Static route entries are not applied after the Linux Access Gateway is rebooted

  • 7007644
  • 24-Jan-2011
  • 26-Apr-2012

Environment

Novell Access Manager 3.1 SP2 IR3a
Novell Access Manager 3.1 SP2 IR3a Linux Access Gateway

Situation

Purpose

Insert new static route entries for the Linux Access Gateway (LAG) appliance using the Administration Console GUI

Symptoms

The newly inserted routes are effective only until the next LAG reboot; after the reboot only the default route is still effective. The only way to make the configured routes effective again, is to reapply the configuration from the nash shell, typing the following commands from the LAG console:

# nash
# config
# apply
# exit

Resolution

Using the Administration Console GUI to add extra static routes is the correct way of doing it, however a BUG in the code has been identified that prevents this configuration settings to be permanent.

This BUG has been fixed in Novell Access Manager 3.1 Service Pack 3.

A possible workaround that can be used to address this issue if the SP3 application is not possible, is to manually add the static routes commands to the "/etc/init.d/novell-vmc" script, this after that the routes have been inserted into the Admin Console GUI.

The commands should be added at the very end of the mentioned script, just before the last exit statement, should include the complete path to the route command and all the needed parameters to complete the static route configuration; here follows a sample:

/sbin/route add -net 172.16.35.0 netmask 255.255.255.0 gw 172.16.169.1 metric 1

Please refer to the "route" man page for further informations about the command syntax.


The described workaround will cause the "novell-vmc" script to apply the configured routes at every restart, including the system reboot. The only known side effect is that, whenever the"novell-vmc" script is restarted, for whatever reason, it will try to add the static routes again, causing an error to appear on the console as these are already present in the routing table. This error is cosmetic and doesn't prevent the restart of the service to complete.