On Wednesday 20 January 2010 11:22:40 Brian O'Mahony wrote:
> I have been running about eight cron'd rsynchs from a server in Bangalore
> to a server in Dublin daily for the last number of years, successfully.
> Recently however something strange has started to happen.
>> The synchs all fire off at the same time basically. The first synch of each
> time fails, as follows:
>>> spawn /usr/bin/rsync -av -e ssh --delete --bwlimit=0 buzz:/cvs/AppDev/
is now a good time to ask why you're using expect instead of ssh keys?
>> ssh_exchange_identification: Connection closed by remote host rsync:
> connection unexpectedly closed (0 bytes read so far) rsync error: error in
> rsync protocol data stream (code 12) at io.c(165)
This means that the remote side accepted the TCP connection, and then closed
it without sending the SSH banner (e.g. "SSH-2.0-OpenSSH_5.1 moo").
> send: spawn id exp3 not open
>> while executing
>> "send "<password>\r""
>> (file "/root/cvssync" line 6)
That's collateral damage.
>> The next cronjob email I get, which is twelve seconds later, completes. If
> I run it manually it completes. If I change the first cronjob in the list,
> that is the one that fails.
>> Anyone have any ideas?
I'll bet the receiving server is doing a tcpwrappers check. I'll guess your
hosts.deny says to be unfriendly, and /etc/hosts.allow says:
When you connect from bangalore, tcpwrappers does the rough equivalent of:
dig -x 220.127.116.11 (which hopefully says server.bangalore.in)
dig server.bangalore.in (which hopefully says 18.104.22.168)
One of these DNS requests is probably failing. When the DNS lookup is
retried, the cached results from the first previous query allow the lookup to
complete. The problem may be with the DNS registration itself -- some of the
NS servers in the chain may fail to respond (squish.net has a nice checker).
You may also have a poor or incorrect nameserver configured in resolv.conf.
You can use an IP address in hosts.allow, check your DNS server, create a
/etc/hosts entry :) or hack it by making a connection to almost any port that
will trigger a reverse DNS check.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!