Re: [ldm-users] Restoring Service after Firewall failure

Thanks for all your help, everyone. This list is great; I think this advice 
will help us narrow down the problem. I'll be sure to post once we get 
everything figured out. 
It's looking more like a DNS issue.  Gilbert:  just as you outlined below, we 
are able to resolve the upstream hosts, but we aren't getting a response (aside 
from Unidata who temporarily hardwired us to the ip to which twister2 is 
resolving on their end) Once they did this we started receiving data.  


On May 21, 2012, at 11:50 PM, Gilbert Sebenste wrote:

> On Mon, 21 May 2012, Phil Birnie wrote:
> 
>> Hey Everyone,
>> 
>> Looking for a bit of help for our network administrators here.  Our firewall 
>> went down last Friday and our network admins are in the process of restoring 
>> it.  Nothing has been changed on our boxes (aside from a reboot once 
>> everything came back online), but we are still having issues getting data.   
>> Before this outage, everything was working fine.   We're now getting "Access 
>> denied messages" from our upstream hosts... (details below)
>> 
>> Any help is very much appreciated.
> 
> Hi Phil,
> 
> I think the firewall is blocking all incoming (at least) connections on
> port 388 still. Here's an easy way to check. At a command prompt on the
> LDM ingester in question using the LDM account, type this:
> 
> % ldmping idd.unidata.ucar.edu
> 
> You should see something like this:
> 
> May 22 03:46:18 INFO:      State    Elapsed Port   Remote_Host rpc_stat
> May 22 03:46:18 INFO: Resolving idd.unidata.ucar.edu to 128.117.140.3 took 
> 0.001652 seconds
> May 22 03:46:18 INFO: RESPONDING   0.061400  388   idd.unidata.ucar.edu
> 
> Now, I don't have access to idd.unl.edu, so I will use them as an example.
> Look what happens when I type this from one of my LDM servers:
> 
> % ldmping idd.unl.edu
> May 22 03:47:38 INFO:      State    Elapsed Port   Remote_Host rpc_stat
> May 22 03:47:38 INFO: Resolving idd.unl.edu to 129.93.251.72 took 0.021817 
> seconds
> 
> Notice that there's no "RESPONDING" line, just a "Resolving" line. Given what 
> you have told me, if you ldmping idd.unidata.ucar.edu and you don't get a 
> RESPONDING line back....a firewall is blocking you.
> 
> Gilbert
> 
> *******************************************************************************
> Gilbert Sebenste                                                     ********
> (My opinions only!)                                                  ******
> Staff Meteorologist, Northern Illinois University                      ****
> E-mail: sebenste@xxxxxxxxxxxxxxxxxxxxx                                  ***
> web: http://weather.admin.niu.edu                                      **
> Twitter: http://www.twitter.com/NIU_Weather                            **
> Facebook: http://www.facebook.com/niu.weather                           *
> *******************************************************************************
> 
> _______________________________________________
> ldm-users mailing list
> ldm-users@xxxxxxxxxxxxxxxx
> For list information or to unsubscribe,  visit: 
> http://www.unidata.ucar.edu/mailing_lists/ 

  • 2012 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the ldm-users archives: