My issue is new installed Clients with Relay found disconnect from Top Level Relay, and only look for Main server after connecting to Top Level Relay for some hours/mins.
My architecture setting is, Main Server can only be reached by Top Level Relay, the other Relays and Clients can only reach Top Level Relays. So when Relays start to look for Main Server it will get fail
At 20:54:59 +0800 -
[ThreadTime:20:54:45] ShutdownListener
[ThreadTime:20:54:45] SetupListener success: IPV4/6
At 20:58:41 +0800 -
ActiveDirectory: Refreshed Computer Information - Domain: (N/A)
At 22:34:35 +0800 -
Error posting report to: âhttp://127.0.0.1:52311/cgi-bin/bfenterprise/PostResults.exeâ (General transport failure.
SOCKET CONNECT (winsock error 4294967288)
At 23:06:37 +0800 -
Error posting report to: âhttp://127.0.0.1:52311/cgi-bin/bfenterprise/PostResults.exeâ (General transport failure.
SOCKET CONNECT (winsock error 4294967288)
At 23:06:38 +0800 -
Beginning Relay Select
At 23:06:40 +0800 -
GetRelayInfo: checking 'http://127.0.0.1:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=Versionâ
GetRelayInfo: GetURL failed
Unrestricted mode
Configuring listener without wake-on-lan
At 23:06:44 +0800 -
[ThreadTime:23:06:40] ShutdownListener
[ThreadTime:23:06:40] SetupListener success: IPV4/6
RegisterOnce: Attempting secure registration with 'https://ROOT_FQDN:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=9.5.6.63&Body=15428630&SequenceNumber=45419&MinRelayVersion=7.1.1.0&CanHandleMVPings=1&Root=http://ROOT_FQDN%3a52311&AdapterInfo=50-9a-4c-0b-03-7a_10.71.72.64%2f26_10.71.72.66_0&AdapterIpv6=50-9a-4c-0b-03-7a%5efe80%3a%3ac0ac%3a7f00%3ae928%3ab151%2f64_0â
At 23:06:45 +0800 -
RegisterOnce: GetURL failed - General transport failure. - BAD SERVERNAME (winsock error 4294967290 - registration url - http://ROOT_FQDN:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=9.5.6.63&Body=15428630&SequenceNumber=45419&MinRelayVersion=7.1.1.0&CanHandleMVPings=1&Root=http://ROOT_FQDN%3a52311&AdapterInfo=50-9a-4c-0b-03-7a_10.71.72.64%2f26_10.71.72.66_0&AdapterIpv6=50-9a-4c-0b-03-7a%5efe80%3a%3ac0ac%3a7f00%3ae928%3ab151%2f64_0
The Relay will be online for some period again if the pc/relay service has restart, but soon they will go offline. Please advise what needed to be done to make these Relay stay online, or any doc i can look into?
Hi Jason,
thanks for the info, actually the relay setting of the relays (lower) are using âmanualâ, but it keeps failing to connect after some period of time.
Hi Jason,
The Relay setting set in âManualâ for these Relays, can you please help explain why it would shutdown the service and look for main server??
hi Jason,
The situation is not improving after add configure FailoverRelayList, I input the FailoverRelayList setting of the Client go for the same Top Level Relay as there should be no disconnection (on network) to the Server.
Primary and Secondary relay Configuration. As relays should be configured with Manual relay selection.
Failover Relay settings.
Check If MaxChildCount is set on TLR, and TLR is not reaching that number. If TLR is reaching MaxChildCount value then it will reject any new connections coming in.
Telnet to TLRs at port 52311 to check there is no issue with port connectivity.
Ping test to TLRs to identify if there is any packet loss.
Traceroute to TLR to identify if connectivity is dropping somewhere in between.
If above all is absolutely fine and still Client Relays are trying to contact Main server, Enable Debug mode with the value 10000, to identify if you can find any error registering with the relay.
If you donât find any issues in above checks, better to use Wireshark to see if there is any instability in network connectivity to TLRs.
If none of the above gives any results, as Suggested by Jason, I would open a PMR. but one of the above checks should give you where the problem is.
MaxChildCount setting is empty, as nobody knows the setting
telnet is success with the port 52311
TLR is configured not pingable
tracert got stopped one level before reaching the TLR, will it cause problem??
not sure where to enable debug mode, is the configure per every TLR as some of the TLR connecting a thousand endpoints? will it cause impact to client or just server/TLR??
a bit hard to use for Wireshark as i m no network expert, any example u can provide so i can just copy to my env?
Yes, blocking icmp pings to the top-level relays can prevent child relays from selecting them (even with the child relays configured for manual relay select).
In this case, you should add the FailoverRelayList client setting, configured on the child relays, with values directing them to your top-level relays.
The client (including child relays) first attempt to âpingâ potential parent relays to determine which are available. If none respond to ping requests, the client (or child relay) would attempt to contact the BES Root Server defined in the masthead (even without ping response). Defining the FailoverRelay or FailoverRelayList client setting overrides that behavior and the client/child relay will contact the relay(s) listed in this setting instead of connecting to the root server.
Hi Jason,
thanks for the info, so can I take your advise this way: if the TLR is set to pingable again, it might improve the client (& lower relay) disconnection issue?
For initial registration, youâd still need a FailoverRelay set, or RelayServer1 / RelayServer2 at installation time (before the client has obtained the relay list). After initial registration, allowing icmp or setting FailoverRelayList should maintain relay select capability.
Hi Jason,
My colleagues have it tested, event the TLR is pingable and tracert they still easily go offline, further i looked into one of the disconnected relay client relay logfile in Program Files\BigFix Enterprise\BES Relay\ i found a lot âNo buffer spaceâ, is that the cause of the issue also? and how to tune up the buffer space??
**10.82.29.115 is the TLR at below log
Sat, 26 May 2018 22:44:58 +0800 - PeriodicTasks (1896) - GetExpectedVersionOfParent Error: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Sat, 26 May 2018 22:44:58 +0800 - PeriodicTasks (1896) - Error running task UpdateAndSendRelayStatus: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Sat, 26 May 2018 22:46:43 +0800 - /cgi-bin/bfenterprise/clientregister.exe (16492) - Uncaught exception in plugin ClientRegister with client 10.70.70.3: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Sat, 26 May 2018 22:47:20 +0800 - /cgi-bin/bfenterprise/clientregister.exe (11948) - Uncaught exception in plugin ClientRegister with client 10.70.70.3: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Sat, 26 May 2018 22:47:25 +0800 - /cgi-bin/bfenterprise/clientregister.exe (16444) - Uncaught exception in plugin ClientRegister with client 10.70.70.3: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Sat, 26 May 2018 22:48:10 +0800 - /cgi-bin/bfenterprise/clientregister.exe (13452) - Uncaught exception in plugin ClientRegister with client 10.70.70.3: HTTP Error 7: Couldnât connect to server: Failed to connect to 10.82.29.115: No buffer space
Is the top level relay itself doing ok? Do you have a PMR open (youâll probably need one).
If your top level relay is healthy and not giving error messages, I expect there may be something wrong in your network path or the network configuration on your child relay. Are you doing anything to restrict tcp/ip sockets (like defining a small ephemeral port range)?
Hi Jason,
i asked my reseller but they didnt provide me any channel to IBM Bigfix, how to submit a PMR actually can you give me some info?
i guess my TLR health are ok as not all 6 will go wrong at the same time right? I dont know if my network colleagues restrict anything as i am no expert to network also, can you suggest any command i can try to see the current setting?
Youâll need an IBM ID to log in and support PMRs (which I think have been renamed to TS now to be more confusing).
If you donât have an IBM ID, you should be able to create one and register for support using your customer number or agreement number. If you donât have those and your reseller is defunct or uncooperative the IBM licensing folks should be able to retrieve your customer number given the serial number in your masthead file.
Let us know your current standing so we can determine where best to direct you