Forum: Cfengine Help Subject: Re: 3.0.5 source code released Author: sylvain Link to topic: https://cfengine.com/forum/read.php?3,17412,18816#msg-18816
Hello, I have the same kind of problem. I manage a multihoming parc and I have the SAMES problems... The 1st thing I did was to bind the client to a interface in order to connect propely the server, but I had the same kind of error message : "No suitable server responded to hail" So I followed the thread http://www.mail-archive.com/help-cfengine@cfengine.org/msg02486.html and I add "true";> settings into the cf-agent control in order to avoid ssh key errors. and... I add the same message error : IPV4 address sockaddr_ntop(192.168.91.1) Obtained IP address of 192.168.91.1 on socket 5 from accept Purging Old Connections... Done purging cf3 Accepting connection from "192.168.91.1" Unappending Accepting connection from "192.168.91.1" *** New socket [5] cf3 New connection...(from 192.168.91.1/5) Unappending New connection...(from 192.168.91.1/5) cf3 Spawning new thread... Unappending Spawning new thread... Checking file updates on /etc/cfengine3/cf-serverd.cf (0/4cbff740) cf3 -> No new promises found Unappending -> No new promises found cf3 -> Waiting at incoming select... Unappending -> Waiting at incoming select... RecvSocketStream(8) (Concatenated 8 from stream) Transaction Receive [] RecvSocketStream(48) (Concatenated 48 from stream) cf3 Received: on socket 5 Unappending Received: on socket 5 Connecting host identifies itself as 172.16.6.105 Dev-Centralp-board_sju root 0 (ipstring=[172.16.6.105],fqname=,username=,socket=[192.168.91.1]) cf3 IP address mismatch between client's assertion (172.16.6.105) and socket (192.168.91.1) - untrustworthy connection Unappending IP address mismatch between client's assertion (172.16.6.105) and socket (192.168.91.1) - untrustworthy connection cf3 ID not verified Unappending ID not verified Transaction Send Attempting to send 67 bytes SendSocketStream, sent 67 cf3 From (host=?,user=?,ip=192.168.91.1) Unappending From (host=?,user=?,ip=192.168.91.1) cf3 REFUSAL of request from connecting host: (CAUTH 172.16.6.105 Dev-Centralp-board_sju root 0) Unappending REFUSAL of request from connecting host: (CAUTH 172.16.6.105 Dev-Centralp-board_sju root 0) Terminating thread... ***Closing socket 5 from 192.168.91.1 192.168.91.1 is the address I specified in the agent control << bindtoaddress =>"192.168.91.1 >> but 172.16.6.105 is the eth0 address, and cf-agent should not used it... I check the network traffic (tshark), I can see that the connection is initialized with the bindtointerface address that I specified, and I can certified that the second address is never used for the communication. Maybe these adress is used by the cfengine protocol... 200.590576 192.168.91.1 -> 192.168.56.10 TCP 37970 > cfengine Seq=0 Win=5360 Len=0 MSS=1250 TSV=37894235 TSER=0 WS=5 200.590639 192.168.56.10 -> 192.168.91.1 TCP cfengine > 37970 Seq=0 Ack=1 Win=5312 Len=0 MSS=1250 TSV=429035690 TSER=37894235 WS=5 200.592821 192.168.91.1 -> 192.168.56.10 TCP 37970 > cfengine Seq=1 Ack=1 Win=5376 Len=0 TSV=37894236 TSER=429035690 200.597471 192.168.91.1 -> 192.168.56.10 TCP 37970 > cfengine Seq=1 Ack=1 Win=5376 Len=56 TSV=37894237 TSER=429035690 200.597505 192.168.56.10 -> 192.168.91.1 TCP cfengine > 37970 Seq=1 Ack=57 Win=5312 Len=0 TSV=429035692 TSER=37894237 200.600247 192.168.91.1 -> 192.168.56.10 TCP 37970 > cfengine Seq=57 Ack=1 Win=5376 Len=351 TSV=37894238 TSER=429035692 200.600299 192.168.56.10 -> 192.168.91.1 TCP cfengine > 37970 Seq=1 Ack=408 Win=6400 Len=0 TSV=429035693 TSER=37894238 Did I make a mistake in the cf-agent setting or could it be a bug ??? Best regards, Sylvain Jubier. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
