[pgpool-general: 7299] Re: No TCP/IP connection to Pgpool on RHEL 8.2

Anssi Kanninen anssi at iki.fi
Sun Sep 20 23:50:19 JST 2020 

Customer's network engineers are also investigating this for a possible firewall rule problem.

On 18 September 2020 11:31:41 EEST, Anssi Kanninen <anssi at iki.fi> wrote:
>Thank you!
>
>Here is some more info. I made some comparison of the TCP traffic when 
>connected to Pgpool or straight to PostgreSQL.
>
>See attachments:
>
>* cmd-pgpool.txt
>The command and response when connected to Pgpool.
>
>* tcpdump-pgpool.txt
>A dump of TCP traffic to/from PgPool port when executed the command 
>above.
>
>* cmd-postgres.txt
>The command and response when connected straight to PostgreSQL.
>
>* tcpdump-postgres.txt
>A dump of TCP traffic to/from PostgreSQL port when executed the command
>
>above.
>
>Strangely, it seems that the database name and user name never reached 
>Pgpool.
>
>Hope this helps,
>   - Anssi
>
>On Fri, 18 Sep 2020, Bo Peng wrote:
>
>> Hi,
>>
>> Thank you for reporting this issue.
>> I am going to look into this one.
>>
>> On Fri, 18 Sep 2020 02:47:24 +0300
>> Anssi Kanninen <anssi at iki.fi> wrote:
>>
>>> Software versions are the same on both systems:
>>> PostgreSQL 12.2
>>> Pgpool 4.1.3
>>>
>>> On 18 September 2020 02:31:11 EEST, Anssi Kanninen <anssi at iki.fi>
>wrote:
>>>> Hello,
>>>>
>>>> My Pgpool doesn't work on RHEL 8.2.
>>>>
>>>> Eveythins runs smoothly on my Centos 8.1.1911 virtual machines but
>when
>>>> I
>>>> transfer the same Pgpool/PostgreSQL configuration to customer's
>RHEL
>>>> 8.2,
>>>> I can not connect to Pgpool via TCP/IP.
>>>>
>>>> Here is a clip of my log on Centos when I successfully fail to
>>>> authenticate (x.x.x.x is a wrong interface, so this error is
>expected).
>>>> So, "user" and "database" are show in the log.
>>>>
>>>> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-1] pid 6616: ERROR: 
>failed
>>>> to authenticate
>>>> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-2] pid 6616: DETAIL: 
>no
>>>> pg_hba.conf entry for host "x.x.x.x", user "pgpool", database
>>>> "postgres", SSL off
>>>>
>>>> Here is log of successful connection. Protocol Major is 3 and Minor
>is
>>>> 0.
>>>>
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-1] pid 27853: DEBUG:
>>>> reading startup packet
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-2] pid 27853: DETAIL:
>>>> application_name: psql
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-1] pid 27853: DEBUG:
>>>> reading startup packet
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-2] pid 27853: DETAIL:
>>>> Protocol Major: 3 Minor: 0 database: postgres user: pgpool
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-2] pid 27853: DETAIL:
>>>> connecting 0 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-2] pid 27853: DETAIL:
>>>> connecting 1 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-2] pid 27853: DETAIL:
>>>> connecting 2 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-1] pid 27853: DEBUG:
>>>> authentication backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-2] pid 27853: DETAIL:
>>>> auth kind:10
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-1] pid 27853: DEBUG:
>>>> authentication backend 0
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-2] pid 27853: DETAIL:
>>>> trying SCRAM authentication
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [33-1] pid 27853: DEBUG:
>>>> SCRAM authentication successful for backend 0
>>>>
>>>> So, the above works.
>>>>
>>>> But then I transfer the same configuration to the customer's RHEL
>8.2,
>>>> the
>>>> same connection attempt shows this:
>>>>
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [262-1] pid 348681:
>>>> DEBUG:  I am 348681 accept fd 8
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-1] pid 348681:
>>>> DEBUG:  reading startup packet
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-2] pid 348681:
>>>> DETAIL:  Protocol Major: 1234 Minor: 5680 database:  user:
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-1] pid 348681:
>>>> FATAL:  client authentication failed
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-2] pid 348681:
>>>> DETAIL:  no pool_hba.conf entry for host "x.x.x.x", user "",
>database
>>>> "", SSL off
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-3] pid 348681:
>>>> HINT:  see pgpool log for details
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [46-1] pid 348612:
>>>> DEBUG:  reaper handler
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [47-1] pid 348612:
>LOG:
>>>> child process with pid: 348681 exits with status 512
>>>>
>>>> Protocol Major and Minor numbers look strange and why the database
>name
>>>>
>>>> and user name are empty? Did it fail to read the incoming packet
>for
>>>> some
>>>> reason? The connection was local but thru TCP/IP network interface.
>>>> Linux
>>>> firewall was used but same ports were open on both clusters.
>SELinux is
>>>> in
>>>> use.
>>>>
>>>> Psql client responds like this:
>>>>
>>>> psql: error: could not connect to server: server closed the
>connection
>>>> unexpectedly
>>>>         This propably means the server terminated abnormally
>>>>         before or while processing the request.
>>>>
>>>>
>>>> Here is my pool_hba.conf:
>>>>
>>>> local   all         all                               trust
>>>> host    all         all         127.0.0.1/32          trust
>>>> host    all         all         ::1/128               trust
>>>> host    all         pgpool      samenet               scram-sha-256
>>>> host    all         postgres    samenet               scram-sha-256
>>>>
>>>> My pool_passwd looks like this:
>>>>
>>>> postgres:AESmyencryptedpassword==
>>>> pgpool:AESmyencryptedpassword==
>>>>
>>>> The psql command was as follows and the password was correct:
>>>>
>>>> $ psql -h x.x.x.x postgres pgpool -w
>>>>
>>>> So, something is different on our RHEL but what?
>>>>
>>>> Best regards,
>>>>   Anssi
>>>> _______________________________________________
>>>> pgpool-general mailing list
>>>> pgpool-general at pgpool.net
>>>> http://www.pgpool.net/mailman/listinfo/pgpool-general
>>
>>
>> -- 
>> Bo Peng <pengbo at sraoss.co.jp>
>> SRA OSS, Inc. Japan
>>
>
>-- 
>anssi at iki.fi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20200920/a30331bc/attachment.html>

More information about the pgpool-general mailing list