Open mnanduri opened 6 years ago
Trying to use ssl cert mechanism to talk to the device and its not working? did anyone get it working?
telegraf.tmpl settings for input-oc.
servers = ["192.168.1.139:50051"] ssl_cert = "/source/jti.pem"
I was using the below mechanism to create one.
http://ipengineer.net/2018/05/configuring-ssl-grpc-junos/
Looks like it tries and fails. never attempts to connect again.
root@Jumphost2:/home/mohan/open-nti# tcpdump -i eth0 port 50051 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:07:49.788309 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [S], seq 2391356311, win 29200, options [mss 1460,sackOK,TS val 118401606 ecr 0,nop,wscale 7], length 0 13:07:49.794368 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [S.], seq 3392765012, ack 2391356312, win 65535, options [mss 1460,nop,wscale 1,nop,nop,TS val 2620523829 ecr 118401606,sackOK,eol], length 0 13:07:49.794451 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [.], ack 1, win 229, options [nop,nop,TS val 118401607 ecr 2620523829], length 0 13:07:49.794703 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [P.], seq 1:152, ack 1, win 229, options [nop,nop,TS val 118401607 ecr 2620523829], length 151 13:07:49.817000 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [P.], seq 1:1327, ack 152, win 33304, options [nop,nop,TS val 2620523851 ecr 118401607], length 1326 13:07:49.817078 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [.], ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 0 13:07:49.817496 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [P.], seq 152:159, ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 7 13:07:49.817596 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [R.], seq 159, ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 0 13:07:49.818633 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [F.], seq 1327, ack 159, win 33300, options [nop,nop,TS val 2620523854 ecr 118401613], length 0 13:07:49.818673 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [R], seq 2391356470, win 0, length 0
Trying to use ssl cert mechanism to talk to the device and its not working? did anyone get it working?
telegraf.tmpl settings for input-oc.
servers = ["192.168.1.139:50051"] ssl_cert = "/source/jti.pem"
I was using the below mechanism to create one.
http://ipengineer.net/2018/05/configuring-ssl-grpc-junos/
Looks like it tries and fails. never attempts to connect again.
root@Jumphost2:/home/mohan/open-nti# tcpdump -i eth0 port 50051 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:07:49.788309 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [S], seq 2391356311, win 29200, options [mss 1460,sackOK,TS val 118401606 ecr 0,nop,wscale 7], length 0 13:07:49.794368 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [S.], seq 3392765012, ack 2391356312, win 65535, options [mss 1460,nop,wscale 1,nop,nop,TS val 2620523829 ecr 118401606,sackOK,eol], length 0 13:07:49.794451 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [.], ack 1, win 229, options [nop,nop,TS val 118401607 ecr 2620523829], length 0 13:07:49.794703 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [P.], seq 1:152, ack 1, win 229, options [nop,nop,TS val 118401607 ecr 2620523829], length 151 13:07:49.817000 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [P.], seq 1:1327, ack 152, win 33304, options [nop,nop,TS val 2620523851 ecr 118401607], length 1326 13:07:49.817078 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [.], ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 0 13:07:49.817496 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [P.], seq 152:159, ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 7 13:07:49.817596 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [R.], seq 159, ack 1327, win 251, options [nop,nop,TS val 118401613 ecr 2620523851], length 0 13:07:49.818633 IP 192.168.1.139.50051 > 192.168.1.133.54626: Flags [F.], seq 1327, ack 159, win 33300, options [nop,nop,TS val 2620523854 ecr 118401613], length 0 13:07:49.818673 IP 192.168.1.133.54626 > 192.168.1.139.50051: Flags [R], seq 2391356470, win 0, length 0