Обсуждение: pg_hba.conf issue
Hi friends, We have a product with Postgres 8.1 integrated for installations on Windows. The standard pg_hba.conf configuration going in the package is # TYPE DATABASE USER CIDR-ADDRESS METHOD # IPv4 local connections: host all all 127.0.0.1/32 trust # IPv6 local connections: #host all all ::1/128 trust #host all all 172.21.42.121/24 trust host all all 172.21.51.56/24 trust While this works at most of the locations, we have a peculiar error coming up at 2-3 locations. The error reads: no pg_hba.conf entry for host "::1" , user "crisil" , database "crisil" , SSL off " Can someone give any clue on why could this be coming up? We do not intend to use SSL either. Our analysis shows this problem gets resolved if the entry for ::1/128 is uncommented but we would like to understand in which scenario is this entry needed. Regards, Ritu Disclaimer : This message (including any attachments) contains confidential information. If you are not the intended recipient, pleasedelete the message (including any attachments) from your system without using, transmitting or storing it. Please alsoimmediately inform the sender. E-mails are not secure and may suffer from errors, viruses, unauthorized interceptions/ amendments. CRISIL and its subsidiaries do not accept any liability for loss or damage caused by this e-mailand may monitor e-mail traffic.
Hi friends,
I am Jayakumar and new to PostgreSQL world. I am using PostgreSQL 8.1.3
in Windows 2000 machine.
My problem is, I am unable to connect to PostgreSQL server from another
machine's psql client.
My system IP is 172.16.84.76, and client machine IP is 172.16.85.243.
I can connect to the PostgreSQL server with " psql -Uroot
-h172.16.84.76"
from same system(172.16.84.76)
If I give the above command from 172.16.85.243, results
D:\\Program Files\PostgreSQL\8.1\bin>psql -Uroot - h172.16.84.76
psql: could not connect to server: Connection refused (0x0000274D/10061)
Is the server running on host "172.16.84.76" and accepting
TCP/IP connections on port 5432?
I don't know how to do this in windows.
here pg_hba.conf entries follows
*************************************
host all all 172.16.84.76/32 md5
host all all 172.16.85.243/32 md5
here postgre.conf entry follows
***********************************
#-----------------------------------------------------------------------
----
# CONNECTIONS AND AUTHENTICATION
#-----------------------------------------------------------------------
----
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
port = 5432
max_connections = 100
# note: increasing max_connections costs ~400 bytes of shared memory per
# connection slot, plus lock space (see max_locks_per_transaction). You
# might also need to raise shared_buffers to support more connections.
superuser_reserved_connections = 10
#unix_socket_directory = ''
#unix_socket_group = ''
#unix_socket_permissions = 0777 # octal
#bonjour_name = '' # defaults to the computer name
# - Security & Authentication -
authentication_timeout = 150 # 1-600, in seconds
#ssl = on
#password_encryption = on
#db_user_namespace = off
# Kerberos
#krb_server_keyfile = ''
#krb_srvname = 'postgres'
#krb_server_hostname = '' # empty string matches any keytab entry
#krb_caseins_users = off
# - TCP Keepalives -
# see 'man 7 tcp' for details
#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
# 0 selects the system default
#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
# 0 selects the system default
#tcp_keepalives_count = 0 # TCP_KEEPCNT;
# 0 selects the system default
Please find my problem, give me the solution...
Thanks & Regards
Jayakumar M
DISCLAIMER:
This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain
materialthat is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distributionor forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the
intendedrecipient, please contact the sender by email and delete all copies; your cooperation in this regard is
appreciated.
Ritu Khetan <RKhetan@crisil.com> writes:
> # IPv4 local connections:
> host all all 127.0.0.1/32 trust
> # IPv6 local connections:
> #host all all ::1/128 trust
> #host all all 172.21.42.121/24 trust
> host all all 172.21.51.56/24 trust
> While this works at most of the locations, we have a peculiar error coming
> up at 2-3 locations. The error reads:
> no pg_hba.conf entry for host "::1" , user "crisil" , database "crisil" ,
> SSL off "
No surprise: you have the IPv6 line commented out. Dunno why these
particular boxes are preferring IPv6 to IPv4, maybe something different
about the local DNS environment? Anyway, there is no point in refusing
to serve ::1/128 if you're accepting 127.0.0.1.
regards, tom lane
>From: Ritu Khetan <RKhetan@crisil.com> >To: pgsql-admin@postgresql.org >Subject: [ADMIN] pg_hba.conf issue >Date: Mon, 2 Jul 2007 18:40:22 +0530 > > >Hi friends, > >We have a product with Postgres 8.1 integrated for installations on >Windows. The standard pg_hba.conf configuration going in the package is > > ># TYPE DATABASE USER CIDR-ADDRESS METHOD > ># IPv4 local connections: >host all all 127.0.0.1/32 trust ># IPv6 local connections: >#host all all ::1/128 trust >#host all all 172.21.42.121/24 trust >host all all 172.21.51.56/24 trust > Move your entries from IPv6 to IPv4 block. >While this works at most of the locations, we have a peculiar error coming >up at 2-3 locations. The error reads: >Regards, >Ritu >Disclaimer : >This message (including any attachments) contains confidential information. >If you are not the intended recipient, please delete the message (including >any attachments) from your system without using, transmitting or storing >it. Please also immediately inform the sender. E-mails are not secure and >may suffer from errors, viruses, unauthorized interceptions / amendments. >CRISIL and its subsidiaries do not accept any liability for loss or damage >caused by this e-mail and may monitor e-mail traffic. > >---------------------------(end of broadcast)--------------------------- >TIP 4: Have you searched our list archives? > > http://archives.postgresql.org _________________________________________________________________ http://liveearth.msn.com
>From: "Jayakumar_Mukundaraju" <Jayakumar_Mukundaraju@satyam.com> >To: <pgsql-admin@postgresql.org> >Subject: [ADMIN] pg_hba.conf issue >Date: Mon, 2 Jul 2007 19:21:36 +0530 > >Hi friends, > >I am Jayakumar and new to PostgreSQL world. I am using PostgreSQL 8.1.3 >in Windows 2000 machine. > >My problem is, I am unable to connect to PostgreSQL server from another >machine's psql client. > >My system IP is 172.16.84.76, and client machine IP is 172.16.85.243. > >I can connect to the PostgreSQL server with " psql -Uroot >-h172.16.84.76" >from same system(172.16.84.76) > >If I give the above command from 172.16.85.243, results > >D:\\Program Files\PostgreSQL\8.1\bin>psql -Uroot - h172.16.84.76 >psql: could not connect to server: Connection refused (0x0000274D/10061) > Is the server running on host "172.16.84.76" and accepting > TCP/IP connections on port 5432? > >I don't know how to do this in windows. > > >here pg_hba.conf entries follows >************************************* >host all all 172.16.84.76/32 md5 >host all all 172.16.85.243/32 md5 > Is this pg_hba.conf file is located at (172.16.84.76)? Further are these entries made in IPv4 block? >here postgre.conf entry follows >*********************************** >#----------------------------------------------------------------------- >---- ># CONNECTIONS AND AUTHENTICATION >#----------------------------------------------------------------------- >---- > ># - Connection Settings - > >listen_addresses = '*' # what IP address(es) to listen on; > # comma-separated list of addresses; > # defaults to 'localhost', '*' = all >port = 5432 >max_connections = 100 ># note: increasing max_connections costs ~400 bytes of shared memory per ># connection slot, plus lock space (see max_locks_per_transaction). You ># might also need to raise shared_buffers to support more connections. > > >superuser_reserved_connections = 10 > >#unix_socket_directory = '' >#unix_socket_group = '' >#unix_socket_permissions = 0777 # octal >#bonjour_name = '' # defaults to the computer name > ># - Security & Authentication - > >authentication_timeout = 150 # 1-600, in seconds > >#ssl = on > >#password_encryption = on >#db_user_namespace = off > ># Kerberos >#krb_server_keyfile = '' >#krb_srvname = 'postgres' >#krb_server_hostname = '' # empty string matches any keytab entry >#krb_caseins_users = off > ># - TCP Keepalives - ># see 'man 7 tcp' for details > >#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; > # 0 selects the system default >#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; > # 0 selects the system default >#tcp_keepalives_count = 0 # TCP_KEEPCNT; > # 0 selects the system default > >Please find my problem, give me the solution... > >Thanks & Regards >Jayakumar M > > > >DISCLAIMER: >This email (including any attachments) is intended for the sole use of the >intended recipient/s and may contain material that is CONFIDENTIAL AND >PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or >distribution or forwarding of any or all of the contents in this message is >STRICTLY PROHIBITED. If you are not the intended recipient, please contact >the sender by email and delete all copies; your cooperation in this regard >is appreciated. > >---------------------------(end of broadcast)--------------------------- >TIP 4: Have you searched our list archives? > > http://archives.postgresql.org _________________________________________________________________ http://liveearth.msn.com
What does ::1/128 signify?
Regards,
Ritu
Tom Lane
<tgl@sss.pgh.pa.us>
Sent by: To
pgsql-admin-owner@postg Ritu Khetan
resql.org <RKhetan@crisil.com>
cc
pgsql-admin@postgresql.org
02/07/2007 09:08 PM Subject
Re: [ADMIN] pg_hba.conf issue
Ritu Khetan <RKhetan@crisil.com> writes:
> # IPv4 local connections:
> host all all 127.0.0.1/32 trust
> # IPv6 local connections:
> #host all all ::1/128 trust
> #host all all 172.21.42.121/24 trust
> host all all 172.21.51.56/24 trust
> While this works at most of the locations, we have a peculiar error
coming
> up at 2-3 locations. The error reads:
> no pg_hba.conf entry for host "::1" , user "crisil" , database "crisil" ,
> SSL off "
No surprise: you have the IPv6 line commented out. Dunno why these
particular boxes are preferring IPv6 to IPv4, maybe something different
about the local DNS environment? Anyway, there is no point in refusing
to serve ::1/128 if you're accepting 127.0.0.1.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
Disclaimer :
This message (including any attachments) contains confidential information. If you are not the intended recipient,
pleasedelete the message (including any attachments) from your system without using, transmitting or storing it. Please
alsoimmediately inform the sender. E-mails are not secure and may suffer from errors, viruses, unauthorized
interceptions/ amendments. CRISIL and its subsidiaries do not accept any liability for loss or damage caused by this
e-mailand may monitor e-mail traffic.
Hi friends, Yes,In 172.16.84.76 system in pg_hba.conf I added 172.16.85.243 ip address. Kindly give me explain of IPv4 block... Thanks & Regards Jayakumar M -----Original Message----- From: Vishal Arora [mailto:aroravishal22@hotmail.com] Sent: Tuesday, July 03, 2007 9:52 AM To: Jayakumar_Mukundaraju; pgsql-admin@postgresql.org Subject: RE: [ADMIN] pg_hba.conf issue >From: "Jayakumar_Mukundaraju" <Jayakumar_Mukundaraju@satyam.com> >To: <pgsql-admin@postgresql.org> >Subject: [ADMIN] pg_hba.conf issue >Date: Mon, 2 Jul 2007 19:21:36 +0530 > >Hi friends, > >I am Jayakumar and new to PostgreSQL world. I am using PostgreSQL 8.1.3 >in Windows 2000 machine. > >My problem is, I am unable to connect to PostgreSQL server from another >machine's psql client. > >My system IP is 172.16.84.76, and client machine IP is 172.16.85.243. > >I can connect to the PostgreSQL server with " psql -Uroot >-h172.16.84.76" >from same system(172.16.84.76) > >If I give the above command from 172.16.85.243, results > >D:\\Program Files\PostgreSQL\8.1\bin>psql -Uroot - h172.16.84.76 >psql: could not connect to server: Connection refused (0x0000274D/10061) > Is the server running on host "172.16.84.76" and accepting > TCP/IP connections on port 5432? > >I don't know how to do this in windows. > > >here pg_hba.conf entries follows >************************************* >host all all 172.16.84.76/32 md5 >host all all 172.16.85.243/32 md5 > Is this pg_hba.conf file is located at (172.16.84.76)? Further are these entries made in IPv4 block? >here postgre.conf entry follows >*********************************** >#---------------------------------------------------------------------- - >---- ># CONNECTIONS AND AUTHENTICATION >#---------------------------------------------------------------------- - >---- > ># - Connection Settings - > >listen_addresses = '*' # what IP address(es) to listen on; > # comma-separated list of addresses; > # defaults to 'localhost', '*' = all >port = 5432 >max_connections = 100 ># note: increasing max_connections costs ~400 bytes of shared memory per ># connection slot, plus lock space (see max_locks_per_transaction). You ># might also need to raise shared_buffers to support more connections. > > >superuser_reserved_connections = 10 > >#unix_socket_directory = '' >#unix_socket_group = '' >#unix_socket_permissions = 0777 # octal >#bonjour_name = '' # defaults to the computer name > ># - Security & Authentication - > >authentication_timeout = 150 # 1-600, in seconds > >#ssl = on > >#password_encryption = on >#db_user_namespace = off > ># Kerberos >#krb_server_keyfile = '' >#krb_srvname = 'postgres' >#krb_server_hostname = '' # empty string matches any keytab entry >#krb_caseins_users = off > ># - TCP Keepalives - ># see 'man 7 tcp' for details > >#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; > # 0 selects the system default >#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; > # 0 selects the system default >#tcp_keepalives_count = 0 # TCP_KEEPCNT; > # 0 selects the system default > >Please find my problem, give me the solution... > >Thanks & Regards >Jayakumar M > > > >DISCLAIMER: >This email (including any attachments) is intended for the sole use of the >intended recipient/s and may contain material that is CONFIDENTIAL AND >PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or >distribution or forwarding of any or all of the contents in this message is >STRICTLY PROHIBITED. If you are not the intended recipient, please contact >the sender by email and delete all copies; your cooperation in this regard >is appreciated. > >---------------------------(end of broadcast)--------------------------- >TIP 4: Have you searched our list archives? > > http://archives.postgresql.org _________________________________________________________________ http://liveearth.msn.com DISCLAIMER: This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain materialthat is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or distributionor forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the intendedrecipient, please contact the sender by email and delete all copies; your cooperation in this regard is appreciated.
>From: Ritu Khetan <RKhetan@crisil.com> >To: Tom Lane <tgl@sss.pgh.pa.us> >CC: pgsql-admin@postgresql.org,pgsql-admin-owner@postgresql.org >Subject: Re: [ADMIN] pg_hba.conf issue >Date: Tue, 3 Jul 2007 11:01:10 +0530 > >What does ::1/128 signify? Its the IPv6 notification to loopback address. In other words it is as good as specifying 127.0.0.1 in IPv4. >Regards, >Ritu > > > > > Tom Lane > <tgl@sss.pgh.pa.us> > Sent by: To > pgsql-admin-owner@postg Ritu Khetan > resql.org <RKhetan@crisil.com> > cc > pgsql-admin@postgresql.org > 02/07/2007 09:08 PM Subject > Re: [ADMIN] pg_hba.conf issue > > > > > > > > > > >Ritu Khetan <RKhetan@crisil.com> writes: > > # IPv4 local connections: > > host all all 127.0.0.1/32 trust > > # IPv6 local connections: > > #host all all ::1/128 trust > > #host all all 172.21.42.121/24 trust > > host all all 172.21.51.56/24 trust > > > While this works at most of the locations, we have a peculiar error >coming > > up at 2-3 locations. The error reads: > > > no pg_hba.conf entry for host "::1" , user "crisil" , database "crisil" >, > > SSL off " > >No surprise: you have the IPv6 line commented out. Dunno why these >particular boxes are preferring IPv6 to IPv4, maybe something different >about the local DNS environment? Anyway, there is no point in refusing >to serve ::1/128 if you're accepting 127.0.0.1. > > regards, tom lane > >---------------------------(end of broadcast)--------------------------- >TIP 6: explain analyze is your friend > >Disclaimer : >This message (including any attachments) contains confidential information. >If you are not the intended recipient, please delete the message (including >any attachments) from your system without using, transmitting or storing >it. Please also immediately inform the sender. E-mails are not secure and >may suffer from errors, viruses, unauthorized interceptions / amendments. >CRISIL and its subsidiaries do not accept any liability for loss or damage >caused by this e-mail and may monitor e-mail traffic. > >---------------------------(end of broadcast)--------------------------- >TIP 4: Have you searched our list archives? > > http://archives.postgresql.org _________________________________________________________________ http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migration_HM_mini_pcmag_0507