Problem with Relay installed on Server 2012R2

TimRice · September 11, 2015, 1:37pm

I have a problem that’s causing me to lose some of my hair (what I have left!).
I just [tried to] deployed two new Relays based on Microsoft Server 2012r2.

The basic Windows instance works fine.
I can install the BES Client service and it connects with the BES Server just fine.
I can send Actions to the new client.
Once I install the Relay Service the client stops reporting.

Looking in the BES Client logs I see the following …

   Error posting report to: 'http://127.0.0.1:52311/cgi-bin/bfenterprise/PostResults.exe' (General transport failure.
'http://127.0.0.1:52311/cgi-bin/bfenterprise/PostResults.exe' http failure code 500)
   GatherActionMV command received.  Version difference, gathering action site.``` 

If I open a web browser on one of the systems and visit the URL
```http://127.0.0.1:52311/cgi-bin/bfenterprise/clientregister.exe?requesttype=version```

I get the response...
```Error: no query parameters specified -- unknown request type```

If I ping 127.0.0.1 I get the expected response.  If however, I ping the host name I get the following ...
```Reply from ::1: time<1ms```
The frustrating thing is that the IPv6 protocol is DISABLED (unchecked) for the only NIC in this machine!  Why would I still get an IPv6 response to a self PING?  Could this be why the Relay isn't working correctly?

AlanM · September 11, 2015, 11:03pm

Loopback is unusual on Windows in that you can’t turn off IPV6 on it.

See: https://support.microsoft.com/en-us/kb/929852

Aram · September 12, 2015, 7:19pm

As a note, the clientregister plugin URL is case sensitive for the requesttype…try:

http://127.0.0.1:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=version

jgstew · September 12, 2015, 11:54pm

Is TCP port 52311 open on the windows firewall of the relay?

TimRice · September 13, 2015, 2:58am

Turned OFF the firewall via GPO and it still does it.

jmaple · September 14, 2015, 12:20pm

What version of BigFix are you using and does reinstalling the relay do anything?

TimRice · September 14, 2015, 12:41pm

We’re currently still on v9.0.876.

I have uninstalled and reinstalled the Relay several times, no change. If the Relay service is installed, the BES Client is unable to submit reports to http://127.0.0.1 due to “General Transport Failure”.

Of course, Murphy’s Law is in full effect, and this weekend my Server decided to take an unscheduled Holiday and is now not reachable via the Console (Error 18). Not even from the server itself. Interestingly, from what I can see in the BufferDir folder, clients are still checking in and being processed by FillDB, but no consoles can connect. I’ve opened a PMR so I hope to know what the root cause is, soon.

TimRice · September 14, 2015, 12:55pm

While waiting to hear from IBM, I just checked the “Relay Diagnostic” URL on the troublesome Relay and it’s functional, at least the page returns results, but the BES Client logs still indicate repeated General Transport Failure messages.

strawgate · September 14, 2015, 3:17pm

Is it a stock Windows Server VM or has there been any hardening done to it? Do you guys use any IPS or IDS software on your servers?

TimRice · September 14, 2015, 5:42pm

Stock Server 2012r2 on hardware (not VM).
The machine right next to it is working fine. One of my team mates is working with our networking group to ensure nothing was changed on the switch side of things. He suspects a network configuration change.

BTW: The server issue was resolved by resigning the security data on the server.

sbl · September 14, 2015, 5:45pm

Not that this helps your issue but I have recently rebuilt all of my relays on 2012 R2 Datacenter and they all work normally.

TimRice · September 24, 2015, 2:09pm

RESOLVED
We tracked this back to a faulty Network Switch in a stack.
The switch was still partly functional, but several of the ports were having trouble. When I moved the Relays to a different switch, they began to function normally.