IBM Support

Debugging kde_gateway connection failures

Troubleshooting


Problem

Tips and techniques to debug kde_gateway configuration connection failure

Symptom


You will notice the below error in the default agent log

(2011/02/18,11:37:36.00BF-10:kraarreg.cpp,1601,"LookupProxy") Unable to connect to broker at ip.pipe:xxxxxxx: status=0, "success", ncs/KDC1_STC_OK
(2011/02/18,11:37:36.00C0-10:kraarreg.cpp,1886,"FindProxyUsingLocalLookup") Unable to find running CMS on CT_CMSLIST <ip.pipe:xxxxxxx>

Resolving The Problem

This technote will not address how to set up a typical kde_gateway configuration in your organization by defining a private, trusted and public network zones

However, this technote will address a simple technique with a simple example to debug the kde_gateway configuration

The ip address used in the technote is for demonstration purposes only



The message shown in the log file example indicates that the physical connection initiated by the upstream gateway is broken, Use the below suggestion to resolve the issue
  • Check the default trace for all the gateway proxies and make sure that the XML configuration file is loaded successfully. You would see the below message (something similar) on the gateway proxy agent log if the kde_gateway XML is loaded successful
    (4DAC7993.002D-940:kdebgig.c,53,"KDEBG_InitializeGateway")
    +4DAC7993.002D Loading gateway configuration: "C:\IBM\ITM\TMAITM6\rrjanani_gw.xml"
    +4DAC7993.002D Gateway configuration status: 00000000
    (4DAC7993.002E-940:kdebgog.c,44,"open_interfaces") Interface endpointproxy.trusted.gw_rrjanani startup complete
    (4DAC7993.002F-940:kdebgog.c,44,"open_interfaces") Interface gatewayproxy.trusted.gw_rrjanani startup complete
    (4DAC7993.0030-940:kdebgog.c,99,"KDEBG_OpenGateway") Zone trusted.gw_rrjanani startup complete: maxconn=2048
    (4DAC7993.0031-940:kdebgog.c,105,"KDEBG_OpenGateway") Gateway gw_rrjanani startup complete
  • If you notice the below trace message on the gateway proxy agent log then the gateway connection is established with the peer gateway proxy

(4DB81D73.0032-2130:kdebgcn.c,138,"KDEBG_Connect") Interface
gatewayproxy.trusted.gw_rrjanani connection active: 9.42.153.229:15010

  • Make sure that the gateway proxies point to correct ip address, check the configuration XML file
  • Draw a picture of the configuration environment with the IP address and the ports as shown above. This will help to understand the configuration better
  • The firewall must allow the upstream gateway to initiate a socket connection to the downstream gateway so make sure that the port is open in the firewall configuration. Use “netstat –na” to check the listening and established session
    # netstat -na | grep 55555
    tcp4 0 0 192.168.102.6.55555 9.44.44.100.10013 ESTABLISHED
    tcp4 0 0 192.168.102.6.55555 *.* LISTEN

    # netstat -na | grep 55556
    tcp4 0 0 192.168.102.6.55556 192.35.232.55.55556 ESTABLISHED

  • If you are using a relay proxy, make sure that the local interface origination port is different from the remote port. Using the same port for both does not work
  • If the address and ports are translated using NAT server or firewall, make sure that use the translated address and the port in the <connection> tab of the configuration XML file
  • If the dynamic NAT is used, the dynamic NAT connections may require that inbound connection verification be removed. This is accomplished by removing the <connection> tag under the "listening" <bind>.
  • if the above suggestion does not help, set the below debug trace log for all the gateway proxies and the TEMS (if required) and send us the pdcollect from all the gateway proxy servers
    KDC_DEBUG=Y
    KDE_DEBUG=Y

[{"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"ITM Tivoli Enterprise Mgmt Server V6","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"All Editions","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
17 June 2018

UID

swg21470163