Ad Widget

**dimir** · 12-11-2020, 11:44

You are using encrypted traffic, right?

**erasedhammer** · 12-11-2020, 13:21

Originally posted by dimir

You are using encrypted traffic, right?

Yes, Zabbix traffic is encrypted by default?

**dimir** · 12-11-2020, 14:49

By default - no, you have to set the encryption up on both the server and the client side.

**erasedhammer** · 12-11-2020, 14:51

Originally posted by dimir

By default - no, you have to set the encryption up on both the server and the client side.

As yes, now I remeber setting it up.

Any idea why the agent is sending these extra rsts?

**dimir** · 12-11-2020, 15:24

We believe it's because of using TLS library, perhaps in not completely correct way. Will try to get more information on this. If you are able to recompile Zabbix and try the recompiled binary in this scenario I could provide you with the patch. In this case I need to know Zabbix version you are using.

**erasedhammer** · 12-11-2020, 15:42

Originally posted by dimir

We believe it's because of using TLS library, perhaps in not completely correct way. Will try to get more information on this. If you are able to recompile Zabbix and try the recompiled binary in this scenario I could provide you with the patch. In this case I need to know Zabbix version you are using.

I am using zabbix server 5.0 LTS. Or do you need the agent version?

**dimir** · 12-11-2020, 15:53

If it's not possible for both we can try with the agent. Which exact version and which tls library are you using (OpenSSL, GnuTLS)?

**erasedhammer** · 12-11-2020, 16:02

Originally posted by dimir

If it's not possible for both we can try with the agent. Which exact version and which tls library are you using (OpenSSL, GnuTLS)?

I forgot what exact version the agent was, but this problem I have observed over several devices from 4.0 to 5.0. I am using OpenSSL

**1977er** · 23-02-2022, 14:29

I can reproduce the behaviour on a Zabbix 5.0.20 server with a 5.0.20 agent(1). The problem persists even after disabling encryption.

[root@agent]:~ # tcpdump -ni eth0 -v 'tcp[tcpflags] & (tcp-rst) != 0 and port 10050'

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
13:03:33.747673 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server-addr.54636 > agent-addr.10050: Flags [R], cksum 0x587f (correct), seq 1099060185, win 0, length 0
13:03:33.747704 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server-addr.54636 > agent-addr.10050: Flags [R], cksum 0x587f (correct), seq 1099060185, win 0, length 0
13:03:33.756526 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server-addr.54640 > agent-addr.10050: Flags [R], cksum 0xb9c1 (correct), seq 3996665308, win 0, length 0
13:03:33.756601 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server-addr.54640 > agent-addr.10050: Flags [R], cksum 0xb9c1 (correct), seq 3996665308, win 0, length 0

Ad Widget

Zabbix passive communication extra rst packets?

Zabbix passive communication extra rst packets?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment