(RADIATOR) Cisco CSS, ERR: Could not accept on Tacacs listen socket: Software caused connection abort
Ulf Fischer
ulf.fischer at de.easynet.net
Fri Oct 6 11:38:12 CDT 2006
Hi Hugh,
i didn't see any extra informations with trace 5:
Fri Oct 6 15:54:48 2006: ERR: Could not accept on Tacacs listen socket: Software caused connection abort
Fri Oct 6 15:55:17 2006: INFO: Trace level changed to 5
Fri Oct 6 15:55:17 2006: INFO: Trace level increased to 5
Fri Oct 6 15:55:49 2006: ERR: Could not accept on Tacacs listen socket: Software caused connection abort
this is how one CSS keepalive session (4 frames) looks like with tcpdump:
16:05:59.251614 IP (tos 0x0, ttl 64, id 17838, offset 0, flags [none], length: 48) 192.168.0.101.11608 > 192.168.0.5.tacacs: S [tcp sum ok] 1652473597:1652473597(0) win 8760 <mss 1460,eol>
0x0000: 4500 0030 45ae 0000 4006 b35f c0a8 0065 E..0E... at .._...e
0x0010: c0a8 0005 2d58 0031 627e befd 0000 0000 ....-X.1b~......
0x0020: 7002 2238 952a 0000 0204 05b4 0000 0000 p."8.*..........
16:05:59.251757 IP (tos 0x0, ttl 64, id 40664, offset 0, flags [DF], length: 44) 192.168.0.5.tacacs > 192.168.0.101.11608: S [tcp sum ok] 3118298695:3118298695(0) ack 1652473598 win 65535 <mss 1460>
0x0000: 4500 002c 9ed8 4000 4006 1a39 c0a8 0005 E..,.. at .@..9....
0x0010: c0a8 0065 0031 2d58 b9dd 7647 627e befe ...e.1-X..vGb~..
0x0020: 6012 ffff 9730 0000 0204 05b4 `....0......
16:05:59.252223 IP (tos 0x0, ttl 64, id 17839, offset 0, flags [none], length: 40) 192.168.0.101.11608 > 192.168.0.5.tacacs: . [tcp sum ok] 1:1(0) ack 1 win 8760
0x0000: 4500 0028 45af 0000 4006 b366 c0a8 0065 E..(E... at ..f...e
0x0010: c0a8 0005 2d58 0031 627e befe b9dd 7648 ....-X.1b~....vH
0x0020: 5010 2238 8cb5 0000 0204 05b4 0000 P."8..........
16:05:59.252424 IP (tos 0x0, ttl 64, id 17840, offset 0, flags [none], length: 40) 192.168.0.101.11608 > 192.168.0.5.tacacs: R [tcp sum ok] 1:1(0) ack 1 win 8760
0x0000: 4500 0028 45b0 0000 4006 b365 c0a8 0065 E..(E... at ..e...e
0x0010: c0a8 0005 2d58 0031 627e befe b9dd 7648 ....-X.1b~....vH
0x0020: 5014 2238 8cb1 0000 0204 05b4 0000 P."8..........
here you get also a dump with tethereal that is much more detailed i think:
Frame 1 (62 bytes on wire, 62 bytes captured)
Arrival Time: Oct 6, 2006 16:02:56.248875000
Time delta from previous packet: 0.000000000 seconds
Time since reference or first frame: 0.000000000 seconds
Frame Number: 1
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: 00:17:59:8b:04:4e, Dst: 00:30:05:28:a2:ed
Destination: 00:30:05:28:a2:ed (FujitsuS_28:a2:ed)
Source: 00:17:59:8b:04:4e (00:17:59:8b:04:4e)
Type: IP (0x0800)
Internet Protocol, Src Addr: 192.168.0.101 (192.168.0.101), Dst Addr: 192.168.0.5 (192.168.0.5)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0x45a5 (17829)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xb368 (correct)
Source: 192.168.0.101 (192.168.0.101)
Destination: 192.168.0.5 (192.168.0.5)
Transmission Control Protocol, Src Port: 11605 (11605), Dst Port: tacacs (49), Seq: 0, Ack: 0, Len: 0
Source port: 11605 (11605)
Destination port: tacacs (49)
Sequence number: 0 (relative sequence number)
Header length: 28 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 8760
Checksum: 0x517c (correct)
Options: (8 bytes)
Maximum segment size: 1460 bytes
EOL
0000 00 30 05 28 a2 ed 00 17 59 8b 04 4e 08 00 45 00 .0.(....Y..N..E.
0010 00 30 45 a5 00 00 40 06 b3 68 c0 a8 00 65 c0 a8 .0E... at ..h...e..
0020 00 05 2d 55 00 31 7d 74 e7 b8 00 00 00 00 70 02 ..-U.1}t......p.
0030 22 38 51 7c 00 00 02 04 05 b4 00 00 00 00 "8Q|..........
Frame 2 (58 bytes on wire, 58 bytes captured)
Arrival Time: Oct 6, 2006 16:02:56.248947000
Time delta from previous packet: 0.000072000 seconds
Time since reference or first frame: 0.000072000 seconds
Frame Number: 2
Packet Length: 58 bytes
Capture Length: 58 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: 00:30:05:28:a2:ed, Dst: 00:17:59:8b:04:4e
Destination: 00:17:59:8b:04:4e (00:17:59:8b:04:4e)
Source: 00:30:05:28:a2:ed (FujitsuS_28:a2:ed)
Type: IP (0x0800)
Internet Protocol, Src Addr: 192.168.0.5 (192.168.0.5), Dst Addr: 192.168.0.101 (192.168.0.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 44
Identification: 0x6079 (24697)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x5898 (correct)
Source: 192.168.0.5 (192.168.0.5)
Destination: 192.168.0.101 (192.168.0.101)
Transmission Control Protocol, Src Port: tacacs (49), Dst Port: 11605 (11605), Seq: 0, Ack: 1, Len: 0
Source port: tacacs (49)
Destination port: 11605 (11605)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 24 bytes
Flags: 0x0012 (SYN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xacaf (correct)
Options: (4 bytes)
Maximum segment size: 1460 bytes
SEQ/ACK analysis
This is an ACK to the segment in frame: 1
The RTT to ACK the segment was: 0.000072000 seconds
0000 00 17 59 8b 04 4e 00 30 05 28 a2 ed 08 00 45 00 ..Y..N.0.(....E.
0010 00 2c 60 79 40 00 40 06 58 98 c0 a8 00 05 c0 a8 .,`y at .@.X.......
0020 00 65 00 31 2d 55 c4 23 12 d4 7d 74 e7 b9 60 12 .e.1-U.#..}t..`.
0030 ff ff ac af 00 00 02 04 05 b4 ..........
Frame 3 (60 bytes on wire, 60 bytes captured)
Arrival Time: Oct 6, 2006 16:02:56.249428000
Time delta from previous packet: 0.000481000 seconds
Time since reference or first frame: 0.000553000 seconds
Frame Number: 3
Packet Length: 60 bytes
Capture Length: 60 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: 00:17:59:8b:04:4e, Dst: 00:30:05:28:a2:ed
Destination: 00:30:05:28:a2:ed (FujitsuS_28:a2:ed)
Source: 00:17:59:8b:04:4e (00:17:59:8b:04:4e)
Type: IP (0x0800)
Trailer: 020405B40000
Internet Protocol, Src Addr: 192.168.0.101 (192.168.0.101), Dst Addr: 192.168.0.5 (192.168.0.5)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x45a6 (17830)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xb36f (correct)
Source: 192.168.0.101 (192.168.0.101)
Destination: 192.168.0.5 (192.168.0.5)
Transmission Control Protocol, Src Port: 11605 (11605), Dst Port: tacacs (49), Seq: 1, Ack: 1, Len: 0
Source port: 11605 (11605)
Destination port: tacacs (49)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 8760
Checksum: 0xa234 (correct)
SEQ/ACK analysis
This is an ACK to the segment in frame: 2
The RTT to ACK the segment was: 0.000481000 seconds
0000 00 30 05 28 a2 ed 00 17 59 8b 04 4e 08 00 45 00 .0.(....Y..N..E.
0010 00 28 45 a6 00 00 40 06 b3 6f c0 a8 00 65 c0 a8 .(E... at ..o...e..
0020 00 05 2d 55 00 31 7d 74 e7 b9 c4 23 12 d5 50 10 ..-U.1}t...#..P.
0030 22 38 a2 34 00 00 02 04 05 b4 00 00 "8.4........
Frame 4 (60 bytes on wire, 60 bytes captured)
Arrival Time: Oct 6, 2006 16:02:56.249630000
Time delta from previous packet: 0.000202000 seconds
Time since reference or first frame: 0.000755000 seconds
Frame Number: 4
Packet Length: 60 bytes
Capture Length: 60 bytes
Protocols in frame: eth:ip:tcp
Ethernet II, Src: 00:17:59:8b:04:4e, Dst: 00:30:05:28:a2:ed
Destination: 00:30:05:28:a2:ed (FujitsuS_28:a2:ed)
Source: 00:17:59:8b:04:4e (00:17:59:8b:04:4e)
Type: IP (0x0800)
Trailer: 020405B40000
Internet Protocol, Src Addr: 192.168.0.101 (192.168.0.101), Dst Addr: 192.168.0.5 (192.168.0.5)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x45a7 (17831)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xb36e (correct)
Source: 192.168.0.101 (192.168.0.101)
Destination: 192.168.0.5 (192.168.0.5)
Transmission Control Protocol, Src Port: 11605 (11605), Dst Port: tacacs (49), Seq: 1, Ack: 1, Len: 0
Source port: 11605 (11605)
Destination port: tacacs (49)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0014 (RST, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 8760
Checksum: 0xa230 (correct)
SEQ/ACK analysis
0000 00 30 05 28 a2 ed 00 17 59 8b 04 4e 08 00 45 00 .0.(....Y..N..E.
0010 00 28 45 a7 00 00 40 06 b3 6e c0 a8 00 65 c0 a8 .(E... at ..n...e..
0020 00 05 2d 55 00 31 7d 74 e7 b9 c4 23 12 d5 50 14 ..-U.1}t...#..P.
0030 22 38 a2 30 00 00 02 04 05 b4 00 00 "8.0........
regards,
ulf
Hugh Irvine schrieb:
>
> Hello Ulf -
>
> We have not seen this before, so could you please send us a copy of your
> configuration file and a trace 4 debug showing what is happening?
>
> We'll take a look and see if we can add support for this message type.
>
> thanks and regards
>
> Hugh
>
>
> On 5 Oct 2006, at 23:31, Ulf Fischer wrote:
>
>> Hi,
>>
>> we have some Cisco CSS (Content Service Switches)
>> since we configured them to use our radiator servers for
>> authentication we see the following error message in
>> the logfile:
>>
>> Thu Oct 5 14:57:13 2006: ERR: Could not accept on Tacacs listen
>> socket: Software caused connection abort
>>
>> i find out that there is an command called:
>> tacacs-server frequency number
>> this are keepalives which the CSS send to check if the Tacacs server
>> is running or not.
>> i get the error messages exact in that time interval i configure the
>> tacacs-server frequency.
>> (The default is 5 seconds, so until i find out what is the cause of
>> this error message we had a lot of them.)
>>
>> we don't get any other problems just this error messages.
>> but if somebody knows how we could avoid this error messages i'm
>> interessted.
>>
>> regards,
>> ulf
>>
>> --Easynet GmbH | www.de.easynet.net
>> Ulf Fischer | Network Engineer
>> Harburger Schlossstrasse 1 | D-21079 Hamburg
>> T: +49 40 771 75-621 | F: +49 40 771 75-279
>>
>> Easynet is part of the Easynet Group PLC | www.easynetgroup.net
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
--
Easynet GmbH | www.de.easynet.net
Ulf Fischer | Network Engineer
Harburger Schlossstrasse 1 | D-21079 Hamburg
T: +49 40 771 75-621 | F: +49 40 771 75-279
Easynet is part of the Easynet Group PLC | www.easynetgroup.net
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list