Elasticsearch nodes behaving strangely, timeouts, discovery, etc. (solution)

(Robin Verlangen) #1

Hi there,

In the past couple of months we have seen all sorts of strange behaviours
from our ES nodes. Symptoms included:

  • failed to detect master / nodes
  • failed to connect to nodes
  • all sorts of other zen discovery related issues, also with unicast enabled

Today we discovered that we had a couple of firewalls that we not just
managing ports, but also messing with the connections. They included things
like connection limits (fair enough for external traffic, but a killer for
internal traffic), and system protections against a wide variety of things.

After disabling these protections and connection limits on our traffic
everything seemed to jump back to normal instantly.

So make sure you check you have no hardware/software firewalls that are
doing "smart" stuff. Even if you open the ports it might be possible that
there is some kind of global "security policy".

Just to share with other people that might face the seem problems.

Best regards,

Robin Verlangen
Chief Data Architect

W http://www.robinverlangen.nl
E robin@us2.nl

What is CloudPelican? http://goo.gl/HkB3D

Disclaimer: The information contained in this message and attachments is
intended solely for the attention and use of the named addressee and may be
confidential. If you are not the intended recipient, you are reminded that
the information remains the property of the sender. You must not use,
disclose, distribute, copy, print or rely on this e-mail. If you have
received this message in error, please contact the sender immediately and
irrevocably delete this message and any copies.

You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CADVHTB_TWQOCD5XLEiA1U0oqy4PA3PY-Q0j41hBEmcOBiT808A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

(system) #2