Skip to main content

Hello,

i’ve an issue withe connectivity between centreon central and a remote poller with the 24.10.5 version.

 

My central can reach the remote poller with tcp port 5556

 

From cental, 

a netstat command  we can see Fin wait, it’ seems that the client initiale a connection to the remote server but don’t have received the reponse that the connection is established.

 

 

From the remote server: we can see  a lot of established connection to the central… Normally i have other remote server, and normally there is only one connection, but not a lot as the screenshot.

 

Architecture:

CI-remote <--> FW customer ==VPN== FW IT↔️ Central

We have open all rules on each FW temporary to analyse but the connection is not permanent….

 

Actually, when i export config throw the Web interface, the files generated are not moved on the server remote, i’have issue Handshake Timeout

 

the remote server id =5

the central id=1

 

Could someone explain my which commands are running when the export is done 

i hope i can see error directly if i run manually the command instead to do it through the Web interface.

 

Or can i use replace zmq by ssh, but i don’t know how to do it?

 

regards

 

Hello ​@jboss 
 

The “handshake timeout”  error message is pretty uncommon, it mean that the tcp connexion is established (or you would not see “get_server_pub ok”), the central send the first cryptographic message but never get an answer.
So it’s probably a statefull firewall as iptable on the central that cause problem by dropping some tcp packet but not all of them.
The fact that you have multiple connexion seem related for me : gorgone check every minute if the poller is reachable. If not it open a new connexion and try to connect, and the “fin-wait1” connexion are old connexion that are close because of the tcp timeout.

 

Maybe you can make a capture from both poller and central and check them with wireshark (tcpdump have a ‘-w filename’ parameter to dump a capture to a file). 

If you see any packet labelled “TCP Retransmission” you should check iptable on both server and the firewall again.

 

If you don’t see anything of the sort you can try to check the poller configuration in /etc/centreon-gorgone/config.d/40-gorgoned.yaml, does it have the id correctly set up in gorgone->gorgonecore->id ?

 

Regards,

Evan

Hello @evanadam

 

in fact, i’ve already do a wireshark analyse on the both site.

The central server can reach the poller with gorgoned tcp port. we can see an established connection on poller side when central try to connect on it, but at the end it seems central centreon not receive the fin.ack from poller to central to mention that a connection is established…

i suppect that the connection, perhaps lost packet ….

i’ve already check the config gordoned is is correct

 

regards

Jboss

Reply


Terms & ConditionsCookie settings