Trouble retrieving metrics with Ganglia gmetad

[joven]

I have a FreeBSD 9 machine running gmond. I have another Linux machine running gmetad. I want to collect the metrics from the first machine on the second machine. I have gmond configured to use port 8615 for both TCP and UDP. I have gmetad configured to use connect to port 8615.

Everything works perfectly if I disable pf on the FreeBSD machine. As soon as I turn on pf, the gmetad daemon fails to retrieve metrics from the FreeBSD machine. I configured pf to forward traffic on port 8615 for both TCP and UDP and can successfully test TCP and UDP connectivity using nc. Also, once I start up gmond, I can successfully grab metrics from it using telnet from the collector machine. However, gmetad refuses to collect data and put it into the RRDs.

Again, as soon as I disable pf, everything works great, so I'm pretty convinced my problem is in my pf configuration. Anyone have an idea of what I did wrong?

My pf.conf is as follows:

 $FreeBSD: release/9.0.0/share/examples/pf/faq-example1 173536 2007-11-11 01:16:51Z mlaier $
# $OpenBSD: faq-example1,v 1.5 2006/10/07 04:48:01 mcbride Exp $

#
# Firewall Mosaic Storage Pod 
#

# macros
ext_if="igb0"
int_if="igb1"

tcp_services="{ 22, 80, 8615 }"
udp_services="{ 8615 }"

# options
set loginterface $ext_if
set skip on lo
set skip on $int_if 

# scrub
scrub in

# filter rules
block in all 
pass out all 

# Allow tcp traffic on $ext_if on ports $tcp_services
pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services

# Allow udp traffic on $ext_if on ports $udp_services
pass in on $ext_if inet proto udp from any to ($ext_if) port $udp_services

 

[SirDice]

I'm guessing the traffic arives on igb0 instead of igb1.

 

[joven]

Figured out the answer to my own question. Although I could connect to the FreeBSD machine using TCP to port 8615, I realized the XML that came back had no metrics in it. This was presumably because pf was preventing gmond from sending metrics to itself. I fixed the issue by changing my udp send and receive channels to the following

udp_send_channel {
  host = localhost
  bind_hostname = yes 
  port = 8615
}

udp_recv_channel {
  port = 8615
}

I'm not a Ganglia expert but I believe this configures gmond to send unicast UDP packets to 127.0.0.1, thereby sidestepping pf.

If anyone knows how to configure pf to support the typical multicast gmond behavior, I'd love to know! This setup will get me by for now.