Hello, Here is the context during the problem occurs :
We have a new machine running on centos 8.From this machine, we restore a postgresql dump on an other machine runnning on centos 7.After several hoursof running, restore fails due to a disconnection (no route to host).But, if we disable the firewall on centos 8, restore succeed. Before having this new centos 8 machine, we had a centos 7 machine and all worked fine with firewall activated.
Has anyboby an ideas, clues or something else? Thanks,
Thomas Poty
Hello, Here is the context during the problem occurs :
We have a new machine running on centos 8.From this machine, we restore a postgresql dump on an other machine runnning on centos 7.After several hoursof running, restore fails due to a disconnection (no route to host).But, if we disable the firewall on centos 8, restore succeed. Before having this new centos 8 machine, we had a centos 7 machine and all worked fine with firewall activated.
Are you really sure it happens because of the firewall? Anything in the logs indicating it happens because firewalld fiddles with something? I gues by firewall you mean firewalld.
Usually such situations can come from NetworkManager with its default configuration. If, for some reason, an ethernet device looses link for a short time, NetworkManager is eager to bring down the interface and the result is the nice "no route to host" situation. To prevent NM from "helping" you in this situation, you have to install the server subpackage from NM - or get rid of it :-)
Regards, Simon
Thanks Simon, Of course we are not sure but we have a strong feeling : - We tried the restore in loop (14) and all worked fine when firewall is disabled.- We tried the restore several times but no more 2 succeed restore at a row when firewall is enabled. We also tried :
- - iptables avec nftables en backend - - firewalld avec nftables en backend - - nft avec nftables en backend - but no improvment.
We would want to try "iptables with netfilter" this but we have not find how to switch to. Do you think server subpackage of NM is a track to follow? Thanks
Thomas Poty
Le mercredi 6 mai 2020 à 18:02:48 UTC+2, Simon Matter simon.matter@invoca.ch a écrit :
Hello, Here is the context during the problem occurs :
We have a new machine running on centos 8.From this machine, we restore a postgresql dump on an other machine runnning on centos 7.After several hoursof running, restore fails due to a disconnection (no route to host).But, if we disable the firewall on centos 8, restore succeed. Before having this new centos 8 machine, we had a centos 7 machine and all worked fine with firewall activated.
Are you really sure it happens because of the firewall? Anything in the logs indicating it happens because firewalld fiddles with something? I gues by firewall you mean firewalld.
Usually such situations can come from NetworkManager with its default configuration. If, for some reason, an ethernet device looses link for a short time, NetworkManager is eager to bring down the interface and the result is the nice "no route to host" situation. To prevent NM from "helping" you in this situation, you have to install the server subpackage from NM - or get rid of it :-)
Regards, Simon
Hi,
Thanks Simon, Of course we are not sure but we have a strong feeling :
- We tried the restore in loop (14) and all worked fine when firewall is
disabled.- We tried the restore several times but no more 2 succeed restore at a row when firewall is enabled. We also tried :
- iptables avec nftables en backend
- firewalld avec nftables en backend
- nft avec nftables en backend
- but no improvment.
We would want to try "iptables with netfilter" this but we have not find how to switch to. Do you think server subpackage of NM is a track to follow?
Hi,
I suggest to try it at least as it's so easy:
yum/dnf install NetworkManager-config-server
Regards, Simon
Hi,We have tried : - with and without NetworkManager-config-server- with and without NetworkManagerbut result is still the same : we get disconnection :-/ We will try with the last kernel. anybody has a track to explore ? Thanks
Thomas Poty
Le jeudi 7 mai 2020 à 10:36:33 UTC+2, Simon Matter simon.matter@invoca.ch a écrit :
Hi,
Thanks Simon, Of course we are not sure but we have a strong feeling :
- We tried the restore in loop (14) and all worked fine when firewall is
disabled.- We tried the restore several times but no more 2 succeed restore at a row when firewall is enabled. We also tried :
- - iptables avec nftables en backend - - firewalld avec nftables en backend - - nft avec nftables en backend - but no improvment.
We would want to try "iptables with netfilter" this but we have not find how to switch to. Do you think server subpackage of NM is a track to follow?
Hi,
I suggest to try it at least as it's so easy:
yum/dnf install NetworkManager-config-server
Regards, Simon