Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000216118

PowerPath:当 Tenable 漏洞扫描端口 9083 时,对等节点重置连接

Summary: 当 Tenable 漏洞扫描端口 9083 时,具有相互传输层安全性 (mTLS) 的 PowerPath For Windows 7.2.X 远程管理达到最大套接字连接限制,并且连接被对等方重置。

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

当 Tenable 扫描软件扫描端口 9083 时,启用了 mTLS 的 PowerPath 远程管理进程失败,最终达到最大套接字连接数,并且系统会记录由对等方重置连接的消息。

 

在 PPMA GUI 上,直到下一个轮询周期才会显示断开连接状态。轮询周期运行时,服务器最终在 GUI 中显示为已断开连接 (RED)。

 

## Windows 远程管理应用程序事件日志

07/23/2023 07:05:23 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:23 PM  Information   HOSTNAME 2       EmcPowerPathManagementComponent  EMC PowerPath Information:  Management Component: Info: SSPI decryption failed. InitSSLServerSchannel(): Failed to query the client.
07/23/2023 07:05:19 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:19 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054).
07/23/2023 07:05:18 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:18 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054)

 

## PPMA DataCollector 日志

ERROR 19:16:08.320 [AnonymousIoService-6] c.e.p.d.hosts.impl.HostAgentListener - Internal error occurred in the connection to HOSTNAME.DOMAIN.COM:9083
WARN  19:16:08.321 [AnonymousIoService-6] c.e.p.d.h.impl.HostAgentConnector - java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
org.apache.mina.filter.codec.ProtocolDecoderException: java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:165)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.support.SSLHandler.flushScheduledEvents(SSLHandler.java:275)
    at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:427)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
    at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
Caused by: java.lang.Exception: Invalid Header Tag       ??U?
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.getExpectedBytes(AgentResponseDecoder.java:64)
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.doDecode(AgentResponseDecoder.java:117)
    at org.apache.mina.filter.codec.CumulativeProtocolDecoder.decode(CumulativeProtocolDecoder.java:133)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:158)
    ... 14 common frames omitted
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Connection reset by peer
java.io.IOException: Connection reset by peer
    at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
    at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
    at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
    at sun.nio.ch.IOUtil.read(IOUtil.java:197)
    at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:378)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:218)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Broken pipe
java.io.IOException: Broken pipe
    at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
    at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
    at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
    at sun.nio.ch.IOUtil.write(IOUtil.java:65)
    at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:469)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:414)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:332)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$500(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:488)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
ERROR 19:16:08.325 [AnonymousIoService-14] c.e.p.d.hosts.impl.HostAgentListener - Connection to HOSTNAME.DOMAIN.COM:9083 has been lost

 

Cause

这是启用了 mTLS 的 PowerPath for Windows 7.2.X 远程管理无法正确处理来自非 PPMA 服务器的 Winsock 连接的问题。

 

Resolution

该修复将在 PowerPath for Windows 的未来版本中提供,但目前没有 ETA。

 

解决方法是从 Windows 服务重新启动“EMC PowerPath 远程管理组件”服务。

 

Article Properties

Last Published Date

19 Jul 2024

Version

3

Article Type

Solution

Back to Top