[pgpool-general: 7303] Re: No TCP/IP connection to Pgpool on RHEL 8.2
Anssi Kanninen
anssi at iki.fi
Tue Sep 22 21:25:43 JST 2020
Oh yes...
Thank you very much, this may solve the whole problem.
On Tue, 22 Sep 2020, Tatsuo Ishii wrote:
> Yes, Major = 1234, Minor = 5680 means GSSAPI authentication request.
> Unfortunately Pgpool-II does not support GSSAPI (yet).
>
> Best regards,
> --
> Tatsuo Ishii
> SRA OSS, Inc. Japan
> English: http://www.sraoss.co.jp/index_en.php
> Japanese:http://www.sraoss.co.jp
>
>> Could it be something to do with GSSAPI authentication? We are not
>> using it with DB connections. With root user, it doesn't inform about
>> it. As a regular user, psql gives us a GSSAPI authentication error.
>>
>> On Tue, 22 Sep 2020, Anssi Kanninen wrote:
>>
>>> Update: It works if the client running psql is root or postgres. If it
>>> is a regular user, the connection fails.
>>>
>>> On Sun, 20 Sep 2020, Anssi Kanninen wrote:
>>>
>>>> Customer's network engineers are also investigating this for a
>>>> possible firewall rule problem.
>>>> On 18 September 2020 11:31:41 EEST, Anssi Kanninen <anssi at iki.fi>
>>>> wrote:
>>>> Thank you!
>>>> Here is some more info. I made some comparison of the TCP traffic when
>>>> connected to Pgpool or straight to PostgreSQL.
>>>> See attachments:
>>>> * cmd-pgpool.txt
>>>> The command and response when connected to Pgpool.
>>>> * tcpdump-pgpool.txt
>>>> A dump of TCP traffic to/from PgPool port when executed the command
>>>> above.
>>>> * cmd-postgres.txt
>>>> The command and response when connected straight to PostgreSQL.
>>>> * tcpdump-postgres.txt
>>>> A dump of TCP traffic to/from PostgreSQL port when executed the
>>>> command above.
>>>> Strangely, it seems that the database name and user name never reached
>>>> Pgpool.
>>>> Hope this helps,
>>>> - Anssi
>>>> On Fri, 18 Sep 2020, Bo Peng wrote:
>>>> Hi,
>>>> Thank you for reporting this issue.
>>>> I am going to look into this one.
>>>> On Fri, 18 Sep 2020 02:47:24 +0300
>>>> Anssi Kanninen <anssi at iki.fi> wrote:
>>>> Software versions are the same on both systems:
>>>> PostgreSQL 12.2
>>>> Pgpool 4.1.3
>>>> On 18 September 2020 02:31:11 EEST, Anssi Kanninen <anssi at iki.fi>
>>>> wrote:
>>>> Hello,
>>>> My Pgpool doesn't work on RHEL 8.2.
>>>> Eveythins runs smoothly on my Centos 8.1.1911 virtual machines but
>>>> when
>>>> I
>>>> transfer the same Pgpool/PostgreSQL configuration to customer's RHEL
>>>> 8.2,
>>>> I can not connect to Pgpool via TCP/IP.
>>>> Here is a clip of my log on Centos when I successfully fail to
>>>> authenticate (x.x.x.x is a wrong interface, so this error is
>>>> expected).
>>>> So, "user" and "database" are show in the log.
>>>> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-1] pid 6616: ERROR: failed
>>>> to authenticate
>>>> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-2] pid 6616: DETAIL: no
>>>> pg_hba.conf entry for host "x.x.x.x", user "pgpool", database
>>>> "postgres", SSL off
>>>> Here is log of successful connection. Protocol Major is 3 and Minor is
>>>> 0.
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-1] pid 27853: DEBUG:
>>>> reading startup packet
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-2] pid 27853: DETAIL:
>>>> application_name: psql
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-1] pid 27853: DEBUG:
>>>> reading startup packet
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-2] pid 27853: DETAIL:
>>>> Protocol Major: 3 Minor: 0 database: postgres user: pgpool
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-2] pid 27853: DETAIL:
>>>> connecting 0 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-2] pid 27853: DETAIL:
>>>> connecting 1 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-1] pid 27853: DEBUG:
>>>> creating new connection to backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-2] pid 27853: DETAIL:
>>>> connecting 2 backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-1] pid 27853: DEBUG:
>>>> authentication backend
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-2] pid 27853: DETAIL:
>>>> auth kind:10
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-1] pid 27853: DEBUG:
>>>> authentication backend 0
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-2] pid 27853: DETAIL:
>>>> trying SCRAM authentication
>>>> Sep 18 02:07:28 centos8i1 pgpool[27853]: [33-1] pid 27853: DEBUG:
>>>> SCRAM authentication successful for backend 0
>>>> So, the above works.
>>>> But then I transfer the same configuration to the customer's RHEL 8.2,
>>>> the
>>>> same connection attempt shows this:
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [262-1] pid 348681:
>>>> DEBUG: I am 348681 accept fd 8
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-1] pid 348681:
>>>> DEBUG: reading startup packet
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-2] pid 348681:
>>>> DETAIL: Protocol Major: 1234 Minor: 5680 database: user:
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-1] pid 348681:
>>>> FATAL: client authentication failed
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-2] pid 348681:
>>>> DETAIL: no pool_hba.conf entry for host "x.x.x.x", user "", database
>>>> "", SSL off
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-3] pid 348681:
>>>> HINT: see pgpool log for details
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [46-1] pid 348612:
>>>> DEBUG: reaper handler
>>>> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [47-1] pid 348612: LOG:
>>>> child process with pid: 348681 exits with status 512
>>>> Protocol Major and Minor numbers look strange and why the database
>>>> name
>>>> and user name are empty? Did it fail to read the incoming packet for
>>>> some
>>>> reason? The connection was local but thru TCP/IP network interface.
>>>> Linux
>>>> firewall was used but same ports were open on both clusters. SELinux
>>>> is
>>>> in
>>>> use.
>>>> Psql client responds like this:
>>>> psql: error: could not connect to server: server closed the connection
>>>> unexpectedly
>>>> This propably means the server terminated abnormally
>>>> before or while processing the request.
>>>> Here is my pool_hba.conf:
>>>> local all all trust
>>>> host all all 127.0.0.1/32 trust
>>>> host all all ::1/128 trust
>>>> host all pgpool samenet scram-sha-256
>>>> host all postgres samenet scram-sha-256
>>>> My pool_passwd looks like this:
>>>> postgres:AESmyencryptedpassword==
>>>> pgpool:AESmyencryptedpassword==
>>>> The psql command was as follows and the password was correct:
>>>> $ psql -h x.x.x.x postgres pgpool -w
>>>> So, something is different on our RHEL but what?
>>>> Best regards,
>>>> Anssi
>>>> ______________________________________________________________________________________________________________
>>>> pgpool-general mailing list
>>>> pgpool-general at pgpool.net
>>>> http://www.pgpool.net/mailman/listinfo/pgpool-general
>>>> --
>>>> Bo Peng <pengbo at sraoss.co.jp>
>>>> SRA OSS, Inc. Japan
>>>>
>>>
>>> --
>>> anssi at iki.fi
>>> _______________________________________________
>>> pgpool-general mailing list
>>> pgpool-general at pgpool.net
>>> http://www.pgpool.net/mailman/listinfo/pgpool-general
>>>
>>
>> --
>> anssi at iki.fi
>> _______________________________________________
>> pgpool-general mailing list
>> pgpool-general at pgpool.net
>> http://www.pgpool.net/mailman/listinfo/pgpool-general
>
--
anssi at iki.fi
More information about the pgpool-general
mailing list