[ZBX-14899] net.tcp.listen return a wrong value at centos 5 Created: 2018 Sep 24 Updated: 2024 Apr 10 Resolved: 2018 Nov 12 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | Agent (G) |
Affects Version/s: | 3.4.14 |
Fix Version/s: | 3.0.24rc1, 4.0.2rc1, 4.2.0alpha1, 4.2 (plan) |
Type: | Problem report | Priority: | Trivial |
Reporter: | Javier Barroso | Assignee: | Alex Kalimulin |
Resolution: | Fixed | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | default.sysctl.conf proc-net-tcp.txt strace-port-443-ko.txt strace-port-443-not-https.txt strace-port-80-ok.txt strace-shorted-s-70000.txt sysctl.conf test-tcp-net-listen.c |
Team: | Team A |
Team: | Team A |
Sprint: | Sprint 46, Nov 2018 |
Story Points: | 0.75 |
Description |
Hello,
We are having trouble with a centos 5.9 system and zabbix net.tcp.listen at zabbix 3.4.14 agent (from zabbix rpm repo)
# cat /etc/yum.repos.d/zabbix.repo [zabbix] name=Zabbix Official Repository - $basearch baseurl=http://repo.zabbix.com/zabbix/3.4/rhel/5/$basearch/ enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX [zabbix-non-supported] name=Zabbix Official Repository non-supported - $basearch baseurl=http://repo.zabbix.com/non-supported/rhel/5/$basearch/ enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX gpgcheck=0 # rpm -qa | grep zabbix zabbix-sender-3.4.14-1.el5 zabbix-agent-3.4.14-1.el5
# grep "^[[:space:]]*80:\|^[[:space:]]*443:" /proc/net/tcp 80: 9607BC0A:196D D304BC0A:1F49 01 00000000:00000000 02:00001582 00000000 521 0 164153422 2 ffff81007a412080 208 40 26 3 -1 443: 9607BC0A:CF6A D304BC0A:1F49 01 00000000:00000000 02:00005901 00000000 521 0 163982489 2 ffff81003f283980 206 40 30 3 -1 I'm attaching both strace output as requested on similar issue ( At strace of 443 we can see how zabbix try to open tcp6 (which does not exist at this server) Thank you very much
|
Comments |
Comment by Edgars Melveris [ 2018 Sep 25 ] |
Hello Javier! I have tried to reproduce the error, but could not. I installed a fresh centos 5.9 and zabbix_agent from repo. I disabled tcp6 while installing os. And got an answer 0 to the item net.tcp.listen[443]. If there is a service running on port 443, can you disable it and test again? |
Comment by Javier Barroso [ 2018 Sep 25 ] |
Uploading the output:
When it is not 443 port open , it works because it return 0, but when I add "Listen 443" to httpd.conf (at ssl.conf) it return 0 too.
I have test net.tcp.listen[5000] with nc -l 5000, and it works, so it is something on our apache installation We have "Listen 443" directive, but I tested with "Listen 0.0.0.0:443" too I have investigating even more: If I test an privileged port (<1024), it fail If I test a unprivileged port (>= 1024), it works
Not sure why 81 not work with nc, but 80 not work with apache (I cannot stop apache and test nc with 80) Can the size of /proc/net/tcp be the reason ? See the attached strace shorted (tail) output, and the file /proc/net/tcp when 443 is listening but net.tcp.listen return 0. For the last, this server have a tunned (please does not ask me why ! ) sysctl.conf, I'm uploading it too Thank you very much
|
Comment by Aigars Kadikis [ 2018 Oct 09 ] |
Hello Javier. Just jumping into this topic now. Creating a summary. Based on the information provided, we do know that Zabbix function net.tcp.listen[] under CentOS 5 uses /proc/net/tcp to get the metric. Somehow your strace result shows that zabbix_agentd are trying to access /proc/net/tcp6 . Does the file exist on your system? Attaching default.sysctl.conf which comes by default in CentOS 5. What is the output of 'netstat -tulpn'? Regards, |
Comment by Javier Barroso [ 2018 Oct 12 ] |
I have been on holidays, tomorrow os a not working day in Spain, I will reply at monday
Thanks! |
Comment by Javier Barroso [ 2018 Oct 15 ] |
Hello, # LANG=C ls /proc/net/tcp6 ls: /proc/net/tcp6: No such file or directory # netstat -tulpn Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 14395/zabbix_agentd tcp 0 0 0.0.0.0:6051 0.0.0.0:* LISTEN 3215/caagentd tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 8271/httpd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1817/sshd tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 8271/httpd udp 0 0 0.0.0.0:6051 0.0.0.0:* 3215/caagentd udp 0 0 0.0.0.0:28208 0.0.0.0:* 8271/httpd udp 0 0 0.0.0.0:41524 0.0.0.0:* 3215/caagentd udp 0 0 192.168.100.70:123 0.0.0.0:* 2186/ntpd udp 0 0 192.168.6.160:123 0.0.0.0:* 2186/ntpd udp 0 0 10.188.7.150:123 0.0.0.0:* 2186/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 2186/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 2186/ntpd I cloned the vm, and when it boot, zabbix reply as expected
When server boot /proc/net/tcp has 900 bytes. But when the server have a large uptime: # uptime 11:55:25 up 172 days, 11:18, 4 users, load average: 0.37, 0.56, 0.72 # wc -c /proc/net/tcp 404550 /proc/net/tcp Maybe when /proc/net/tcp is larger, zabbix does not recognized well the tcp listen port state ? Update: After playing with "for x in $(seq 444 3399); do nc -l $x & done" to force the tcp file size be greater, and restarting httpd, zabbix still is able to reply ok. So simply the size is not the question Thanks !
|
Comment by Javier Barroso [ 2018 Oct 15 ] |
I have just installed zabbix 4.0 agent, to test, but:
$ time zabbix_get -s 192.168.6.160 -k 'net.tcp.listen[443]'
At log server: 3460:20181015:134945.089 Message from 192.168.0.195 is missing header. Message ignored.
Can I have zabbix agent 4 with zabbix server 3.2 ?
Thank you !
|
Comment by Javier Barroso [ 2018 Oct 15 ] |
Hello, Finally I think I fixed this issue at local, at least: At ./src/libs/zbxsysinfo/linux/net.c:307: if (++count == 2), when I change to (++count == 1)
it works fine. I had made a dirty program attached, which I can compile / execute only for this purpose Please this .c file is only for testing, nothing serious, obviously
Not sure why if I copy /proc/net/tcp to a file, test-tcp-net-listen.c and change the path of the file read to such file (at 376 line [proc_read_tcp_listen parameter), works without modify the 307 line Please tell me if you need more info
Thank you very much |
Comment by Vladislavs Sokurenko [ 2018 Nov 06 ] |
Could you please be so kind and show output of: |
Comment by Javier Barroso [ 2018 Nov 06 ] |
Hello,
Please ,see https://support.zabbix.com/secure/attachment/66321/proc-net-tcp.txt , tpc6 file does not exist as commented at https://support.zabbix.com/browse/ZBX-14899?focusedCommentId=297049&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-297049
Thank you!
|
Comment by Alex Kalimulin [ 2018 Nov 09 ] |
Fixed in development branch: svn://svn.zabbix.com/branches/dev/ZBX-14899 |
Comment by Vladislavs Sokurenko [ 2018 Nov 09 ] |
Thank you for your report, issue was reproduced, the problem is that 3, SYN_RECV (A connection request has been received from the network) is present before listening sockets and Zabbix agent stops reading after it encounters non listening sockets. |
Comment by Javier Barroso [ 2018 Nov 09 ] |
Thank you for fixing this issue ! And sorry for my wrong patch |
Comment by Alex Kalimulin [ 2018 Nov 09 ] |
Fixed in:
|
Comment by Javier Barroso [ 2018 Nov 19 ] |
Is possible to fix it on 3.4 branch ? Or I should upgrade to 4.0.2 when the version arrive to rpm repo ?
Thank you ! |
Comment by Alex Kalimulin [ 2018 Nov 22 ] |
3.4 branch is frozen, please upgrade to 4.0.2. |