[Csync2] ERROR from peer http0: Identification failed!
Lars Ellenberg
lars.ellenberg at linbit.com
Sat Feb 5 14:19:03 CET 2011
On Sat, Feb 05, 2011 at 12:15:50PM +0000, Alex Cartwright wrote:
> Yep, the output of 'uname -n' matches the config files on both machines. I do
> however realise there was a typo in my previous email; please replace "rrltd"
> with "example" within the csync.cfg file :)
>
> It quite simply is not working; and makes little sense to me.
To debug:
disable csync2 "daemon" (in inetd, or standalone, whatever you have,
just make sure there is no csync2 listening).
start a csync2 daemon in single shot mode:
# csync2 -iii -vvv
and start one client
# csync2 -x -vvv
See if that gives more hints on the "daemon" side.
But again: the check works as follows:
daemon side:
accept() the tcp connection from peer,
wait for peer to say "HELLO example",
do a forward lookup of "example",
try to match the IP from that forward lookup
with the remote end of the tcp connection.
no match -> identification failed.
If there is NATing somewhere, it is sometimes a bit non-obvious,
but the daemon in verbose mode will log "new connection from IP:port"
first thing, so that should help you figure out what's going on.
If the peers are "multihomed", i.e. "example" resolves to more than on
IP, you need a recent enough csync2, some years ago csync2 used to check
only the first result from the lookup.
just use 2.0rc from http://git.linbit.com/csync2.git
btw, one quick and easy way to find out
which IP the peer sees you coming from:
$ ( echo config ; echo list ) | nc -q2 example csync2
OK (cmd_finished).
Dear 10.11.12.13, please identify first.
hth,
--
: Lars Ellenberg
: LINBIT | Your Way to High Availability
: DRBD/HA support and consulting http://www.linbit.com
DRBD® and LINBIT® are registered trademarks of LINBIT, Austria.
More information about the Csync2
mailing list