Azure Hybrid Connection trouble-shooting - azure

In both Azure and the Hybrid Connection Manager I have a status of 'Connected' but when I try tcpping to it fails.
Apart from tccping, is there any other trouble shooting I can do?
The HCM endpoint is DESDESKTOP-6E0E4QK:5162. Here are my tccping results
tcpping DESDESKTOP-6E0E4QK:5162
D:\home\site\wwwroot
Connection attempt failed: No such host is known
Connection attempt failed: No such host is known
Connection attempt failed: No such host is known
Connection attempt failed: No such host is known
Complete: 0/4 successfull attempts (0%). Average success time: 0ms
Internal IP that resolves to DESDESKTOP-6E0E4QK
tcpping 192.168.1.158:5162
D:\home\site\wwwroot
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.1.158:5162
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.1.158:5162
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.1.158:5162
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.1.158:5162
Complete: 0/4 successfull attempts (0%). Average success time: 0ms
External IP
tcpping 47.198.9.249:5162
D:\home\site\wwwroot
Connection attempt failed: Connection timed out.
Connection attempt failed: Connection timed out.
Connection attempt failed: Connection timed out.
Connection attempt failed: Connection timed out.
Complete: 0/4 successfull attempts (0%). Average success time: 0ms

Related

rafthttp: dial tcp timeout on etcd 3-node cluster creation

I don't have an access to the etcd part of the project's source code, however I do have access to the /var/log/syslog.
The goal is to setup up 3-node cluster.
(1)The very first etcd error that comes up is:
rafthttp: failed to dial 76e7ffhh20007a98 on stream MsgApp v2 (dial tcp 10.0.0.134:2380: i/o timeout)
Before continuing, I would say that I can ping all three nodes from each of the nodes. As well as I have tried to open the 2380 TCP ports and still no success - same error.
(2)So, before that error I had following messages from the etcd, which in my opinion confirm that cluster is setup correctly:
etcdserver/membership: added member 76e7ffhh20007a98 [https://server2:2380]
etcdserver/membership: added member 222e88db3803e816 [https://server1:2380]
etcdserver/membership: added member 999115e00e17123d [https://server3:2380]
In /etc/hosts file these DNS names are resolved as:
server2 10.0.0.135
server1 10.0.0.134
server3 10.0.0.136
(3)The initial setup, however (on each nodes looks like this):
embed: listening for peers on https://127.0.0.1:2380
embed: listening for client requests on 127.0.0.1:2379
So, to sum up, each node have got this initial setup log (3) and then adds members (2) then once these steps are done it fails with (1). As I know the etcd cluster creation is following this pattern: https://etcd.io/docs/v3.5/tutorials/how-to-setup-cluster/
Without knowing the source code is really hard to debug, however maybe some ideas on the error and what could cause it?
UPD: etcdctl cluster-health output (ETCDCTL_ENDPOINT is exported):
cluster may be unhealthy: failed to list members Error: client: etcd
cluster is unavailable or misconfigured; error #0: client: endpoint
http://127.0.0.1:2379 exceeded header timeout ; error #1: dial tcp
127.0.0.1:4001: connect: connection refused
error #0: client: endpoint http://127.0.0.1:2379 exceeded header
timeout error #1: dial tcp 127.0.0.1:4001: connect: connection refused

502 Bad Gateway issue while starting Jfrog

Am trying to bring Jfrog up, in local tomcat is running and artifactory service also looking fine. But in UI jfrog is not coming up.
Getting 502 Bad Gateway error. I have shared the console log details below.
Below is the console log
[TRACE] [Service registry ping] operation attempt #94 failed. retrying in 1s. current error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
[TRACE] [Service registry ping] running retry attempt #95
[INFO ] Cluster join: Retry 95: Service registry ping failed, will retry. Error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
[TRACE] [Service registry ping] operation attempt #95 failed. retrying in 1s. current error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
2022-09-10T06:14:20.271Z [jffe ] [INFO ] [ ] [ ] [main ] - pinging artifactory, attempt number 90
2022-09-10T06:14:20.274Z [jffe ] [INFO ] [ ] [ ] [main ] - pinging artifactory attempt number 90 failed with code : ECONNREFUSED
[TRACE] [Service registry ping] running retry attempt #96
[DEBUG] Cluster join: Retry 96: Service registry ping failed, will retry. Error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
[TRACE] [Service registry ping] operation attempt #96 failed. retrying in 1s. current error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
2022-09-10T06:14:21.188Z [jfrou] [INFO ] [2b4bfed554e45cf6] [join_executor.go:169 ] [main ] [] - Cluster join: Retry 100: Service registry ping failed, will retry. Error: could not parse error from service registry, status code: 404, raw body: <!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1></body></html>
[TRACE] [Service registry ping] running retry attempt #97
[DEBUG] Cluster join: Retry 97: Service registry ping failed, will retry. Error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
[TRACE] [Service registry ping] operation attempt #97 failed. retrying in 1s. current error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
2022-09-10T06:14:22.016Z [jfmd ] [INFO ] [ ] [accessclient.go:60 ] [main ] - Cluster join: Retry 100: Service registry ping failed, will retry. Error: Error while trying to connect to local router at address 'http://localhost:8046/access': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused [access_client]
[TRACE] [Service registry ping] running retry attempt #98
[DEBUG] Cluster join: Retry 98: Service registry ping failed, will retry. Error: error while trying to connect to local router at address 'http://localhost:8046/access/api/v1/system/ping': Get "http://localhost:8046/access/api/v1/system/ping": dial tcp 127.0.0.1:8046: connect: connection refused
and this is the error am getting in UI.
502 Bad Gateway error
Is it a newly installed Artifactory instance? If yes, we need to verify whether the required ports are in place (open at the firewall level). If the ports are already available, disable the IPv6 address from the VM where Artifactory is installed and restart the Artifactory. There are chances of this error occurrence if the application is trying to pick up the IPv6 address for initialisation instead of Ipv4.

Fabic: Issue connection refused 7050

I am trying to create a network from the hyperledger fabic tutorial. I get the following error:
Error: failed to create deliver client for orderer: orderer client failed to connect to localhost:7050: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp [::1]:7050: connect: connection refused"
I opened up the port on the Centos 7 Virtual machine and still no luck. The docker container is exposing the port to the host.
I removed all docker containers, images and volumes. I even rebuilt the VM from scratch.
Any help would be great.
Thanks,
This situation is happened because you called a gRPC to orderer server but your call failed to hit the server. This situation may happen for many reasons, but for most of the cases the situation is happened due to server down(orderer server exit or down due to misconfiguration) or your call failed to hit the server due to misconfiguration.
I somehow encounter this problem before and the port was opened. Somehow it was a mistake where I forgot to put '-a' in command (launch cerificate authorities). Hope it help.
You might also refer this : https://hyperledger-fabric.readthedocs.io/en/release-2.0/build_network.html

Network Security Group for Filezilla(client) connection

I am new here.
Few days ago, attended MS azure events, and today registered with Azure (free account).
VM Environment: VM = CentOS 7, apache+php+mysql+vsftpd+phpMyAdmin
everything is up and running, able to visit the "info.php" via its public IP address.
SeLinux = disabled, Firewalld disabled.
my problem is not able to connect this server via Filezilla (PC client).
from Windows command prompt (FTP/put) is working, able to upload files.
But via Filezilla
Status: Connecting to 5x.1xx.1xx.7x:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/home/ftpuser"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PORT 192,168,1,183,234,99
Response: 200 PORT command successful. Consider using PASV.
Command: LIST
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
Status: Connecting to 5x.1xx.1xx.7x:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/home/ftpuser"
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PORT 192,168,1,183,234,137
Response: 200 PORT command successful. Consider using PASV.
Command: LIST
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
I believe that is because of the Network Security group settings for inbound and outbound rules, need open some port, but not sure, because I tried open 1024-65535 all allow, still not working.
If you use passive mode FTP, you should open ports 20,21 and ports that you need on Azure NSG(Inbound rules). You could check /etc/vsftpd.conf
pasv_enable=YES
pasv_min_port=60001
pasv_max_port=60005
For this example, you should open ports 60001-60005 on Azure NSG(Inbound rules).

wget using --timeout and --tries together

How long would you expect this command to take before exiting?
wget --timeout=1 --tries=2 "http://www.google.com:81/not-there"
I would expect a timeout of 1 seconds and 2 tries would mean 2 seconds, but it takes 6.025 seconds
wget --timeout=1 --tries=2 "http://www.google.com:81/not-there"
--2017-04-27 16:49:12--http://www.google.com:81/not-there
Resolving www.google.com (www.google.com)... 209.85.203.105, 209.85.203.103, 209.85.203.99, ...
Connecting to www.google.com (www.google.com)|209.85.203.105|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.103|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.99|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.104|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.106|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.147|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|2a00:1450:4009:80d::2004|:81... failed: Network is unreachable.
I don't know why it tries 6 times before quitting.
It seems like tries is for retrying. If I set --retry-connrefused it at least does the retry, but still the total time taken isn't what I would expect. I'd like to be able to decide how many times it should try on a timeout.
Edit:
After a suggestion from #Socowi I tried using waitretry in combination with retry-connrefused and got the same behaviour:
$ wget --timeout=1 --waitretry=0 --tries=2 --retry-connrefused "http://www.google.com:81/not-there"
--2017-04-27 20:29:47-- http://www.google.com:81/not-there
Resolving www.google.com (www.google.com)... 2a00:1450:400b:c00::68, 209.85.203.99, 209.85.203.147, ...
Connecting to www.google.com (www.google.com)|2a00:1450:400b:c00::68|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.99|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.147|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.103|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.104|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.106|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.105|:81... failed: Connection timed out.
Retrying.
--2017-04-27 20:29:54-- (try: 2) http://www.google.com:81/not-there
Connecting to www.google.com (www.google.com)|2a00:1450:400b:c00::68|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.99|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.147|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.103|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.104|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.106|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.105|:81... failed: Connection timed out.
Giving up.
Edit Two
I was really confused when two identical commands behaved differently.
root#8c59d6dd05fe:/var/www/html# wget --timeout=1 --waitretry=0 --tries=2 --retry-connrefused "http://www.google.com:81/not-there"
converted 'http://www.google.com:81/not-there' (ANSI_X3.4-1968) -> 'http://www.google.com:81/not-there' (UTF-8)
--2017-04-27 19:50:28-- http://www.google.com:81/not-there
Resolving www.google.com (www.google.com)... 216.58.211.164, 2a00:1450:4009:805::2004
Connecting to www.google.com (www.google.com)|216.58.211.164|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|2a00:1450:4009:805::2004|:81... failed: Cannot assign requested address.
Retrying.
--2017-04-27 19:50:29-- (try: 2) http://www.google.com:81/not-there
Connecting to www.google.com (www.google.com)|216.58.211.164|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|2a00:1450:4009:805::2004|:81... failed: Cannot assign requested address.
Giving up.
root#8c59d6dd05fe:/var/www/html# wget --timeout=1 --waitretry=0 --tries=2 --retry-connrefused "http://www.google.com:81/not-there"
converted 'http://www.google.com:81/not-there' (ANSI_X3.4-1968) -> 'http://www.google.com:81/not-there' (UTF-8)
--2017-04-27 19:50:35-- http://www.google.com:81/not-there
Resolving www.google.com (www.google.com)... 209.85.203.104, 209.85.203.147, 209.85.203.106, ...
Connecting to www.google.com (www.google.com)|209.85.203.104|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.147|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.106|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.103|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.105|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.99|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|2a00:1450:400b:c03::68|:81... failed: Cannot assign requested address.
Retrying.
--2017-04-27 19:50:41-- (try: 2) http://www.google.com:81/not-there
Connecting to www.google.com (www.google.com)|209.85.203.104|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.147|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.106|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.103|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.105|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|209.85.203.99|:81... failed: Connection timed out.
Connecting to www.google.com (www.google.com)|2a00:1450:400b:c03::68|:81... failed: Cannot assign requested address.
Giving up.
I thought I was going a bit crazy, but it was only when #Socowi pointed out in the comments that the IPs each retry were different that it clicked. It depends on the number of possible IPs being returned. The magic number 7 (retries) I was seeing was number the IP options. When I just choose one specific IP it only tries it once.
Wrong Number of Retries
Your wget seems to resolve the URL to multiple IP addresses as seen in the second line of your wget's output. Each IP is then tested with the specified timeout. Unfortunately I haven't found any options to limit the DNS lookup to one address or set a total timeout for all IPs together. But you could try to use "<googles ip address>:81/not-there" instead of the domain name.
To automatically resolve the domain to a single IP address you can use
wget "http://$(getent hosts www.google.com | sed 's/ .*//;q'):81/not-there"
Seemingly Too Long Timeout
As you already found out, setting --retry-connrefused lets wget retry even after a »connection refused« error. The specified timeout is used for each retry, but between the retries there will be a pause which gets longer after each retry.
Example
wget --timeout=1 --tries=5 --retry-connrefused URL
does something like
try to connect for 1 second
failed -> wait 1 second
try to connect for 1 second
failed -> wait 2 seconds
try to connect for 1 second
failed -> wait 3 second
try to connect for 1 second
failed -> wait 4 second
try to connect for 1 second
Therefore the command takes tries * timeout + 1 + 2 + ... + (tries - 1) seconds. This behavior is specified in man wget under the option, which allows you to change it :)
--waitretry=seconds
If you don't want Wget to wait between every retrieval, but only
between retries of failed downloads, you can use this option. Wget
will use linear backoff, waiting 1 second after the first failure
on a given file, then waiting 2 seconds after the second failure on
that file, up to the maximum number of seconds you specify.
By default, Wget will assume a value of 10 seconds.
I think you wanted to use something like
wget --timeout=1 --waitretry=0 --tries=5 --retry-connrefused URL
which eliminates the pause between two retries, resulting in a total time of timeout * tries.

Resources