[Spacewalk-list] OSAD Problem with client/proxy

Jeremy Davis jdavis4102 at gmail.com
Thu Sep 29 22:58:48 UTC 2011 

Hello Greg,

In my situation I have a proxy server that is in a location that is not
connected to our main DNS servers (in a separated network/environment). I
had to update the DNS in that location to reflect the A record I have
configured for my application server that is in a different network. Once I
updated this information osad started working. I did have to restart the
services on the proxy and client (remove the osad-auth.conf when you restart
osad) to get it working. Adding a host entry to the proxy server for the
application server didn't work it had to be an A record (seems to be SSL
verification that was the cause). When I added this configuration the jabber
logs showed the following which was different to what it was seeing during
when it wasn't working.

Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: <hostname application
server removed for security> lookup for <hostname application server removed
for security> returned 1 result (ttl 86400)
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [8] [<IP of app server
removed for security>, port=5269] outgoing connection for '<hostname
application server removed for security>'
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [8] [<IP of app server
removed for security>, port=5269] sending dialback auth request for route
'<hostname proxy server removed for security>/<hostname application server
removed for security>'
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [9] [<IP of app server
removed for security>, port=42619] incoming connection
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [9] [<IP of app server
removed for security>, port=42619] incoming stream online (id )
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [9] [<IP of app server
removed for security>, port=42619] received dialback auth request for route
'<hostname proxy server removed for security>/<hostname application server
removed for security>'
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [9] [<IP of app server
removed for security>, port=42619] incoming route '<hostname proxy server
removed for security>/<hostname application server removed for security>' is
now valid
Sep 29 10:59:23 p1plswpxyars01 jabberd/s2s[11641]: [9] [<IP of app server
removed for security>, port=42619] checking dialback verification from
<hostname application server removed for security>: sending valid
Sep 29 10:59:24 p1plswpxyars01 jabberd/s2s[11641]: [8] [<IP of app server
removed for security>, port=5269] outgoing route '<hostname proxy server
removed for security>/<hostname application server removed for security>' is
now valid


2011/9/29 Wojtak, Greg <GregWojtak at quickenloans.com>

> It looks like I am getting a similar problem (now that I know what to look
> for in the logs):
>
> grep dns /var/log/messages
> Sep 29 15:05:39 spacewalk jabberd/s2s[20819]: dns lookup for
> spacewalk-proxy failed
>
> I modified my resolv.conf's search option to include the domain that
> spacewalk-proxy is in and am able to resolve the shortname from command line
> with host or nslookup.  I am still getting this error.
>
> I noticed in the jabberd documentation that there is a reference to
> /usr/bin/resolver and /etc/jabberd/resolver.xml.  I don't have either of
> these files, nor does a yum provides /usr/bin/resolver return anything.  Is
> this supposed to be there?  I have the following line in my s2s.xml:
>
> <resolver>resolver</resolver>
>
> Should that be changed to something else?
>
> Thanks!
>
> Greg
>
> From: Jeremy Davis <jdavis4102 at gmail.com<mailto:jdavis4102 at gmail.com>>
> Reply-To: <spacewalk-list at redhat.com<mailto:spacewalk-list at redhat.com>>
> Date: Thu, 29 Sep 2011 12:14:14 -0600
> To: <spacewalk-list at redhat.com<mailto:spacewalk-list at redhat.com>>
> Subject: Re: [Spacewalk-list] OSAD Problem with client/proxy
>
> Hello List/Mirek,
>
> Determined the solution to the issue I was having with that proxy server.
> It turns out it was a DNS issue. Updated DNS and everything is working as it
> should. Thank you for your help.
>
> On Fri, Sep 23, 2011 at 9:18 AM, Jeremy Davis <jdavis4102 at gmail.com
> <mailto:jdavis4102 at gmail.com>> wrote:
> I am able to get to the ports on the proxy from the client. I performed a
> tcpdump and the communication seems to be going just fine. No errors in
> /var/log/messages where the jabber logs are being sent. It appears to be
> working as it should but in the web ui it doesn't show online and the client
> will not pick up instant actions. I also performed an rhn_check -vv and no
> errors were displayed. Everything looks normal by what I can see but still
> have this issue.
>
>
> 2011/9/23 Miroslav Suchý <msuchy at redhat.com<mailto:msuchy at redhat.com>>
> On 09/22/2011 06:46 PM, Jeremy Davis wrote:
> > Hello Mirek,
> >
> > Thank you for the reply. An rhn_check works fine. I do not see any
> > issues there. Actions get picked up within an hour as set for the rhnsd
> > service. It seems the issue is with the osad service. I turned up debug
> > and restart the osad service and I see no errors. I see that it tries to
> > register and actually does register as I see the registration on the
> > proxy server. Now when I look in Spacewalk the osa status shows offline
> > even after a ping. This is only happening on one proxy server ( I have
> > about 14 proxy servers). All other proxy servers appear to be working
> > fine. Any idea as to what could be the problem? I can also provide any
> > logs that you may want to look at.
>
> Osad is not working. Can you telnet to jabberd port from that proxy. Is
> that anything related in jabberd and osa/osad logs?
>
>
> --
> Miroslav Suchy
> Red Hat Satellite Engineering
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com<mailto:Spacewalk-list at redhat.com>
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
>
>
> --
> Kind regards,
> Jeremy Davis, GCIH
>
>
>
> --
> Kind regards,
> Jeremy Davis, GCIH
> _______________________________________________ Spacewalk-list mailing list
> Spacewalk-list at redhat.com<mailto:Spacewalk-list at redhat.com>
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>



-- 
Kind regards,
Jeremy Davis, GCIH
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20110929/b309c453/attachment.htm>

More information about the Spacewalk-list mailing list