Logstash and iptables
Question
I've just installed Logstash on my Ubuntu Server according by this tutorial I've iptables with allowed 80 and 22 ports only. So when Logstash is started I get the following iptables error in the logs.
What is 224.2.2.4 address and what's should I need to prevent this error?
2 answers
solution1
1 2013-08-10 12:02:36
you should check you iptables rules (mostly filter table) to see if there is any rule that prevents the transfer: thigs u should probably check:
- source IP
- destination IP
- packet type (TCP/UDP)
- network interface further more you may check the source-ip and the destination-ip as well
solution2
0 2014-02-14 08:23:35
224.xxx are multicast adresses. Multicast is used when one system wants to communicate to a group of systems. Membership of the groups is managed with IGMP.
ElasticSearch uses multicast to communicate within clusters. Logstash by default connects to ElasticSearch as a cluster node. You can fix this by allowing the multicast traffic on your iptables configuration, you will probably need to allow IGMP traffic as well. Other option is to disable multicast in Logstash and ElasticSearch. You can do this by configuring logstash to use elasticsearch_http output instead of elasticsearch and disable multicast discovery set: discovery.zen.ping.multicast.enabled: false in elasticsearch.yml
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.