Closed sjackson0109 closed 2 weeks ago
I'm going to tackle the collation separately. but i don't feel the DB collation is related to the proxy<>server communication.
Any advice?
Looks like the proxy's IP is not allowed for connections to Zabbix server according configuration of proxy on Zabbix server side.
Log from the docker Zabbix server:
docker logs prod-zabbix-server-1
262:20241009:084450.376 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
265:20241009:084450.564 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
263:20241009:084451.577 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
266:20241009:084452.591 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
265:20241009:084453.605 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
265:20241009:084454.618 cannot accept connection from proxy "gszab01.<REDACTED>" at "10.1.66.2", allowed address: "gszab01.<REDACTED>": connection is not allowed
Confirming the precise zabbix_proxy.conf parameters, which i missed earlier:
root@gszab01:~/prod# cat /media/data/zabbix-proxy/zabbix_proxy.conf | grep -E '^Server|^ServerActive|^Hostname'
Server=zabbix.<REDACTED>
Hostname=gszab01.<REDACTED>
root@gszab01:~/prod#
Found it!
FIX:
Zabbix Server frontend> Administration > Proxies > Click to EDIT the proxy, and clear the proxy address
attribute.
SUMMARY
OS / ENVIRONMENT / Used docker-compose files
OS:
Docker:
CONFIGURATION
ENV:
YAML:
STEPS TO REPRODUCE
Bring it all up:
EXPECTED RESULTS
Expecting the proxy to successfully handshake with the zabbix server. Note: Firewall rules allows ANY/ANY in both directions between the proxy (10.1.66.0/29) and server (10.101.67.0/29); TCP, UDP and ICMP. These traverse two firewalls, with a site-to-site VPN. I can confirm the VPN passes the traffic, as i can PCAP the traffic on both branch and datacentre firewalls, no drops. I even see the SYN, SYN ACK, SYN PSH, SYN PSH ACK etc... PACKETS ARE DEFINITELY PASSING.
ACTUAL RESULTS
Clearly the handshake packets are passing, but the responses from the Zabbix Server have null length. Note: I have successfully registered 2x other Zabbix Proxies with this server, and this Proxy is a CLONE of a working VM, docker ENV and YAML files included (with volumes and images directories emptied of course).
VERIFYING PORTS ARE OPEN
We can verify the tcp sockets open, bt sending a network connection SYN request to the IP/port, from within the docker zabbix-proxy instance:
Aside from me removing the FQDN, no other changes to the logs/output has been modified.
Proxy on the zabbix frontend is configured with: PROXY / Name: gszab01.
PROXY / Name: null
PROXY / Mode: Active
PROXY / Address: gszab01.
ENCRYPTION: Connections to Proxy: no encryption
ENCRYPTION: Connections from proxy: no encryption checked
Timeouts: All defaults.