Thanks in advance for the help.
Issue:
Unable to receive snmp-traps on udp 162 port.
Scenario: Trying to put a nexus 5672 in OpenNMS for monitoring
Pre-Checks done:
I am able to snmpwalk the nexus 5k from my linux node on which
OpenNMS is installed.
I am even able to do snmpgets.
I see snmp traffic on udp 161 but they are primarily because of the snmp-get's that opennms is doing.
UNABLE TO SEE ANYTHING WHEN I DO A TCPDUMP ON 162 PORT :(
I have checked if any ACLs are set locally but they are not, iptables as a service is stopped.
I have verified that the snmp-configs are properly pushed.
Configs are pushed on the loop-back interface and there are not acl-groups on the nexus 5k either and there is not firewall between the nexus 5k and the OpenNMS Hosted Linux System
Please help, i do not know what i am missing.
Ok, first of all, there are two concepts with SNMP, the first one is polling for data to get data from sensors or discover elements from your device. The monitoring application sends requests to your Nexus device. This is what you do when you issue a snmpwalk or snmpget command. The Nexus device has an SNMP agent running which is listening on port 161/UDP.
The second one is, your Nexus device can send messages to your monitoring application. Your monitoring application with OpenNMS needs to have a listener running on port 162/UDP, called SNMP Traps or SNMP Informs.
So trying to debug the problem not getting SNMP Traps with snmpget or snmpwalk does not help in the first place. The communication is initialized by the Nexus device and OpenNMS is the listener for the traps.
I would try to debug the problem with the following steps:
Ensure OpenNMS has Trapd enabled and is listening on the right interfaces, e.g. with ss -lnpu sport = :162
Make sure you don't have a firewall on your OpenNMS server which blocks traffic to 162/UDP, e.g. iptables -L
Use tcpdump to see if the SNMP trap from your Nexus arrives on the OpenNMS server by looking at traffic with target port 162 with protocol UDP.
If you're SNMP trap is received from the OpenNMS server, you can then start looking in trapd.log of your OpenNMS server and verify if community settings for the IP is correct. OpenNMS will use the community which is configured for the senders IP address to process the trap
In hope this helps
This got resolved. Everything from the Linux end, and the OpenNMS SNMP end was good. However, the network device had SNMP configs wrongly pushed. I changed it to use the default VRF rather than the loopback address, and it started working.
Related
I am having some trouble allowing my 2wire router (provided by AT&T to forward certain ports.
I have a raspberry pi running subsonic (a music server) and I would like to access it from the outside internet. I have configured the pi with a static LAN IP address and have opened the specified ports (4040 and 80) on both TCP and UDP. I have also confirmed the service is active and is listening on the specified ports via netstat.
When I attempt to connect, however, from my WAN IP I am confronted with a connection refused dialog. Checking the firewall logs on my router, I see this message
IN=br1 MAC=--:--:--:--:--:-- SRC=(my computer IP) DST=(My WAN IP) LEN=40 TTL=240 PROTO=TCP DPT=5060 Unknown inbound session stopped
It appears that my firewall is still blocking the external connection. What strikes me as odd is, although I am unable to connect I can still see that the port is open from an outside port scanner. Using the service provided from http://www.yougetsignal.com/tools/open-ports/ I have confirmed that my IP has port 4040 to be open.
Once again, I have confirmed that the service is indeed listening on the raspberry pi, setup a static LAN address and created the protocol for both TCP and UDP....
Any help on this matter would be greatly appreciated.
Thanks in advance!
Ok so for whatever reason it was working all along. Apparently it was just getting confused by me trying to connect to my own router. I confirmed this by connecting to the server via 4G on my phone.
Dumb mistake by me.
It seems I have this weird issue I can't really understand. I am able to connect to a remote computer (windows machine) with remote desktop perfectly but I am not be able to ping to it. When I ping I get timeout all the time. It is the same ip address and I am using the same computer, so there are no firewall issue I think. From what I know ping is using it own protocol (different than TCP and UDP) so you don't ping to a precific port
Yes it is. The system administrator, and the network administrators (of the several networks you need to use to access the remote machines), are able configure their boxes to disable ICMP. Then ping does not work, but HTTP or ssh (or whatever protocol your remote desktop uses) could work.
ICMP is often disabled for security reasons, and to lower the load on the remote computer. It makes slightly harder to find the remote host.
I have got chef-server installed on a centos machine.
Everything is working as expected except that I cannot access the chef-server web interface from another machine on my local network.
I can access the web interface from the centos machine itself:
telnet mychefserver.local 4000
Connected
If I do the same from my machine I have got:
telnet: Unable to connect to remote host: No route to host
I can successfully ping mychefserver.local from my machine
Any idea how to configure nginx with chef-server to access the chef-server from the network?
Since Chef Server 10, the web interface uses normal HTTPS (TCP 443), it only listens on the high ports locally, and nginx proxies as needed to the different backend services. I would try with a normal web browser as telnet isn't exactly great at error messages. Normally I would expect that to mean telnet is getting TCP transmission errors, but maybe it is just confused? If it is really a TCP transmit error then more likely the internal DNS is having issues. .local often means mDNS which has uneven support in some places, I would try an actual IP address to be sure.
My issue was iptables.
I stopped iptables and I can access the chef-server from my local network again.
I have a puzzle I am not able to figure out, I would appreciate any help.
I am connected to a remote desktop using windows default remote desktop utility (Windows 8 locally, Windows 7 remotely).
The remote desktop is not in the same sub-network as my own.
Connection is made through default port 3389. Using Wireshark locally I can confirm the TCP connection being established and the data flow.
Running Wireshark in the remote desktop, I don`t see any flow of data between the two computers.
If I send a ICMP ping from the remote desktop to my computer, it works well and I can see it in Wireshark both remotely as well as locally. But if I send the ICMP ping from my computer to the remote desktop, it fails. I see it leaving my computer through Wireshark, but it never reaches the remote desktop (I don`t see it in Wireshark).
I don't think it is a firewall issue (specially since it can't explain why Wireshark won`t capture the port 3389 RPC flow).
Does anyone have any idea of what might be going on?
I found the main issue.
In Wireshark, turns out it is possible to configure the capture interface with a filter.
To change it, go to: Capture->Interfaces
On the interface being used, stop capturing to enable the Options, there it is possible to configure a capture filter.
I wrote a java program of TCP/IP Client which is supposed to read data from TCPIP server device.
Problem is when I give the IP and Port of the Device, java gives error of "Connection Time out". Obviously this is problem of not connecting to that Device.
I want to know if there is way to know where the problem is? Whether that TCPIP server device is not reachable (if no, then how to check it )
whether Its the router / network issue that TCPIP Client and Server has to be on same network or use same router to communicate. OR Just IP:Port is enough.
How on my computer may I know that TCPIP server device is turned on and streaming??
P.S. That TCPIP Server device can also be connected with blutooth connection. can i read streaming through blutooth in Java?? if yes what/How should I do it?
I want to know if there is way to know where the problem is? Whether
that TCPIP server device is not reachable (if no, then how to check it
)
Use telnet from the client - it will try to connect to the remote server at the port that you specify. For example telnet google.com 80 attempts to reach google.com on port 80. You could also use an IP address in place of "google.com". If you are on a windows box, you might have to enable telnet first.
You can also use netstat on the server. It should say the ports that are currently open and the state that they are in. For example, your Java server program should be listening on the port, so the state should say LISTEN.