Linux Access Gateway crashing when downloading large files

  • 3653675
  • 11-May-2007
  • 26-Apr-2012

Environment


Novell Access Management 3 Linux Access Gateway
Novell Access Manager Interim release 2 applied
Linux Access Gateway build 85 applied

Situation

Linux Access Gateway (LAG) setup to protect an IBM iNotes server. Authentication to an IDP server was required when accessing these iNotes protected resources. Periodically, the Linux Access Gateway would stop responding and the services would all be down. The only option was to do a 'pgrep ics_dyn', locate the processID and kill it with a 'kill -9 '. Once done, the proxy services could be restarted with /etc/init.d/novell-vmc restart.

Resolution

Apply the beta SP1 build of Access Manager.

The easiest way of determining what could have caused the issue was to run the debug logging on the LAG. Editing the /etc/laglogs and setting the proxy debug level to 7 (default 5), and then restarting the proxy services with /etc/init.d/novell-vmc restart will generate more verbose debugging info in the /var/log/ics_dyn.log file. From this file, we could see the following entries prior to the crash ...

In Urloverride::replaceContent, replacing
https://intranet.novell.com:443/iNotes/Forms5.nsf/h_ResourcesByName/trash.gif/$FILE/trash.gif?OpenElement&MaxExpires
with
/dmm-pitt.novell.com/iNotes/Forms5.nsf/h_ResourcesByName/trash.gif/$FILE/trash.gif?OpenElement&MaxExpires
---------------------------------
PROXY_AG:LargeDownload:0:Content Length Header written offset(16), len (11)
Source (99999999), sink (975785a4)
PROXY_AG:LargeDownload:0:Split number (0)
PROXY_AG:LargeDownload:0:Cached Web Item (975d71cc), request (984b4020)
PROXY_AG:LargeDownload:0:Not cached
PROXY_AG:LargeDownload:0:Split number (0)
PROXY_AG:LargeDownload:0:Cached Web Item (984acc4c), request (984b4020)
PROXY_AG:LargeDownload:0:Not cached
Source (99999999), sink (98543aa4)
PROXY_AG:LargeDownload:0:Start Fill
PROXY_AG:DataStream:0:Content received in sink DS (1448)
PROXY_AG:DataStream:0:Content received in sink DS (2896)
PROXY_AG:DataStream:0:Content received in sink DS (4344)
PROXY_AG:DataStream:0:Content received in sink DS (5860)
PROXY_AG:Rewriter0:Started Meta parse--------------


Using this info, we could determine that the issue was related to a large download and gave us the info we needed to dup the problem succesfully.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.