AMQP Service Port set to 0 after fresh install, but still active

Options
MrSmart
MrSmart Member Posts: 29 ✭✭✭
in PubSub+ Event Broker #1

Installing latest solace-standard. Under System > Service

image.png

netstat -tulpn on the active broker in an HA setup:

ipv6

image.png

ipv4

image.png

When trying to set it to 5671:

image.png

Tagged:

Comments

  • PFSolace
    PFSolace Member Posts: 8 ✭✭
    edited August 2023 #2
    Options
    Hi,
    Software version os PubSub+ uses 5672 for AMQP service:

    [appuser@solace14 sw]$ netstat -anp |grep LISTEN|grep 5672
    tcp 0 0 0.0.0.0:5672 0.0.0.0:* LISTEN 537/dataplane-linux
    tcp6 0 0 :::5672 :::* LISTEN 537/dataplane-linux
    [appuser@solace14 sw]$


    As far as I can see in software version, you cant set SSL port the same as plaintext:
    solace14(configure/service/amqp)# shut
    All AMQP clients will be disconnected.
    Do you want to continue (y/n)? y

    solace14(configure/service/amqp)# listen-port 5672 ssl
    solace14(configure/service/amqp)# no shut
    ERROR: Port 5672 in use by AMQP service (message VPN default)
    Command Failed

    but it works fine when you do it for available port, ie. 56720.
    You have to change the port you want for SSL AMQP service. After changing the port check the status of the service by show service command.
    There are some other tasks that you need to follow to make it active and visible via netstat command, show service will show you the reason of failure (and therefore port not visible on netstat) like in my case - cert not configured for the service - refer to the image attached.
  • MrSmart
    MrSmart Member Posts: 29 ✭✭✭
    #3
    Options

    well it's not that the port is not working correctly, it's that the interface shows the port as 0 while it's actually 5671 🙂

  • PFSolace
    PFSolace Member Posts: 8 ✭✭
    #4
    Options
    Can you paste show service output for AMQP part as on my screen ? I doubt the TLS AMQP service is administratively up.
  • MrSmart
    MrSmart Member Posts: 29 ✭✭✭
    #5
    Options
    image.png

    here's show service.

  • MrSmart
    MrSmart Member Posts: 29 ✭✭✭
    #6
    Options

    hmm, maybe you mean another overview, what command did you use and where?

  • PFSolace
    PFSolace Member Posts: 8 ✭✭
    #7
    Options
    The lower part with kind of "table" :smile:
    When I invoke "show service" in enabled mode I get the following results - beginning like on your screen, bottom as on the screenshot of my first reply here. Below is the the text output:
    solace14# show service

    Msg-Backbone: Enabled
    VRF: management
    SMF: Enabled
    Web-Transport: Enabled
    REST Incoming: Shutdown
    REST Outgoing: Shutdown
    MQTT: Shutdown
    AMQP: Enabled
    Health-check: Enabled
    Health-check SSL: Enabled
    Mate-link: Enabled
    Redundancy: Enabled

    Max Incoming Connections: 100
    Service SMF: 100
    Service Web-Transport: 100
    Service REST: 100
    Service MQTT: 100
    Service AMQP: 100
    Max Outgoing Connections:
    Service REST: 100
    Max SSL Connections: 100

    Event Threshold Set Value Clear Value
    ---------------------------------- ---------------- ----------------
    Incoming Connections 80%(80) 60%(60)
    Service SMF 80%(80) 60%(60)
    Outgoing Connections
    Service REST 80%(80) 60%(60)
    SSL Connections 80%(80) 60%(60)


    Flags Legend:
    TP - Transport
    T+U - TCP and UDP
    S - SSL (Y=Yes, N=No, -=not-applicable)
    C - Compressed (Y=Yes, N=No, -=not-applicable)
    R - Routing Ctrl (Y=Yes, N=No, -=not-applicable)
    VRF - VRF (Mgmt=management, MsgBB=msg-backbone)
    A - Admin State (U=Up, D=Down, -=not-applicable)
    ---Press any key to continue, or `q' to quit---
    O - Oper State (U=Up, D=Down, -=not-applicable)

    Status
    Service TP S C R VRF MsgVpn Port A O Failed Reason
    ---------- --- ----- ----- --------------- ----- --- --------------------------
    SEMP TCP N - - Mgmt 8080 U U
    SEMP TCP Y - - Mgmt 1943 U D No Cert
    SMF TCP N N N Mgmt 55555 U U
    SMF TCP N Y N Mgmt 55003 U U
    SMF TCP N N Y Mgmt 55556 U D
    SMF TCP Y N N Mgmt 55443 U D No Cert
    SMF WEB N - - Mgmt 8008 U U
    SMF WEB Y - - Mgmt 1443 U D No Cert
    MQTT TCP N - - Mgmt default 1883 U D Global Shutdown
    MQTT TCP Y - - Mgmt default 8883 U D No Cert
    MQTT WEB N - - Mgmt default 8000 U D Global Shutdown
    MQTT WEB Y - - Mgmt default 8443 U D No Cert
    AMQP TCP Y - - Mgmt 56720 U D No Cert
    AMQP TCP N - - MsgBB default 5672 U U
    AMQP TCP Y - - MsgBB default 5671 U D No Cert
    AMQP TCP Y - - MsgBB mvpn 57621 U D No Cert
    REST WEB N - - Mgmt default 9000 U D Global Shutdown
    REST WEB Y - - Mgmt default 9443 U D No Cert
    MATELINK TCP N N N Mgmt 8741 U D Missing Mate Address
    HEALTHCHK TCP N N N Mgmt 5550 U U
    HEALTHCHK TCP Y N N Mgmt 5553 U D No Cert
    REDUNDANCY TCP Y N N Mgmt 8300 U D
    REDUNDANCY T+U Y N N Mgmt 8301 U D
    REDUNDANCY T+U Y N N Mgmt 8302 U D
    solace14#
  • PFSolace
    PFSolace Member Posts: 8 ✭✭
    #8
    Options
    As you can see there is Admin State up for TLS, but operation status down due to lack of cert.
  • MrSmart
    MrSmart Member Posts: 29 ✭✭✭
    #9
    Options

    this is better then…. On the node that's currently UP

    image.png

    On the node that's currently DOWN

    image.png

  • PFSolace
    PFSolace Member Posts: 8 ✭✭
    #10
    Options
    The output from "down" node shows that ports are the same as on "up" node. I have just recreated one of containers to have fresh installation and situation on my side is the same (except lack of certs, but ports do match) :
    AMQP TCP Y - - Mgmt U D No Cert
    AMQP TCP N - - MsgBB default 5672 U U
    AMQP TCP Y - - MsgBB default 5671 U D No Cert

    5672 for plain text
    5671 for secured channel

    And Broker Manager also shows port 0. So I guess you found a bug in Broker Manager..
    And setting SSL is not needed.
  • MrSmart
    MrSmart Member Posts: 29 ✭✭✭
    #11
    Options

    yay I found a bug 🤸‍♂️

Categories

This Month's Leaders

This Week's Leaders