Skip to Content.
Sympa Menu

perfsonar-user - Re: [perfsonar-user] RE: limits.conf file

Subject: perfSONAR User Q&A and Other Discussion

List archive

Re: [perfsonar-user] RE: limits.conf file


Chronological Thread 
  • From: Mark Feit <>
  • To: Zhi-Wei Lu <>, "" <>
  • Subject: Re: [perfsonar-user] RE: limits.conf file
  • Date: Wed, 9 Jan 2019 17:20:31 +0000
  • Accept-language: en-US
  • Authentication-results: ucdavis.edu; dkim=none (message not signed) header.d=none;ucdavis.edu; dmarc=none action=none header.from=internet2.edu;
  • Ironport-phdr: 9a23:FckNqxHhSJS6yY/8EgLAzp1GYnF86YWxBRYc798ds5kLTJ7yo86wAkXT6L1XgUPTWs2DsrQY07qQ6/iocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbAhEmDmwbaluIBmqsA7cqtQYjYx+J6gr1xDHuGFIe+NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PGAu+MLrrxjDQhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VDK/5KlpVRDokj8KOT4n/m/Klsx+gqFVoByjqBx+34Hbb5qYO+BicqPYZ94WWXZNU8RXWidcAo28dYwPD+8ZMOhftYb9vVgOpga+CwayBePv1iJDi3jz3a00zeshEB3G0RchH9IIrHTbss/1NKEMXuCp0qXE1yvMYO5L2Trk7oXDbx4vofaJXb1qcMrRz1EiFx7ZgVqNs4PlITKV1v8Xv2eF8uVgSOSigHMkpQFpujWj29sgh4bTio8ayF3I7yt0zYgvKdC4TEN3ecOoHZleui2ANYZ7RtkuT3x2tCon0LEKpJC2cSkSxJQp2RHSaOCLfo2N7x35SeqcIS13iXd7dL++mxq+7E2tx+znWcWo31tHqyRFn93Cu30Lyhfd8NKISuFn8UekwTuP1x7c6uVDIU0sjaTWN5kvzqItmpYKrEnNBiH7lFzxjKCNaEoo4O+o6/n7Yrr9oZ+cKol0hRzkPqQ2gMy/Bvg4PRYSUGiH+OS807vj8Vf+QLVXkv02lq7ZsJfZJcgBuqG5BApV3p4i6xa5ETimzMwVkWQbIF9KYh6KgIrkN0vALf32F/uyg1ChnC9ux//cP73hBpvNLmLEkLfkZbt97kBcxxQyzdBD/J9UC7cBIO7tVU/rstzXEAM5PxKuz+n5Fdp9y5sSWXiTDa+BLKPSrViI6/o3I+aSfo8Vti39K/8j5/H0l381gEIdfbK30psNc324GvVmI16FYXr3nNsNC2YKvgwiTOP0kl2CVyBcZ2qsU64m+D40FZ+mXs//QdWfgL3E4yq6VrlLLjRUFVSROWrje4yaWuxKZS6PdIsp2CQJT7a6TIkoz1SzrwLg47thMufO/CAE79Tu2MU/r7nLmAs87jtyBt7YznqAVUl1mH8FXTk7wPo5rEBgnASty6991tlRD98byf5ITk9uMJDRzvBSCtbuVxjHc8vTDluqX4P1UnkKUtstzopWMA5GENK4g0WbhXD4CqIJl7GNGJ0/+77d2H60Pctm1nLaz/B71Qs7ScdGK2y9wKNz6lubC43IlhCfkKCnPeQZ0TXW/WiOhWyJoAlDUQF2XKmEOBJXZkbfodnjoE+XSbioBOc6OQdI18+ZbKZGd46hgVBPXvy2PtPYbiq4kHuxAhDdwLSKYcLqdmwR0T+bBlIDllUS+2qLLw4zGn3nrm7DXzE=
  • Spamdiagnosticoutput: 1:0

Zhi-Wei Lu writes:

 

curl gets nothing from pb -> p0, I was able to get output from other servers from pb. For example  between pb -> p5

"This is the pScheduler API server on p5.noc.ucdavis.edu (mammoth-v4.noc.ucdavis.edu)."

During the curl run, there are packet exchanges between pb<->p0, but there was no output on the command line, stuck there.

 

This problem started on Nov. 29, 2018, there were perfsonar updates on Nove 27 on all our servers (automatic update).

Currently,  between some of our servers, your "curl" commands work, but others fail.  

 

I have no problem pinning this on a problem with perfSONAR if that’s what it is, but right now I’m having a hard time making a case for it:

 

  • The last release that made any changes to the toolkit’s firewall was 4.1.2 (September 13).  Nothing since has touched it.

 

  • There was a two-day gap between the upgrade and the problem occurring, which could just be that the problem wasn’t noticed until then.

 

  • Everything I can observe from where I sit (AS701, non-R&E) says that p0, p5 and pb are functioning correctly.  All three are reachable from here and their APIs answer requests as expected.  I’m able to run tasks on p0 and pb.  p5 won’t let me run tasks because of the same limit configuration problem we discussed earlier, but is otherwise functional.  (I have no reason to believe that contributes to the problem you’re seeing.)

 

  • I also had a look at things from the perspective of melange-owamp.v4, which is listed in the lookup service.  It happily fields requests from p0 and pb (I can’t run anything from p5 because the limit configuration forbids it).  It also runs tests successfully from itself to p5 and pb but is unable to complete an HTTPS request to p0.

 

Based on your input and what I’ve been able to do from here, the recurring theme seems to be that hosts at UCD aren’t able to complete HTTPS requests to p0.  I think at this point, the network between them needs to be conclusively ruled out the cause.  The change happened over a holiday weekend, which isn’t an unusual time for changes to be deployed.  Having full access to p0 from off campus and the on-campus hosts having none leads me to wonder if an ACL in a network device near p0 has a mistake in it where a deny was done instead of an allow.

 

Hope that helps.

 

--Mark

 


Archive powered by MHonArc 2.6.19.

Top of Page