Hi
Hi
Iptables -L has returned following out put
------------------------------------------------------------------------
[root@pcncp04 root]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
------------------------------------------------------------------------
----
While the out put returned by iptables -L -t nat is as
------------------------------------------------------------------------
----
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
------------------------------------------------------------------------
----
Rebooting of machine also has not worked.
I also have tried to scan the ports with nmap e.g.
Scanning of port 2170 and 2135 has returned following
------------------------------------------------------------------------
----
[root@pcncp04 root]# nmap pcncp04.ncp.edu.pk -p 2170
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on pcncp04.ncp.edu.pk (127.0.0.1):
Port State Service
2170/tcp open unknown
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
------------------------------------------------------------------------
----
But same command is returning different result when running it from a
Different host on the same network
------------------------------------------------------------------------
----
[root@pcncp22 root]# nmap pcncp04.ncp.edu.pk -p 2170
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
The 1 scanned port on pcncp04.ncp.edu.pk (210.56.13.114) is: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
------------------------------------------------------------------------
----
I have turned off all firewall services but still it is not working.
Any idea how to solve this problem
Regards
Sajjad Asghar
-----Original Message-----
From: LHC Computer Grid - Rollout
[mailto:[log in to unmask]] On Behalf Of Maarten Litmaath,
CERN
Sent: Saturday, August 06, 2005 7:10 PM
To: [log in to unmask]
Subject: Re: [LCG-ROLLOUT] Can't contact LDAP server
On Sat, 6 Aug 2005, Sajjad Asghar wrote:
> Hi
> I have jus installed lcg 2_6_0 on our CE pcncp04.ncp.edu.pk. But I am
> getting error to retrieve information. ldapsearch commands returning
> following error
>
> [lxplus019] ~ > ldapsearch -x -H ldap://pcncp04.ncp.edu.pk:2170 -b
> mds-vo-name=NCP-Lcg2,o=grid
> ldap_bind: Can't contact LDAP server
>
> But same command works fine when I use it on the CE itself
> (pcncp04.ncp.edu.pk)
Did you stop the old lcg-bdii before upgrading?
In any case, what do these commands report:
iptables -L
iptables -L -t nat
There must be only rules that you explicitly put in yourself.
For example, on testbed CE lxb1766.cern.ch we still have the old
lcg-bdii
and we see this:
------------------------------------------------------------------------
-----
[root@lxb1766 root]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:2173
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:2172
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:2171
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
------------------------------------------------------------------------
-----
And:
------------------------------------------------------------------------
-----
[root@lxb1766 root]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:2170
redir ports 2172
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere lxb1766.cern.ch tcp dpt:2170
to:128.142.66.36:2172
------------------------------------------------------------------------
-----
All such rules must be removed.
If it still does not work, reboot the node.
