Knowledge Partner
Knowledge Partner
392 views

slp DA not showing itself (?) in OES

OES 11 SP2 (yeah I know)

3 servers in the tree.

Server1 = 10.10.1.10
Server2 = 10.10.1.11
Server3 = 10.10.1.13

Server1 and Server3 are both openslpDA servers (Server1 is a DS Master, Server2 and Server3 have RW replicas of everything)

Server1 slp.conf (well end part anyway):

net.slp.useScopes = ACME_SLP_GLOBAL
net.slp.isDA = true
net.slp.isBroadcastOnly = false
net.slp.DAAddresses = 10.10.1.10,10.10.1.13
net.slp.MTU = 1450

net.slp.DASyncReg = true
net.slp.isDABackup = true
;net.slp.DABackupLocalReg = true
net.slp.DABackupInterval = 900



Server3 slp.conf (end part as well):

net.slp.useScopes = ACME_SLP_GLOBAL
net.slp.isDA = true
net.slp.isBroadcastOnly = false
net.slp.DAAddresses = 10.10.1.13,10.10.1.10
net.slp.MTU = 1450
net.slp.interfaces = 10.10.1.13

net.slp.DASyncReg = true
net.slp.isDABackup = true
net.slp.DABackupInterval = 900


Server3 was rebooted 2 weeks ago.

All three servers show the same output from:
slptool findsrvs service:bindery.novell:

service:bindery.novell:///Server2,2835
service:bindery.novell:///Server1,810


Server3 is missing.

OES Client on pc's also only show two "bindery" servers:
Server1
and
Server2

Server3 is missing

I tried using TID https://support.microfocus.com/kb/doc.php?id=7001449

But nothing seems to jive/work.

Any ideas as to why this one server refuses to show up as a bindery server?
We're randomly getting "tree or server not found" which I think may be this one server (would have to find a hub to try to do a packet capture to see what's going on from the workstation perspective).

Restarting slpda has no effect.
Labels (2)
0 Likes
15 Replies
Anonymous_User Absent Member.
Absent Member.

Re: slp DA not showing itself (?) in OES

On 06.06.2019 16:34, kjhurni wrote:

Kevin...

> net.slp.interfaces = 134.179.251.28


???

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

Massimo Rosen;2500630 wrote:
On 06.06.2019 16:34, kjhurni wrote:

Kevin...

> net.slp.interfaces = 134.179.251.28


???

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de


Yeah, was trying to change IP's and missed one.

Sigh
This is why I should've posted in the private forums but then everyone wants it posted publicly.

Fixed the original post. Basically that = Server3
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: slp DA not showing itself (?) in OES

On 06.06.2019 17:06, kjhurni wrote:
>
> Massimo Rosen;2500630 Wrote:
>> On 06.06.2019 16:34, kjhurni wrote:
>>
>> Kevin...
>>
>>> net.slp.interfaces = 134.179.251.28

>>
>> ???
>>
>> CU,
>> --
>> Massimo Rosen
>> Micro Focus Knowledge Partner
>> No emails please!
>> http://www.cfc-it.de

>
> Yeah, was trying to change IP's and missed one.
>
> Sigh
> This is why I should've posted in the private forums but then everyone
> wants it posted publicly.
>
> Fixed the original post. Basically that = Server3
>
>

Ic.

I would remove it nonetheless, aka the whole line. Why is it there? Same
goes for the MTU line.

Also note, that the fact that Server3 is da (or not) is totally
irrelevant for it's registration of eDirectory with SLP. That you don't
see it in bindery.novell is either a problem of the local eDir instance
failing to (re)registering itself with any of the configured DAs, or a
completely malfucntioning local SLP stack.

Do you see any other service of server3 in all the SLP services? Say
smdr.novell or something?

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

To get a real view of what an given DA knows about use something like
slptool unicastfindsrvs xx.xx.xx.xx service:bindery.novell
with the X-rays being the DA's ip address (DNS does not work).
If there's only one address bound on Server3 leave out the
net.slp.interfaces
statement. Leave the MTU at 1400 unless there's a really valid reason for something else. And please check the
n4u.nds.advertise-life-time=
setting with ndsconfig get.
ndsd registers bindery.novell and ndap.novell at loadtime and after the given interval.
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

Massimo Rosen;2500632 wrote:
On 06.06.2019 17:06, kjhurni wrote:
>
> Massimo Rosen;2500630 Wrote:
>> On 06.06.2019 16:34, kjhurni wrote:
>>
>> Kevin...
>>
>>> net.slp.interfaces = 134.179.251.28

>>
>> ???
>>
>> CU,
>> --
>> Massimo Rosen
>> Micro Focus Knowledge Partner
>> No emails please!
>> http://www.cfc-it.de

>
> Yeah, was trying to change IP's and missed one.
>
> Sigh
> This is why I should've posted in the private forums but then everyone
> wants it posted publicly.
>
> Fixed the original post. Basically that = Server3
>
>

Ic.

I would remove it nonetheless, aka the whole line. Why is it there? Same
goes for the MTU line.

Also note, that the fact that Server3 is da (or not) is totally
irrelevant for it's registration of eDirectory with SLP. That you don't
see it in bindery.novell is either a problem of the local eDir instance
failing to (re)registering itself with any of the configured DAs, or a
completely malfucntioning local SLP stack.

Do you see any other service of server3 in all the SLP services? Say
smdr.novell or something?

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de


Ah, so you jogged my memory.

The Server1 and Server3 have two NIC
But multiple IP's (two actually) one for each NIC.

One IP is used STRICTLY for LDAP behind a hardware load balancer, so that's why we restricted the SLP/NCP traffic to the one IP, because we found that the server would reply from the "LDAP" NIC but the load balancer would toss the traffic, thus resulting in errors from the client-side.

Now that I've remembered that, ironically Server1 doesn't have the restriction line, so possibly that's where the tree or server not found it coming from?

Server3 is supposed to be a DA (ha)

I'm not seeing smdr.novell for Server3
But I see like:
service:ntp
service:ldap
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

mathiasbraun;2500633 wrote:
To get a real view of what an given DA knows about use something like
slptool unicastfindsrvs xx.xx.xx.xx service:bindery.novell
with the X-rays being the DA's ip address (DNS does not work).
If there's only one address bound on Server3 leave out the
net.slp.interfaces
statement. Leave the MTU at 1400 unless there's a really valid reason for something else. And please check the
n4u.nds.advertise-life-time=
setting with ndsconfig get.
ndsd registers bindery.novell and ndap.novell at loadtime and after the given interval.


thanks.
the unicastfindsrvs shows all 3 servers.
I set the lifetime to 600 (10 min) from the default of 3600 (via ndsconfig get) and reloaded slpda, but that didnt' seem to actually take/kick in.
iManager still showed 0:13:something for the "waiting" which would imply it did not read/take the 10 minutes setting.

Even if it was the hour, the server should've shown itself in the bindery since it was restarted 2 weeks ago.

I think the MTU was 1450 for some networking reason (but can't remember). Will have to try to dig up some old notes.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: slp DA not showing itself (?) in OES

Kevin,

On 06.06.2019 18:06, kjhurni wrote:
> the unicastfindsrvs shows all 3 servers.


Using which IP? WHat is the result for each of the three servers?

> I set the lifetime to 600 (10 min) from the default of 3600 (via
> ndsconfig get) and reloaded slpda, but that didnt' seem to actually
> take/kick in.


No, as it's a setting for NDSD, not for SLPDA. To have it take, you need
to restart ndsd of course. But it's really not that important, the
default is ok these days.


CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

If "unicastfindsrvs", pointing TO both DAs from ANY box, shows all servers, then all registrations seem to be ok. You might want to verify the
/etc/slp.reg.d/slpd/DABackup
file.
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

Massimo Rosen;2500664 wrote:
Kevin,

On 06.06.2019 18:06, kjhurni wrote:
> the unicastfindsrvs shows all 3 servers.


Using which IP? WHat is the result for each of the three servers?

> I set the lifetime to 600 (10 min) from the default of 3600 (via
> ndsconfig get) and reloaded slpda, but that didnt' seem to actually
> take/kick in.


No, as it's a setting for NDSD, not for SLPDA. To have it take, you need
to restart ndsd of course. But it's really not that important, the
default is ok these days.


CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de


Ah, good question.
Server1 and Server3 are DA's.

Server1:

Pointing to Server3 NCP IP interface:
see's the other two servers (Server2 and Server3) via unicast but doesn't see itself (not sure if that's normal)

Pointing to Server3 "LDAP" interface:
sees nothing


Server2:
Pointing to Server3 NCP interface:
sees Server2 and Server3 (but not Server1)

Pointing to Server3 LDAP interface:
sees nothing

Pointing to Server1 NCP interface:
sees Server2 and Server3

Pointing to Server1 "LDAP" interface:
sees Server2 and Server3 (apparently I forgot to restrict Server1 on the other interface a while back)


Server3:

Pointing to Server1 NCP interface:
sees Server1, Server2 and Server3

Pointing to Server1 LDAP interface:
sees Server1, Server2 and Server3
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

mathiasbraun;2500670 wrote:
If "unicastfindsrvs", pointing TO both DAs from ANY box, shows all servers, then all registrations seem to be ok. You might want to verify the
/etc/slp.reg.d/slpd/DABackup
file.


Interestingly enough only ONE server exhibits this behavior:
Server3
pointing to itself, and the other DA it sees all 3 servers.

The other two:
nope. they only see 2 servers if they point to the others.
Which is very very odd, IMO.

The two DA's have the DABackup file, with the same date/timestamp and the file contents are the same.

WTH?
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

How ist
net.slp.DABackupLocalReg
set on s1 and s3?
What do you get on s1 and s3 on unicasting to themselves? And do you have bindery entries for all three boxes in the backup file?
And please report the settings for
HWCLOCK and SYSTOHC in /etc/sysconfig/clock along with
NTPD_FORCE_SYNC_ON_STARTUP and NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP from /etc/sysconfig/ntp
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

mathiasbraun;2500687 wrote:
How ist
net.slp.DABackupLocalReg
set on s1 and s3?
What do you get on s1 and s3 on unicasting to themselves? And do you have bindery entries for all three boxes in the backup file?
And please report the settings for
HWCLOCK and SYSTOHC in /etc/sysconfig/clock along with
NTPD_FORCE_SYNC_ON_STARTUP and NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP from /etc/sysconfig/ntp


If I'm reading the slp.conf file correctly:

the:
net.slp.DABackupLocalReg is not set (there's no line item mentioning that that's not commented out) so I think it defaults to:
false?

Server1:
Querying it's NCP IP:
Sees all 3 servers

Querying it's "LDAP" IP:
Sees all 3 servers


Server3:
querying it's NCP IP:
see's all 3 servers

Querying it's LDAP IP:
see's nothing (which makes sense since that server is restricted to just the NCP IP)


Server1 DABackup file:
only contains Server2 and Server3 bindery.novell entries

Server3 DABackup file:
only contains Server2 and Server1 bindery.novell entries



Server1:
HWCLOCK="-u"
SYSTOHC="yes"
NTPD_FORCE_SYNC_ON_STARTUP="no"
NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP="no"


Server3:
HWCLOCK="-u"
SYSTOHC="yes"
NTPD_FORCE_SYNC_ON_STARTUP="no"
NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP="no"
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

Neglecting the chance that you just might be a victim of buggy code (shall read: even buggier than openSLP stuff is by design), there has been (and still is) a "special" behaviour where, if ndsd initializes at a time where the system's time offset is not accurate yet, nsds skips every second advertising cycle. This causes bouncing of missing registrations which in turn is pretty hard to troubleshoot. You might want to do the following (if you don't care to bounce boxes):
- on ALL servers set
HWCLOCK="-u"
SYSTOHC="yes"
NTPD_FORCE_SYNC_ON_STARTUP="yes"
NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP="yes"
net.slp.DABackupLocalReg = true
in their respective files
- check for accurate ntp server and timezone configuration
- bounce each box, one by one, enter BIOS and triplecheck the BIOS clock is set to UTC

Before you boot, you might want to edit /etc/logrotate.d/openslp-server to rotate at a size bigger than the default of 1MB as, due to this daemon's very nature, logrotate has to silently restart it in order to start a new logfile. If you have incomplete DABackup files you'll at best have to wait 'til eDir advertises again. Even better: if let's say s1 starts without info about itself (DABackupLocalReg....) and the same applies to s3 AND they're both configured to "sync" each other on startup this doesn't necessarily lead to a cumulative result, but can (at least could on old code) rise a situation where s1 doesn't know about itself, wipes its knowledge about s3 (as s3 doesn't know about ITself) a.s.o...

And, just in case it's been overseen (as it's different from the XP client behaviour):
if a Vista (or higher) client has a static IP address, it also needs static SLP configuration (DAs and Scope). If it is configured for DHCP it also needs SLP info handed out via DHCP. I'm pretty sure this still applies, which might be a problem as in the good old times it's been pretty common to roll out static SLP info with a NW client install to a otherwise DHCP bound box.
0 Likes
Knowledge Partner
Knowledge Partner

Re: slp DA not showing itself (?) in OES

mathiasbraun;2500704 wrote:
Neglecting the chance that you just might be a victim of buggy code (shall read: even buggier than openSLP stuff is by design), there has been (and still is) a "special" behaviour where, if ndsd initializes at a time where the system's time offset is not accurate yet, nsds skips every second advertising cycle. This causes bouncing of missing registrations which in turn is pretty hard to troubleshoot. You might want to do the following (if you don't care to bounce boxes):
- on ALL servers set
HWCLOCK="-u"
SYSTOHC="yes"
NTPD_FORCE_SYNC_ON_STARTUP="yes"
NTPD_FORCE_SYNC_HWCLOCK_ON_STARTUP="yes"
net.slp.DABackupLocalReg = true
in their respective files
- check for accurate ntp server and timezone configuration
- bounce each box, one by one, enter BIOS and triplecheck the BIOS clock is set to UTC

Before you boot, you might want to edit /etc/logrotate.d/openslp-server to rotate at a size bigger than the default of 1MB as, due to this daemon's very nature, logrotate has to silently restart it in order to start a new logfile. If you have incomplete DABackup files you'll at best have to wait 'til eDir advertises again. Even better: if let's say s1 starts without info about itself (DABackupLocalReg....) and the same applies to s3 AND they're both configured to "sync" each other on startup this doesn't necessarily lead to a cumulative result, but can (at least could on old code) rise a situation where s1 doesn't know about itself, wipes its knowledge about s3 (as s3 doesn't know about ITself) a.s.o...

And, just in case it's been overseen (as it's different from the XP client behaviour):
if a Vista (or higher) client has a static IP address, it also needs static SLP configuration (DAs and Scope). If it is configured for DHCP it also needs SLP info handed out via DHCP. I'm pretty sure this still applies, which might be a problem as in the good old times it's been pretty common to roll out static SLP info with a NW client install to a otherwise DHCP bound box.


Thanks for the info/suggestions.

I'm leaving on vacation tomorrow, so I'll probably try this when I get back. The servers are in VMware, if it matters, pointing to external NTP servers (not sure where they are to be honest, they're managed by a diff. group), but it'll be a good question to ask (wouldn't surprise me if the geniuses around here have the NTP servers in another VM guest somewhere--ha!)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.