i have trouble setting up a JMeter client to connect to a remote JMeter server over an intermediate jumphost.
Especially which ports need to be open and forwarded to which host and how to configure JMeter for that. Apparently there are some blog posts about similar setups but neither describes the ports in detail nor do the connect over an external host (all use localhost?).
The setups is:
JMeter GUI(client) <-> Jumphost <-> JMeter Server
I need to setup one or more SSH Tunnels on the Jumphost and tell the Client and server to connect to this host.
Help will be much appreciated!
http://rolfje.wordpress.com/2012/02/16/distributed-jmeter-through-vpn-and-ssl/
Here I see ports in the article:
-A RH-Firewall-1-INPUT -p udp -m udp --dport 1099 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 1099 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 50000 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 50000 -j ACCEPT
Tried with Java 8
1. Client - modify jmeter.properties file adding:
remote_hosts=127.0.0.1:55511
client.rmi.localport=55512
2. Server - modify jmeter.properties file adding:
server_port=55511
server.rmi.localhostname=127.0.0.1
server.rmi.localport=55511
3. Connect to the server using:
Linux and Mac users
ssh solr#server -L 55511:127.0.0.1:55511 -R 55512:127.0.0.1:55512
Windows users
putty.exe -ssh user#server -L 55511:127.0.0.1:55511 -R 55512:127.0.0.1:55512
4. Server - start jmeter
cd apache-jmeter-2.13/bin/
./jmeter-server -Djava.rmi.server.hostname=127.0.0.1
5. Client - start jmeter
cd apache-jmeter-2.13/bin/
./jmeter.sh -Djava.rmi.server.hostname=127.0.0.1 -t test.jmx
Related
After a fresh install of RabbitMQ server on CentOs 7.7
I can reach the :15672 port from localhost
curl -i http://localhost:15672
HTTP/1.1 200 OK
But i cant reach the web interface from external ips
curl -i http://serverRemoteIp:15672
curl: (7) Failed connect to serverRemoteIp:15672; Connection timed out
the server is remote, so i need access from remote ips
any idea?
First, yesterday I exec this on my server
sudo iptables -A INPUT -p tcp -m tcp --dport 15672 -j ACCEPT
and the problem continue. Yoday I run:
iptables -I INPUT 1 -p tcp --dport 15672 -j ACCEPT
service iptables save
service iptables restart
and works!!
I have a problem with an NFS server. I basically have to boot an embedded processor from NFS.
On an ubuntu machine I simply put the filesystem in /tftpboot,
added in /etc/exports this line:
/tftpboot *(rw,no_root_squash,no_all_squash,sync)
then I executed the commands:
sudo /usr/sbin/exportfs -av
sudo /etc/init.d/nfs-server restart
but on the embedded processor I get this error:
Looking up port of RPC 100003/2 on 192.168.2.11
Looking up port of RPC 100005/1 on 192.168.2.11
VFS: Unable to mount root fs via NFS, trying floppy.
VFS: Cannot open root device "nfs" or unknown-block(2,0)
Please append a correct "root=" boot option
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(2,0)
in particular the lines
Looking up port of RPC 100003/2 on 192.168.2.11
Looking up port of RPC 100005/1 on 192.168.2.11
make me think that the problem is in the configuration of the NFS server, anybody can help me?
I had today exactly the same problem with an old embedded device and an NFS Server installed on SUSE Leap.
I sniffed the communication with Wireshark and it gave me an idea of what went wrong.
In my case the problem had to do with "iptable filter" and "NFS server version":
Configure iptables to open the NFS related ports at the NFS server side
My device only supported version 2 of NFS, and SUSE NFS server was configured by default to support v3 and v4.
To solve 1:
You can check post
Iptables Rules for NFS Server and NFS Client
sudo iptables -A INPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p udp -m multiport --dports 10053,111,2049,32769,875,892,20048,950 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p tcp -m multiport --dports 10053,111,2049,32803,875,892,20048,950 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p udp -m multiport --sports 10053,111,2049,32769,875,892,20048,950 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p tcp -m multiport --sports 10053,111,2049,32803,875,892,20048,950 -m state --state ESTABLISHED -j ACCEPT
To solve 2 You can check:
https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-nfs.html#sec-nfs-configuring-nfs-server
Enable NFS version 2 on the server by modifying /etc/sysconfig/nfs by setting:
NFSD_OPTIONS="-V2"
MOUNTD_OPTIONS="-V2
I hope it helps someone, i lost some hours with this issue
I add a screenshot of problem 2 which was found because of wireshark capture:
I'm trying to (remotely) connect to the E3372's (Huawei LTE stick) WebInterface...
The E3372 is recognised by my RaspberryPi as "12d1:14dc Huawei Technologies Co., Ltd." - so it seems to be in HiLink-mode. Good.
using
> ifconfig
I see that the stick uses eth1 / 192.126.8.100
and the WebInterface's web-server is supposed to run on 192.168.8.1...
To verify this, on the Pi (from PC using ssh to eth0 with a DHCP-assigned IP-address of 192.168.10.123) I can e.g. query (read) the starting-page of the E3372's WebInterface using:
> curl 192.168.8.1/html/home.html
...so obviously the web-server is up-and-running!
Now I try to forward connections on eth0's port=80 (192.168.10.123:80) to 192.168.8.1:80, so I can then access the WebInterface from an external PC connected to the Pi's eth0; so I:
1) enable ip4-port-forwarding:
> sudo nano /proc/sys/net/ipv4/ip_forward
--> and change the '0' to '1'
2) use iptables to set the appropriate forwarding:
> sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to 192.168.8.1:80
> sudo iptables -A FORWARD -p tcp -d 192.168.8.1 --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Now using a browser on the PC with the URL "http://192.168.10.123" yields (after some seconds): "This site can’t be reached"...
please help! what's wrong here???
Thanks for helping!
I'm setting up a new Redis cluster on my webservers, and currently I was adding some chain rules with the iptables settings, but now I'm switching to automatically deploying through ansible.
My iptables looks like this:
1 iptables -N REDIS
2 iptables -A REDIS -s 10.0.1.11 -j ACCEPT ## Master server
3 iptables -A REDIS -s 10.0.1.10 -j ACCEPT ## Slave 01/03
4 iptables -A REDIS -j LOG --log-prefix "unauth-redis-access"
5 iptables -A REDIS -j REJECT --reject-with icmp-port-unreachable
6 iptables -I INPUT -p tcp --dport 6379 -j REDIS
In this way, I have to manually add the rule #3 to each slave server (currently there are only 3 slave servers, but it's going to be way more at some point, thus, I'm planning on automatically deploying it through ansible).
And the ansible config that I've set looks like this:
- name: Redis service
tags: ['redis']
firewalld:
service=redis
zone=internal
state=enabled
permanent=yes
- name: Redis connections
tags: ['redis']
firewalld:
source=10.0.1.0/24
port=6379/tcp
zone=internal
state=enabled
permanent=yes
notify: restart redis
I'm using my webservers' subnet as source, or should I list each webserver's ip as source?
Although when I deploy the ansible configuration, it doesn't work at all. Using iptables works just fine, but I have to switch it to firewalld due dev-env issues mentioned above.
Any ideas?
try adding immediate=yes or add a service-handler to reload firewalld.
using firewalld with permanent=yes only changes the configuration files, it doesn't install the iptables-rules
I want to make sure that the only network traffic on my linux CentOS server is my own.
All my server runs is a Tomcat instance with one servlet. This servlet takes a parameter, which is a URL to download. It will download from that url, and pass the contents back to the calling program through the usual http response.
I want to block all network traffic to this server except
1) Ability to ssh
2) Ability to download from host abc.xyz.com
3) Ability for server with IP 111.222.333.444 to download from me
Can someone please tell me the commands to do this in iptables? I tried finding this out myself but I was a bit out my depth with the lingo.
thanks
Configuring a firewall is simple, first of all select what ports you want to be open.
For example Webserver ports:
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
For example SSH port:
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
In any way your server is able to download files from other server/hosts.
3) Ability for server with IP 111.222.333.444 to download from me
I suppose that must be port 80, (or any port where the server is downloading from) if your uploading files to your website.
After these steps you need to look if the firewall is configured right:
iptables -L -n
If it's looking good then you're able to save your iptables, and restart the service.
If there is any problem configureren your firewall, please let me know.