc.edu
PING ndt101.itcc.unc.edu (152.2.61.21): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Looks like no IPv4 address configured:
Looking at the /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-eth0
So, even though I specified a static ip address, we've got BOOTPROTO="dhcp" ... that's not good, I don't have this in a dhcp server.
Also, it's got IPV6INIT="yes" even though I didn't ask to install IPv6 at all. Also the NM_Controlled="yes" sounds bad from what you were saying.
I vi the ifcfg-eth0 file to look like
And restart the host.
It's got an ipv6 address, it's not listening for the web page on ipv4... I've got ipv6 blocked at the switch, I don't want ipv6.
I run the /opt/perfsonar_ps_toolkit_scripts/nptoolkit-configure.py
Device configuration
Looks right.
Save and quit and then exit.
reboot.
Still not talking on the web side.
Look I still have an IPV6 address .... the web page is probably sitting waiting for me on ipv6.
I really need help from here.... how do I get this thing to work in my environment? There used to be a full install available, which I would love to try, take the box completely off the wire to do the install and maybe then when I configure ipv4 that's all
I'd have. There's only the net install or a live cd (which I'd rather not use that).
Any ideas? Help!
Thanks!
-Chris
On Apr 21, 2014, at 11:24 AM, Florio, Christopher N <> wrote:
Hey Andrew,
So I've rebuilt one more time, this time I was able to block IPv6 traffic at the network port. At least this time, IPv6 wasn't installed.
What happened, however, was that no networking was installed, even though I went through the configuration during build.
I then ran the /opt/perfsonar_ps/toolkit/scripts/nptoolkit-configure.py and put in networking settings - again - and then rebooted. I could then ping the host but still, even though httpd is definitely running based on a ps -ef, I can't pull up the web page.
Any more ideas? At this point it really seems like the net install is broken.
On Apr 17, 2014, at 2:53 PM, Andrew Lake <> wrote:
Hi,
I don't remember all the CentOS prompts but I believe there is one prompt where you define the network settings for what you want it to use to download all the packages and separate one for what you want the hosts networking to be. I know that was the case
at least some point in the past because I forgot and got bit by it a few times. It's possible that's what happened during install.
Now that it is installed, you should just be able to edit /etc/sysconfig/network-scripts/ifcfg-eth0 to get things the way you want. Make sure NM_CONTROLLED is set to "no" or else there is a good chance CentOS will keep overriding your settings every time you
reboot. I don't usually turn-off IPV6 on interfaces, but I believe just setting IPV6INIT="no" in /etc/sysconfig/network-scripts/ifcfg-eth0 is enough.
Thanks,
Andy
On Apr 17, 2014, at 9:57 AM, "Florio, Christopher N" <> wrote:
So I think I know what happened.
Sorry, before you sent this I had rebuilt already.
It looks like, even though I chose to turn of IPv6 in the install, it still preferred IPv6 and didn't bring up the IPv4 that I did configure. The vlan this one is in has IPv6 enabled.
So, I'm back to the state I was in, http is still NOT responding, I think maybe it's not listening on the IPv4 address. I manually edited the /etc/sysconfig/network-scripts/ifcfg-eth0 file.
Is there a way to re-run the configuration of apache, etc? There used to be that, in a much older version of the toolkit that I remember.
Otherwise, how do I force no IPv6 in the install? I un-starred the IPv6 and it still configured it.
On Apr 17, 2014, at 9:21 AM, Andrew Lake <> wrote:
Hi,
Before you rebuild, you want to check if a firewall or similar is blocking access to port 80/443. If httpd is running you should be able to connect. You could try temporarily disabling iptables and seeing if that helps. If it does, you'll need to adjust the
rules to allow those ports through. If it doesn't, is it possible there are any router ACLs or firewall devices in the way?
Thanks,
Andu
On Apr 17, 2014, at 9:11 AM, "Florio, Christopher N" <> wrote:
I'll rebuild again and see if maybe something just didn't work right.... Will let you know. httpd was running, nothing in the error log.
On Apr 17, 2014, at 8:35 AM, Andrew Lake <> wrote:
Hi,
I just did a new imaged install and it worked. I also get the warning messages, so I don't think they are causing the server to crash. Anything in /var/log/httpd/error_log? Also, if you run 'ps auxw | grep httpd' do you see any httpd processes?
Thanks,
Andy
On Apr 16, 2014, at 4:52 PM, "Florio, Christopher N" <> wrote:
It might be unrelated, but I'm seeing this in the ssl_error_log -
[root@ndt101 httpd]# tail -f ssl_error_log
[Wed Apr 16 16:16:58 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:16:59 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:22:13 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:22:13 2014] [warn] RSA server certificate CommonName (CN) `ndt101.itcc.unc.edu' does NOT match server name!?
[Wed Apr 16 16:22:14 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:22:14 2014] [warn] RSA server certificate CommonName (CN) `ndt101.itcc.unc.edu' does NOT match server name!?
[Wed Apr 16 16:31:51 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:31:53 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:41:06 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 16 16:41:06 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
On Apr 16, 2014, at 4:46 PM, Florio, Christopher N <> wrote:
Hey guys,
I just rebuilt a box from scratch with the pS-Performance_Toolkit-3.3.2-NetInstall-x86_64.iso ...
It comes up and I can ping it, but the web server doesn't seem to load or I can't pull it up.
Anyone else having any problems with a newly imaged net install?
Thanks!
-Chris
<PastedGraphic-1.tiff><PastedGraphic-2.tiff><PastedGraphic-3.tiff><PastedGraphic-4.tiff><PastedGraphic-5.tiff><PastedGraphic-6.tiff><PastedGraphic-8.tiff><PastedGraphic-9.tiff><PastedGraphic-10.tiff><PastedGraphic-11.tiff><PastedGraphic-12.tiff><PastedGraphic-13.tiff>
<PastedGraphic-1.tiff><PastedGraphic-2.tiff><PastedGraphic-3.tiff>
<PastedGraphic-4.tiff>
<logs.tar>
<PastedGraphic-5.tiff>
|