How to synchronized time between servers? - ntpd

I tried to synchronize time between 2 machines, but unfortunately I failed to do so. I always got
"12 Jan 01:09:55 ntpdate[2477]: no server suitable for synchronization found"
error.
I suspect that the resctict option is wrong. My current setting is
# Hosts on local network are less restricted.
restrict 192.168.23.140 mask 255.255.255.252 nomodify notrap
My ntpd server is 192.168.23.140 and client server is 192.168.23.141, is it my setting correct, if not, how to set it please?

I had a similar mistake.
Make sure to open UDP port 123 on both directions.
If it is not open, you will get a "no server suitable for synchronization found" error. TCP port does not work with NTP. If you host on AWS check your security group settings.
Try commenting out all restrict options to isolate the error.
Good luck.

Related

Connection reset by peer on Azure

I have a web application running on an App Service on Azure cloud.
On the back-end I'm using a tcp connection to our database (Neo4j graph db), the best practice is to open the tcp connection and keep it alive in order to be more reactive when we perform queries.
The issue I encountered is that the database is logging the exception "Connection reset by peer";
reading on the web I found out that maybe Azure has a TCP timeout configured by default, I read it to be set up to 4 minutes, which could be my issue root cause.
Someone knows how to configure the tcp KEEP ALIVE to always for App Services on Azure?
I found on the web how to do it in Google cloud but nothing about Azure cloud.
Thank you in advance.
OaicStef
From everything I can find that is not an adjustable setting. Here is the forum link that says it will not be changing and that is a couple years old at this point. https://social.msdn.microsoft.com/Forums/en-US/32b76114-67a4-4e6b-ac45-61b0f0a0829f/changing-the-4-minute-request-time-out-for-app-services?forum=windowsazurewebsitespreview
I think you are going to have to add logic to your app that tests the connection, if it has been closed then either reopen it or create a new one. I don't know what language you are using to make any suggestions there.
Edit
I will add that the total number of TCP connections that can be open on a single App Service is about 6k, at least on the S1. Keep that in mind because if you don't have pooling on the server side or you are not disposing of those then you will exhaust that the TCP pool and you will start getting errors. I recommend you configure an alert for that.

How do I check why my internet is only half working?

My internet is only working for heavily cached sites. Reddit, Gmail, Facebook, etc. The odd thing is, sites like Reddit make queries to non-reddit sites to import the images and they pop up fine when viewing from there, but when I get sent to out.reddit.com and then if I go elsewhere to other non-heavily cached sites, I get timed out connection error.
I can't even visit SpeedTest.net because it times out. I also can't even post a question on StackExchange because of it. What could possibly be going on and how to I debug?
EDIT: I had an inclination that it had to do with Docker. I removed all traces using a powershell script and through remove programs and still didn't work.
user3654055 are friends IRL and we debugged this in person.
It's always best to start from layer 1 and work our way up.
user3654055's computer could connect to wireless networks. This tells us layers 1 and 2 are working
.
user3654055's computer received a DHCP lease. Further testing of layer 3 showed inconsistent results with pinging local IP addresses.
I ran route print to print all routes. This produced a huge amount of output.
Normal output for a Windows computer connected to a flat LAN should produce perhaps 3 routes.
user3654055 had recently installed Docker and attempted to set up a private
internal network for the containers on their PC.
user3654055 had created two virtual networks (one internal vEthernet switch, one external vEthernet switch), a NAT interface, and bridged the wireless adapter to one of those interfaces and had not set up routing correctly for any traffic.
This produced the above scenario where certain traffic was routed correctly or hit the cache and the page would load, but most traffic was routed incorrectly and resulted in a timeout.
Disabling all the vEthernet switches and the NAT interface and removing the wireless adapter from the bridge let the user use their wireless card again.
The above configuration could work if the user set up routing correctly by hand, but we can save that for a later date.
Sounds like a DNS issue...do you know what you are using as a DNS address? You could try using Google's which is 8.8.8.8 for primary and 8.8.4.4 for secondary. Failing that does it get better following a router reboot?
To debug your internet connection, I would at first check what happens with tracert.
Traceroute command shows you the path taken by your packets and its latency from hop to hop.
From console (linux) or from cmd (windows)
tracert stackoverflow.com
this shows you where you are lagging, the first entry may be your router IP. If the first entry appears with high latency try to reboot your router.
Checking for DNS Issues
Try to use nslookup. This is what you should get:
nslookup stackoverflow.com
Server: UnKnown
Address: 192.168.1.1
Risposta da un server non autorevole: //italian comment
Nome: stackoverflow.com.home
Address: 54.72.52.58
if this fails or replies with high latency try to change your DNS to Google DNS.
Primary DNS: 8.8.8.8
Secondary DNS: 8.8.4.4

VMWare on Windows - Disabling Internet for CentOS7 VM without disabling network access

I need two things:
Disabled Internet access on my VM.
Enabled local network access from my VM.
I'm currently trying to replicate a bug on my CentOS7 VM which requires that I have no direct internet access, only able to connect to the web through a proxy on my local network. I've taken two paths to this so far:
Disable the Internet on my Windows machine. Why this didn't work: My VM just...froze until the internet was turned back on. Currently considering looking into the possibility of a daemon and disabling it.
Disable Internet access only on my VM. This hasn't worked yet. It's the path I'm taking right now, but everything I've tried has done the same as the above: frozen my VM, only this time in order to get it back I need to shut it down completely and restart it. Given that I have to mount drives on it to do what I need to do, it's understandable that this is a less than ideal approach. Below are images of my NAT settings and the in-VM Network UI.
I've also gone in and turned on Airplane Mode, disabled the IPv4 and IPv6 manually, and went through all the network settings to see what there was. A Google search turned up nothing except an OSX-specific workaround which I couldn't replicate on my system.
Does anybody have any suggestions?
EDIT:
The above still applies, but I'm trying to take another route to #2. What I'd like to do is shut down all traffic to my VM except from the proxy and network. However, my network is accessible only through my host machine, so I don't want to shut my host machine out entirely, just internet coming from it. Any thoughts?
You could achieve the desired effect by disabling the nameserver configuration.
Just empty the /etc/resolv.conf file (of course after making a backup for later).

Detected if a machine is connected/Available?

How can I detect if a machine is connected/available in the present network.
It has several uses of course, but my main concern here is that my application uses resources located in specific machines and if they are not available it will not even attempt the connection and will use local resources.
you can try making a ping to the machine. check this article Making a PING with Delphi and the WMI.
ICMP echo request (PING) will tell you if the machine is up and reachable on the network. It will not tell you if the service you want to connect to is available on the machine (up and running).
Best bet would probably be to just attempt the connection and fall back to local resources if the connection fails.
Just try to use the resource and if you get an error use the local resource instead. The strategy you are trying to implement suffers from several problems including timing windows between the test and the use, during which the resource may become unavailable, and also doesn't actually test the resource for availability, only some lower-order thing like a TCP port or the ICMP echo part of the stack. In general the best way to detect whether a resource is available is just to try to use it, and recover from the failures. You have to write code to handle those failures anyway, why do it all twice?
A different strategy than trying to connect: let the server tell the clients if the services are still available, by sending UDP Broadcast or some kind of heartbeat signal over middleware (pipes?), which the clients listens to - a publish/subscribe communication model.

Datasnap Service application fails

I have created a Datasnap service, using Bob Swart's white paper as a guide. I have been debugging and deployed succesfully using the VCL Forms application as a server. But when I try to deploy the service version, it installs ok, I then try to start the service and it immediately stops. The error in the event log would suggest that the port set is already in use, I have tried different port numbers for both the TCPServerTransport and the HTTPService without any joy. The DSServer is not set to Autostart as I want to set the Port number from a configuration file. The error message displayed in the event log is:
Service failed on start: Could not bind socket. Address and port are already in use..
I have also tried writing to a log file on start up and execute but it looks as if it is not getting this far.
Solution needed asap, before I have to revert back to a thick client which I do not really want to do.
Thanks
Firstly get a copy of TCPView from the Sysinternals suite (now run by Microsoft) and use it to monitor which app is using the port you want to use.
I would hazard a guess that if the app works fine as a stand alone (as you say it does) and you are trying to use the same port in the service then perhaps the service app is opening up the port at startup without you realizing it and then when you try to open the port manually the app finds it already in use. Or somehow the app is trying to open the port twice. The first time is successful but, maybe due to an event or an unexpected code path, the app tries to open it a second time and fails. TCPView will help spot this.
If you are sure that the port you have configured is actually free and not in use by any other software on the machine, then there might be some anti-virus / security software running that is blocking all software from listening on either specific ports or on any port except a few configured ones. The message you are getting could be one of the symptoms of how the anti-virus / security software handles attempts by apps to start listening on a port.

Resources