Automatic Relay Select

I’m trying to configure a test endpoint to auto register/select a relay on the same network. The endpoint can ping the relay.

On the relay i set: _BESRelay_Selection_AutoSelectableRelay=1

On the endpoint the clientsettings.cfg file has __RelaySelect_Automatic=1

When i install the client on my test endpoint it immediately tries to register with the root bigfix server. What am i missing?

The client has to register with the root server initially to get the list of relays. Once it has the list it is then in a position to do its relay selection.

It does not need to register with the root server first if you configure a failover relay that is reachable.

When a client is first installed, it doesn’t yet have the list of relays, so automatic selection is impossible. Once automatic selection fails, it will try a failover relay first, then the root server as it appears in the masthead file.

We also provide a way to configure what relay or root appears in the masthead file so that you can make it something initial clients can reach

See my install_bigfix scripts for examples using the failover relay setting:

• https://github.com/jgstew/tools/blob/master/CMD/install_bigfix_universal.bat
• https://github.com/jgstew/tools/blob/master/bash/install_bigfix.sh
• https://github.com/jgstew/tools/blob/master/powershell/install_bigfix.ps1

@jgstew , thanks! Worked exactly as advertised. I have a follow up question/scenario.

I have 1000 remote locations
Each location has 1 local site relay
Each remote location can reach 2 top-level relays

My first thought was to use affiliation groups but then i believe that would mean i would have to create 1000 groups (1 with each local site relay in it, correct)? Is the better approach to simply configure each endpoint to use automatic relay selection with 2 failover servers (1 pointing to top-level relay#1 and 1 pointing to top-level relay#2). If so, when would affiliation groups come into play?

Thanks again

Ideally you could use Automatic Relay Selection with your two top-level relays in the FailoverRelayList.

With Automatic Selection, the clients will perform a series of ICMP ping requests to find the relay closest to them (in terms of network hops) and will choose the closet relay.

Where I usually use Affiliation Groups is to overcome exceptions where the relay that looks closer is not actually closer. By that I mean that something like a VPN tunnel makes a relay farther away appear to be closer, because the hop-count is hidden inside a VPN tunnel.

The other case for Affiliation Groups is to reduce the number of ICMP Ping requests that go out. When the client starts up and selects a relay, it will try to ping every relay in the deployment to find the closest one; but even in your case of thousands of sites, that ICMP traffic really shouldn’t amount to much.

If you did have to define thousands of relay affiliations though, I’d probably use the Location Property Wizard for that. The wizard let’s you paste rows out of a spreadsheet to define mappings between IP address range, or subnets, or any custom key/value pair into a client setting result.

Auto relay selection with the FailoverRelayList seems to do the trick in my setup. Thanks @JasonWalker, appreciate the help