LDAP connections only work on local subnet

To: debian-user@lists.debian.org
Subject: LDAP connections only work on local subnet
From: Joost De Cock <Joost.DeCock@astrid.be>
Date: Tue, 11 May 2004 11:57:09 +0200
Message-id: <[🔎] 200405111157.09839.Joost.DeCock@astrid.be>

Hello list,

I have a problem when connecting to an LDAP server that I can't explain.

My client (an apache webserver running woody) and 2 ldap servers (A and B) are 
located on network 1.
A third LDAP server (C) is located on another network, that is connected with 
a firewall.  Connectivity to that server is ok (I can browse our intranet 
that's hosted on it).

I can connect to LDAP server A and B, but not to C. The strange thing is that 
it doesn't even try. When I see what packets are being sent (tethereal log 
included), I can see that connecting to either A or B results in LDAP packets 
being sent over the wire. 
However, when connecting to LDAP server C, nothing happens. Not a single 
packet is sent.

Here is what it looks like on the command line and in the tethereal log. I 
changed the ip addresses. Zarquon's ip address is 10.10.10.9

zarquon:/var/www# ldapsearch -h 10.10.10.2
ldap_sasl_interactive_bind_s: No such attribute
(no delay)

zarquon:/var/www# ldapsearch -h 10.10.10.3
ldap_sasl_interactive_bind_s: Unknown authentication method
(no delay)

zarquon:/var/www# ldapsearch -h 10.100.20.2
ldap_sasl_interactive_bind_s: Can't contact LDAP server
(after a few seconds)

Here is the tethereal log (ugly due to the wrapping):

 0.000000   10.10.10.9 -> 10.10.10.2   TCP 36155 > ldap [SYN] Seq=3581423164 
Ack=0 Win=5840 Len=0
  0.001394   10.10.10.2 -> 10.10.10.9   TCP ldap > 36155 [SYN, ACK] 
Seq=1572044337 Ack=3581423165 Win=65535 Len=0
  0.001450   10.10.10.9 -> 10.10.10.2   TCP 36155 > ldap [ACK] Seq=3581423165 
Ack=1572044338 Win=5840 Len=0
...
  3.440429   10.10.10.9 -> 10.10.10.3 TCP 36156 > ldap [SYN] Seq=3575832241 
Ack=0 Win=5840 Len=0
  3.440739 10.10.10.3 -> 10.10.10.9   TCP ldap > 36156 [SYN, ACK] 
Seq=3841658316 Ack=3575832242 Win=17520 Len=0
  3.440806   10.10.10.9 -> 10.10.10.3 TCP 36156 > ldap [ACK] Seq=3575832242 
Ack=3841658317 Win=5840 Len=0
 ...

For the connection to LDAP server C, there's nothing.
Is there a logical explanation for this, or is it something I did (can't 
imagine what.)

Any pointers will be welcome as if they where Sir Lancelot in the castle of 
the virgins.

joost


DISCLAIMER
This e-mail and any attached files are confidential and may be legally privileged. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this communication is strictly prohibited. If you have received this transmission in error please notify A.S.T.R.I.D.  nv/sa immediately and then delete this e-mail.

Reply to:

Follow-Ups:
- [SOLVED] Re: LDAP connections only work on local subnet
  - From: Joost De Cock <Joost.DeCock@astrid.be>

Prev by Date: in which package ??
Next by Date: [SOLVED] Re: LDAP connections only work on local subnet
Previous by thread: Re: Suexec path wrong?
Next by thread: [SOLVED] Re: LDAP connections only work on local subnet
Index(es):
- Date
- Thread