Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#751 closed defect (worksforme)

Problems with syslog and openvpn

Reported by: GoTLiuM InSPiRiT Owned by:
Priority: critical Milestone:
Component: nginx-core Version: 1.7.x
Keywords: syslog udp Cc:
uname -a: Linux 3.2.0-58-virtual #88-Ubuntu SMP Tue Dec 3 17:58:13 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: openresty/1.7.10.1
built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx/nginx --with-cc-opt='-I/usr/src/ngx_openresty-1.7.10.1/build/luajit-root/etc/nginx/luajit/include/luajit-2.1 -O2 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security' --add-module=../ngx_devel_kit-0.2.19 --add-module=../echo-nginx-module-0.57 --add-module=../xss-nginx-module-0.04 --add-module=../ngx_coolkit-0.2rc2 --add-module=../set-misc-nginx-module-0.28 --add-module=../form-input-nginx-module-0.10 --add-module=../encrypted-session-nginx-module-0.03 --add-module=../srcache-nginx-module-0.29 --add-module=../ngx_lua-0.9.15 --add-module=../ngx_lua_upstream-0.02 --add-module=../headers-more-nginx-module-0.25 --add-module=../array-var-nginx-module-0.03 --add-module=../memc-nginx-module-0.15 --add-module=../redis2-nginx-module-0.11 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.13 --add-module=../rds-csv-nginx-module-0.05 --with-ld-opt='-Wl,-rpath,/etc/nginx/luajit/lib -L/usr/src/ngx_openresty-1.7.10.1/build/luajit-root/etc/nginx/luajit/lib -Wl,-Bsymbolic-functions -Wl,-z,relro' --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=www-data --group=www-data --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_geoip_module --with-file-aio --with-http_ssl_module

Description

Hi, I'm use openvpn at this moment for internal communications between some servers. When openvpn is reconnecting or is down, nginx generate this error: 2015/04/19 22:36:45 [alert] 20460#0: send() failed (22: Invalid argument). After reconnecting/connecting, nginx never send log to remote syslog server over udp and generate error for every request. After restarting nginx working fine.

nginx.conf

log_format graylog2_format '$http_x_real_ip - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$remote_addr" <msec=$msec
|connection=$connection|connection_requests=$connection_requests|millis=$request_time|domain=$host>';

access_log syslog:server=graylog.dev:12301 graylog2_format;

Change History (5)

comment:1 by GoTLiuM InSPiRiT, 9 years ago

For fix this problem - domain name is replaced by ip-address.

comment:2 by vl, 9 years ago

Resolution: worksforme
Status: newclosed

This is the expected behavior. Nginx will report errors to the local
file log when it is unable to send logs to remote host so that you can see
that some messages were not sent to your syslog server.

Note that if you are using hostname, it is resolved at start time and the
first returned address is used. You may want to send reload signal to nginx if
some hosts mentioned in nginx configuration had changed address after openvpn
restart.

comment:3 by GoTLiuM InSPiRiT, 9 years ago

So after restarting openvpn - nginx cannot send log and swears to error log. But when I use IP, all is fine. Can you explain why? Because dns is not changes. And ip is not changed. Very strange behavior.

comment:4 by vl, 9 years ago

First, please reproduce the problem without 3rd-party modules using nginx from http://nginx.org/en/download.html

Second, double check what your DNS returns. You can use strace to check that nginx is sending logs to the same IP when hostanme is specified and when the IP is specified.

comment:5 by GoTLiuM InSPiRiT, 9 years ago

All is checked. But I cannot install native nginx without modules at this moment.

Note: See TracTickets for help on using tickets.