Skip to main content

Hello everyone,

I have one client that will not connect to Comm Cell server for backups or updates.

The install appears health and running fine...i

The server is  a Centos Linux 7.9 server running V11 Linux agent.

The following ports are open in iptables 8400, 8401, 8403 and 8600..

cvping outbound from the server can connect Comm cell on all the ports list above.

However inbound connections using cvping to the client fail on 8401 and 8403.

DNS is working correctly and there are no network firewalls between the two servers.

The cvd.log has a error: failed to open socket 

and one more thing strange  about this  client install is that uses the severs is displaying the uname  -a name in commvault Vs. the OS name CENTOS 7.

Any help will be greatly appreciated. 

Hi @LarryM 

Thanks for the update and confirmation of the resolution, I’ll go ahead and mark your post as best answer to close off this thread.

Thanks,

Stuart


Thanks Stuart and Pearl for your help. 

After doing all those steps it turned out to a iptables issue. 

I’m not a admin (root) on the Linux client so I had to go off what the Admin told me about this server. 

After going through all the step listed… it was suggested that we just drop iptable for a second to see if the client could connect to commvault server. 

They agreed and once the iptables were stopped the client connected to Comm Cell server and I was able to push updates and ran a quick back up.

Root Cause: Iptables misconfigured….they were using CIDR notations in the iptables rule and some of the commvault IP addresses were not part of those subnet ranges. 

 

Thanks for the help gentlemen 

Larry 

 


Hi @LarryM, Additional to what @Stuart Painter said,

→ Please check the CvNetChk.log on the commserve server when you are performing the check readiness on the client which will give additional information on the connectivity error.

→ If the ports are actually not connecting, the ports could be used by another service or the service itself not running on the ports. So check the #netstat -anp | grep <port_numbers>, #lsof -i :8403, #cat /etc/services | grep cvd and #cat /etc/services | grep cvfwd

→ Also check if there is any orphan commvault process using the ports, #ps -ef | grep commvault


Hi @LarryM 

We need to ensure that Communication is successful in both directions, CommServe/MA --> Client and also Client --> CommServe/MA. Try performing a Check Readiness for the client that will test necessary comms.

You mention DNS is good, but it’s worth checking things like hosts files to ensure that the name is properly resolving to the expected client/IP.

There may be network rules in place to direct traffic over specific and different tunnel ports, that may be blocked.

Please take a look at Network Routes for the client, CommServe and MA to see if some other connectivity is configured.

Network Routes: Frequently Asked Questions has some good resources to check configuration

You can also use Checking Network Connectivity Using the Network Test Tool to try and identify which piece of the puzzle is missing.

Thanks,

Stuart

 


Reply