Results 1 to 6 of 6

Thread: amandahosts and disklist, selfcheck request failed. timeout waiting for ACK

  1. #1

    Default amandahosts and disklist, selfcheck request failed. timeout waiting for ACK

    I have been getting errors after installing Amanda. I am a first time user so I am afraid I missed some basic stuff:

    The error I am getting is

    selfcheck request failed. timeout waiting for ACK.

    This error has been discussed many places, I checked

    [url]http://wiki.zmanda.com/index.php/Amcheck:_selfcheck_request_failed[/url]

    and

    [url]http://amanda.sourceforge.net/cgi-bin/fom?_recurse=1&file=5#file_16[/url]

    but can't resolve my issue - all seems fine.


    I amusing Ubuntu 7.1 - 64bit, following the instruction here

    [url]http://ubuntuforums.org/showthread.php?p=2470030[/url]

    Amanda version is 2.5.1p. Hardware is double CPU Intel Xeon QuadCore.

    My questions are:

    1. On ther server, when I run netstat, I can not find "amandad" process. All I can find is "amandaidx". SHould there be an "amanda" process when we run netstat -a?

    #netstat -a | grep amanda
    tcp 0 0 *:amandaidx *:* LISTEN

    2. In these amandahosts and disklist, can I use IP address directly? I am using IP address directly in both files.

    E.g., in /etc/amandahosts, can I use:

    "128.12.345.67 backup" instead of "someserver.domain.com backup"?


    Thanks for your help.

  2. #2
    Join Date
    Jun 2007
    Posts
    60

    Default

    1. On ther server, when I run netstat, I can not find "amandad" process. All I can find is "amandaidx". SHould there be an "amanda" process when we run netstat -a?
    Yes 'amandad' process should be present on server. Post the output of 'cat /etc/xinetd.d/amandaserver'

  3. #3
    Join Date
    Jan 2007
    Location
    Richland, WA [USA]
    Posts
    78

    Default

    Hello amazander,

    Quote Originally Posted by amazander View Post
    I have been getting errors after installing Amanda. I am a first time user so I am afraid I missed some basic stuff:

    The error I am getting is

    selfcheck request failed. timeout waiting for ACK.
    That means that Amanda server and client aren't on speaking tems. Something "network" related (firewalls, ports being used, TCP vs UDP etc.) isn't right and needs to be corrected.

    My questions are:

    1. On ther server, when I run netstat, I can not find "amandad" process. All I can find is "amandaidx". SHould there be an "amanda" process when we run netstat -a?

    #netstat -a | grep amanda
    tcp 0 0 *:amandaidx *:* LISTEN
    Actually, the "netstat" command is just showing you the symbolic NAME of the PORT it's listening on. So, you won't find "amandad" there, you should (at least, on my system) see the name of the port that's being listened to - as defined in the /etc/services file. From my (RedHat AW4 system), we have:

    [code]
    Code:
    spock{rakowski}458: grep amand /etc/services
    amanda          10080/tcp                       # amanda backup services
    amanda          10080/udp                       # amanda backup services
    kamanda         10081/tcp                       # amanda backup services (Kerberos)
    kamanda         10081/udp                       # amanda backup services (Kerberos)
    amandaidx       10082/tcp                       # amanda backup services
    amidxtape       10083/tcp                       # amanda backup services
    spock{rakowski}459:
    spock{rakowski}459: netstat -a|grep amand
    tcp        0      0 *:amanda                    *:*                         LISTEN
    spock{rakowski}460:
    so you can see it's listening on the Amanda TCP port 10080, as that is what "amanda" is defined as in the /etc/services file. In your case, you appear to be listening to port 10082 (amandaidx) instead. (Note, the "-program" option to Linux netstat would show the program name as well, but that should be xinetd, as that's what's actually listening.)

    I believe that in earlier versions of Amanda, you needed to have inetd or xinetd listening on each of the services (only on the server), but now everything just uses the 10080 port. In MY /etc/xinetd.d/amanda file (on the client, since the Amanda server initiates the connection for backups), I have:

    Code:
    spock{rakowski}460: cat /etc/xinetd.d/amanda
    service amanda
    {
        disable          = no
        socket_type      = stream
        protocol         = tcp
        wait             = no
        user             = amandabackup
        group            = disk
        groups           = yes
        only_from        = amanda01.XXX.YYY.com amanda02.YYY.com
        log_type         = SYSLOG daemon warning
        log_on_success   = HOST PID EXIT DURATION
        log_on_failure   = HOST ATTEMPT
        server           = /usr/lib/amanda/amandad
        server_args      = -auth=bsdtcp amdump
    }
    spock{rakowski}461:
    so the xinetd will start amandad when it "hears" the amanda01 or amanda02 servers connecting on the amanda port.

    2. In these amandahosts and disklist, can I use IP address directly? I am using IP address directly in both files.

    E.g., in /etc/amandahosts, can I use:

    "128.12.345.67 backup" instead of "someserver.domain.com backup"?
    I don't know the answer to this - hopefully someone in the know can answer definitively. From the networking side of things, you'd expect that to work, but since the client "knows" who it is, it's possible that it will be using names rather than IP addresses to look up permissions and/or entries in the "disklist" file. I have all my systems in DNS, and it works that way, so I haven't tried.

    Actually, the one exception is the "only_from=" entry in the /etc/xinetd.d/amanda file. On a few laptops that start running xinetd daemon before the DNS name server is available (the laptop might not be on the net at that time, for instance), I needed to put hard-coded IP addresses, since xinetd wouldn't know what IPs to allow connections from, and would disallow everything.

    Best of luck - Amanda is somewhat complex and confusing to start out, but grows on you as you use it!

    -Andrew [in the deserts of eastern Washington, USA]

  4. #4

    Default

    I have the same error on Debian etch (amanda-client and amanda-server both are Debian etch) and cannot resolve it using the troubleshooting guide on the wiki ([url]http://wiki.zmanda.com/index.php/Selfcheck_request_failed[/url])

    Any hints?? Thanks!

    I can only see the following when I do lsof -a -n -i on the server:

    xinetd 3037 root 5u IPv4 8191 TCP *:amandaidx (LISTEN)
    xinetd 3037 root 6u IPv4 8192 TCP *:amidxtape (LISTEN)

    On the client, lsof -a -n -i produces:

    xinetd 2581 root 5u IPv4 97697279 TCP *:amanda (LISTEN)

    This is my amanda configuration on server:/etc/xinet.d/amanda

    service amanda
    {
    disable = no
    socket_type = stream
    protocol = tcp
    # wait = no
    wait = yes
    user = backup
    group = backup
    groups = yes
    server = /usr/lib/amanda/amandad
    #server_args = -auth=bsd amdump amindexd amidxtaped
    server_args = amdump amindexd amidxtaped
    }

    This is /etc/xinet.d/amanda on client:

    service amanda
    {
    disable = no
    socket_type = stream
    protocol = tcp
    #wait = no
    wait = yes
    user = backup
    group = backup
    groups = yes
    server = /usr/lib/amanda/amandad
    #server_args = -auth=bsdtcp amdump
    #server_args = -auth=bsd amdump amindexd amidxtaped
    server_args = amdump amindexd amidxtaped
    }

    This is the output of amcheck*debug:

    amcheck: debug 1 pid 3187 ruid 34 euid 0: start at Fri Jan 4 09:17:03 2008
    amcheck: debug 1 pid 3187 ruid 34 euid 34: rename at Fri Jan 4 09:17:03 2008
    security_getdriver(name=BSD) returns 0xb7f060e0
    security_handleinit(handle=0x805e660, driver=0xb7f060e0 (BSD))
    amcheck-clients: time 0.053: bind_portrange2: Try port 843: Available - Success
    amcheck-clients: time 0.053: dgram_bind: socket bound to 0.0.0.0.843
    amcheck-clients: dgram_send_addr(addr=0xbffac0e0, dgram=0xb7f07084)
    amcheck-clients: time 0.055: (sockaddr_in *)0xbffac0e0 = { 2, 10080, 192.168.100.4 }
    amcheck-clients: dgram_send_addr: 0xb7f07084->socket = 4
    changer_query: changer return was 6 1
    changer_query: searchable = 0
    changer_find: looking for NULL changer is searchable = 0
    amcheck-clients: dgram_send_addr(addr=0xbffabfd0, dgram=0xb7f07084)
    amcheck-clients: time 10.063: (sockaddr_in *)0xbffabfd0 = { 2, 10080, 192.168.100.4 }
    amcheck-clients: dgram_send_addr: 0xb7f07084->socket = 4
    amcheck-clients: dgram_send_addr(addr=0xbffabfd0, dgram=0xb7f07084)
    amcheck-clients: time 20.070: (sockaddr_in *)0xbffabfd0 = { 2, 10080, 192.168.100.4 }
    amcheck-clients: dgram_send_addr: 0xb7f07084->socket = 4
    security_seterror(handle=0x805e660, driver=0xb7f060e0 (BSD) error=timeout waiting for ACK)
    security_close(handle=0x805e660, driver=0xb7f060e0 (BSD))
    amcheck: pid 3187 finish time Fri Jan 4 09:17:34 2008
    Last edited by linuxtrek; January 8th, 2008 at 11:05 AM. Reason: additional info

  5. #5

    Default

    PEBKAC.

    I wrongly typed the server entry in the client's amandahosts entry.

    This is also the working xinetd configuration for amanda client:

    # cat /etc/xinetd.d/amanda

    # default: on
    # description: The amanda service
    service amanda
    {
    disable = no
    socket_type = dgram
    protocol = udp
    # socket_type = stream
    # protocol = tcp
    wait = yes
    user = backup
    group = backup
    server = /usr/lib/amanda/amandad
    }

  6. #6
    Join Date
    Jan 2007
    Location
    Richland, WA [USA]
    Posts
    78

    Default

    Quote Originally Posted by linuxtrek View Post
    PEBKAC.

    I wrongly typed the server entry in the client's amandahosts entry.

    This is also the working xinetd configuration for amanda client:

    # cat /etc/xinetd.d/amanda

    # default: on
    # description: The amanda service
    service amanda
    {
    disable = no
    socket_type = dgram
    protocol = udp
    # socket_type = stream
    # protocol = tcp
    wait = yes
    user = backup
    group = backup
    server = /usr/lib/amanda/amandad
    }

    One thing to keep in mind as a major problem in initial setup is TCP versus UDP (that's the "protocol=tcp", "socket_type=stream", and "wait=no" options vs "protocol=udp", "socket_type=dgram", "wait=yes" settings).

    I'm not really sure why the Amanda developers allow a choice between the two protocols now, but since they do, you need to make sure you're using all of one method or the other. In my world of firewalls and very fast networks, I find using TCP is best, but I'm old enough to recall the potential efficiencies of UDP (I'm just not sure it matters.)

    Also, you need to pick an authentication method (auth of "bsd", "bsdtcp", "krb5", "ssh" etc.) and have that match on both the server and clients. I believe that means having a correct "server_args=" line in the xinetd.conf file, so the xinetd daemon will start the Amanda daemon in the correct mode when something pokes at its amanda (10080) port.

    "linuxtrek" posted a debug file that seems to show that the client was trying to do BSD authentication, but the server doesn't appear to be started with the "-auth=bsd" option, so that might be why the:

    security_seterror(handle=0x805e660, driver=0xb7f060e0 (BSD) error=timeout waiting for ACK

    message shows up (no security response). On the other hand, it could be other network problems as well. Also, the lsof option she posted shows xinetd listening on a TCP port, but the .debug file shows UDP traffic attempts (dgram_* messages, BSD rather than BSDTCP, etc.)

    I notice that "linuxtrek" swtiched to a different install that is now working, but I just wanted to point out those issues, since they indicate problems (and also the problem with allowing both TCP and UDP adding confusion. 8^)

    Oh well, I hope this helps someone. If nothing else, I ended up with some typing practice!

    Cheers all,

    -Andrew [in the deserts of eastern Washington, USA]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •