Re: LDM: RPC access to portmapper vs firewall

Hi Joe,

Are the 3 machines in question identical in regards to OS, LDM version,
allows, requests, entries in: etc/hosts, etc/services, etc/rpc


any subtle differences would help us pinpoint the problem.


Thank you,


-Jeff
____________________________                  _____________________
Jeff Weber                                    jweber@xxxxxxxx
Unidata Support                               PH:303-497-8676 
NWS-COMET Case Study Library                  FX:303-497-8690
University Corp for Atmospheric Research      3300 Mitchell Ln
http://www.unidata.ucar.edu/staff/jweber      Boulder,Co 80307-3000
________________________________________      ______________________

On Wed, 8 May 2002, Joe VanAndel wrote:

> I am running LDM on a firewalled machine that doesn't allow access to
> remote
> portmappers.
> 
> http://www.unidata.ucar.edu/packages/ldm/networkSecurityAndSetup.html
> states:
> 
> ================================================
> Currently, in order to start, the LDM requires that the portmapper
> program, usually called portmap or rcpbind on some systems, be running
> so that the LDM can register its remote procedure call (RPC) service.
> After that, however, the portmapper is not required because client LDMs
> will attempt to connect directly to port 388. Perhaps the best way to
> implement a secure LDM server would be to have the portmapper running
> but block or limit access to its port, port 111, via either TCP-Wrappers
> or a firewall. 
> 
> ==============================================
> 
> However, after restarting ldm on a server, I see the message:
> 
> FEEDME(moonbow.rap.ucar.edu): can't contact portmapper: RPC: Unable to
> send; errno = Operation not permitted
> 
> Reading the source code protocol/h_clnt.c, this message is a result of
> an RPC failure.  (And this failure resets the state of the connection.)
> 
> For this particular machine, sometimes I see a delay of several minutes
> before
> I see the message:
>  FEEDME(moonbow.rap.ucar.edu): OK
> 
> This doesn't happen for the other two machines that are feeding this LDM
> server.
> 
> Any idea why this error mesage happens on one machine, and not two
> others?
> 


  • 2002 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the ldm-users archives: