Argus 3.0.6.1/2 on BiviOS 5.1.6 issues
Eric Gustafson
subwire at gmail.com
Tue Jun 19 13:32:41 EDT 2012
Hi Carter and friends,
I saw in a recent email to the list that there are some Bivio-related
Argus fixes coming, but I wasn't sure if this was related or not.
Here's the backstory:
Recently, our Bivio tech upgraded a few of our Bivio 7500 boxes to the
latest rev of BiviOS, moving us from 5.1.4 to 5.1.6 to take care of
security patches. This, unfortunately, seems to have broken Argus,
and both versions 3.0.2 and 3.0.6.1 (pre-6/15, I believe) were unable
to capture any traffic from the 10G fiber interface.
After consulting the mailing list archive, I grabbed, right before
your announcement this morning, the latest argus and argus-clients,
dated 6/15. I can, intermittently, grab data from the argus daemon
running on each application CPU, but it otherwise produces errors like
the ones I pasted below.
Our boxes are set up in what I assume is the typical fashion, with
argus running on each Bivio application CPU, and radium running on
CPU-X to merge all the flows together.
If this helps any, the box we're testing currently is plugged into a
rather noisy but not saturated 10G fiber link. It also happens to be
listening just outside a firewall, so there are a _lot_ of small flows
from stuff that eventually gets blocked.
Here are the sort of log messages we get when starting radium or ra:
Jun 19 10:13:08 CPU-1c0 argus[29290]: 19 Jun 12 10:13:07.028468
connect from CPU-X
Jun 19 10:13:08 CPU-1c0 argus[29290]: 19 Jun 12 10:13:07.029010
ArgusCheckClientMessage: client (null) never started: timed out
Jun 19 10:13:09 CPU-1c1 argus[29120]: 19 Jun 12 10:13:08.554611
connect from CPU-X
Jun 19 10:13:09 CPU-1c1 argus[29120]: 19 Jun 12 10:13:08.555118
ArgusCheckClientMessage: client (null) never started: timed out
Let me know if you need any more info.
Thanks,
- Eric
More information about the argus
mailing list