Return-Path: Delivered-To: apmail-cassandra-user-archive@www.apache.org Received: (qmail 53998 invoked from network); 14 Dec 2010 09:16:11 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 14 Dec 2010 09:16:11 -0000 Received: (qmail 37243 invoked by uid 500); 14 Dec 2010 09:16:09 -0000 Delivered-To: apmail-cassandra-user-archive@cassandra.apache.org Received: (qmail 37069 invoked by uid 500); 14 Dec 2010 09:16:09 -0000 Mailing-List: contact user-help@cassandra.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@cassandra.apache.org Delivered-To: mailing list user@cassandra.apache.org Received: (qmail 37061 invoked by uid 99); 14 Dec 2010 09:16:08 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Dec 2010 09:16:08 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [208.113.200.5] (HELO homiemail-a42.g.dreamhost.com) (208.113.200.5) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Dec 2010 09:16:00 +0000 Received: from homiemail-a42.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a42.g.dreamhost.com (Postfix) with ESMTP id 79A6768C05F for ; Tue, 14 Dec 2010 01:15:34 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=thelastpickle.com; h=content-type :mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; q=dns; s= thelastpickle.com; b=NamxyGJBO3rjKihE8Vcc9zm4awBlXs9RCvb5/CyO2IQ rNskzmrG8IDil8yjkWJQpal6rYQ7A84+USKWrw++wr3GZUftlmLyoAX5s284wG/3 EdhpFZYtoX7cnnFEmuRwO21QqheMfgzu8UPnOipcS1YxdutY0ih+qVjtXL8YkVo0 = DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=thelastpickle.com; h= content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; s= thelastpickle.com; bh=FVtvNaeTSJtZVbCDr8YYXCG4mDQ=; b=X+hU7I9ChC BTNLSCsdpBxXinLBGT6WDbx54qJveJ+V6MbyuSYGlw9s7vUHZnM+R5PWY42IM+Rw j3UACV3YEnZHxXsi4n1pNduJ18h8nWSDhsdbQzk+BcnFASP+azYgQB9TinIFbELE NyZZrKYnrry9HfLFWJrALBdTYhZg3zE/Q= Received: from [10.0.1.155] (121-73-157-230.cable.telstraclear.net [121.73.157.230]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: aaron@thelastpickle.com) by homiemail-a42.g.dreamhost.com (Postfix) with ESMTPSA id E14AC68C070 for ; Tue, 14 Dec 2010 01:15:33 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v1082) Subject: Re: Dual NIC server problems From: aaron morton In-Reply-To: Date: Tue, 14 Dec 2010 22:15:30 +1300 Content-Transfer-Encoding: quoted-printable Message-Id: <3998F2A7-EA3E-48EF-9893-EF21A052FFC8@thelastpickle.com> References: To: user@cassandra.apache.org X-Mailer: Apple Mail (2.1082) X-Virus-Checked: Checked by ClamAV on apache.org The code for nodetool appears to just pass the host value through to the = NodeProbe. Was there anything else in the stack trace ?=20 If you use the host name of the machine rather than ip what happens? cassandra-env.sh includes a link to this page about getting JMX running = with firewalls = http://blogs.sun.com/jmxetc/entry/troubleshooting_connection_problems_in_j= console=20 Perhaps the info on java.rmi.server.hostname may be helpful=20 Hope that helps. Aaron On 14 Dec 2010, at 21:36, Arjan van Ham wrote: >=20 > I have a cluster with three nodes, version 0.7.0 RC2. Each node has = dual NIC's, eth0 to the internet and eth1 to a private network = (192.168.1.xxx). The outside NIC on each node is frewalled using = iptables, only port 22 is allowed through. My cassandra.yaml = configuration file refers only to the internal hostnames that resolve to = 192.168.1.xxx addresses. >=20 > Most of my Cassandra installation works fine, except for a few = nodetool commands. It seems that they are trying to access the servers = over the outside (firewalled) NIC and thus fail. If I disable the = firewall they work fine.=20 >=20 > For example: >=20 > [cassandra@node11 ~]$ nodetool -h 192.168.1.153 decommission > Error connecting to remote JMX agent! > java.rmi.ConnectException: Connection refused to host: 72.52.199.70; = nested exception is:=20 > java.net.ConnectException: Connection timed out > at = sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:601) > at = sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:198) > at = sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:184) > at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:110) > at = javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source) > at = javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2= 327) > at = javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:279) > at = javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.ja= va:248) > at = org.apache.cassandra.tools.NodeProbe.connect(NodeProbe.java:115) > at = org.apache.cassandra.tools.NodeProbe.(NodeProbe.java:91) >=20 >=20 > And if I disable the firewall on the remote node it works right away. >=20 >=20 > Any ideas anyone? >=20 > Thanks.