From: Ronny T. <r.t...@go...> - 2011-03-15 19:39:21
|
SOLVED! Donald fixed this issue with commit commit 6d2c69af3644eb6eaf520e8288a16d88b84def1d Author: Donald Desloge <de...@op...> Date: Tue Mar 15 11:08:15 2011 -0400 Fix TcpDetector idling indefinitely when no banner was expected Thank you On Mar 10, 2011, at 1:08 AM, Ronny Trommer wrote: > Hi guys, > > I found a very weird issue with TCP-Dector today, I guess the functionality is not exactly the same as in capsd. I've seen there are open TCP services detected and some are not detected. So far I can see the problem exist only if the server displays no connection banner. > > I found an issue from jcat, which describes really good my current problem, but his is resolved. > > http://issues.opennms.org/browse/NMS-4033 > > For reproduction, I found a good example service which is not hard to find MS RDP TCP/3389. To check if the port is open and reachable, I've used the > easy telnet connect with > > telnet myserver 3389 > > Trying myserver... > Connected to myserver. > Escape character is '^]'. > > no server banner and connection is established. Secondly verified from my opennms box with nmap > > nmap -v -p 3389 myserver > 3389/tcp open ms-term-serv > > I've found a SSL IRC server which is detectable and has also no connection banner. Tried with the same > procedure with telnet and nmap > > telnet myircserver 6697 > > nmap -v -p 6697 > Trying myserver... > Connected to myircserver. > Escape character is '^]'. > > 6697/tcp open unknown > > My detector configuration for the detectors: > > <detector class="org.opennms.netmgt.provision.detector.simple.TcpDetector" name="TCP-RDP"> > <parameter value="3389" key="port"/> > <parameter value="1000" key="timeout"/> > </detector> > <detector class="org.opennms.netmgt.provision.detector.simple.TcpDetector" name="IRC-6697"> > <parameter value="6697" key="port"/> > <parameter value="1000" key="timeout"/> > </detector> > </detectors> > > Result, the IRC server is detected, the RDP service is not detected. Debugging in provisiond with no error, even a false for the detected service. I've seen, hit the "synchronize" in the provsioning group, I can see with > > netstat -n | grep 3389 > > an established connection for ~ 1 minute. Next step was tcpdump the connection to see what really happened. I've seen the behavior from the SSL IRC daemon is straight forward. OpenNMS establishes the connection, then the disconnection is normal. The service is detected and I'm happy :) > > <Screen shot 2011-03-10 at 12.54.53 AM.png> > > The behavior on RDP is different, the connection is established and stays in this state > for ~1 minute and then a RST is sent from the RDP-Server. > > <Screen shot 2011-03-10 at 12.55.40 AM.png> > > OpenNMS does not detect the service and will not be monitored. A really nasty side effect the thread for the connection is bound for 1 minute. Which means using a lot of TCP-detectors will bind a lot of threads in blocking-state until the server sends a RST. > > I used OpenNMS stable 1.8.10. Before I'll open a resolved bug, it would be nice if somebody can verify this issue. (*wink *wink Ranger :) > > Thx in advance > > -- > Ronny Trommer (Germany) > Web: http://www.open-factory.org > IRC: irc.freenode.org - #opennms > Jabber: in...@ja... > > PGP key: B1BCE829E38398A0 > Keyserver: keyserver.pgp.com > > -- > OpenNMS: Netzwerkmanagement mit freier Software > http://www.dpunkt.de/buecher/3541/opennms.html > > > > ------------------------------------------------------------------------------ > Colocation vs. Managed Hosting > A question and answer guide to determining the best fit > for your organization - today and in the future. > http://p.sf.net/sfu/internap-sfd2d_______________________________________________ > Please read the OpenNMS Mailing List FAQ: > http://www.opennms.org/index.php/Mailing_List_FAQ > > opennms-devel mailing list > > To *unsubscribe* or change your subscription options, see the bottom of this page: > https://lists.sourceforge.net/lists/listinfo/opennms-devel -- Ronny Trommer (Germany) Web: http://www.open-factory.org IRC: irc.freenode.org - #opennms Jabber: in...@ja... PGP key: B1BCE829E38398A0 Keyserver: keyserver.pgp.com -- OpenNMS: Netzwerkmanagement mit freier Software http://www.dpunkt.de/buecher/3541/opennms.html |