Environment
Novell Access Manager 3.1 SP2 IR 3a (3.1.2.347)
Novell Access Manager 3.1.2.347 Linux Access Gateway Appliance (LAG)
Novell Access Manager 3.1.2.347 Linux Access Gateway Appliance (LAG)
Situation
Purpose:
Administrator need to make some configuration changes to the LAG that will require the service to be restarted when applied
Symptoms:
The changes are applied properly and without errors, however after the new configuration has been applied, some or all the back-end web servers are not reachable any more by the LAG.
The LAG status is yellow and clicking on it the following error is reported in the console:
Server may not be operational (Warning)
The HTTP Reverse Proxy service "<proxy service name>" might not be functioning properly. Some of the web servers being accelerated are unreachable xxx.xxx.xxx.xxx:port
This status will not clear by itself, however, if the LAG server is rebooted everything will start working properly again till the next configuration change will need to be applied, then the issue will come back.
Administrator need to make some configuration changes to the LAG that will require the service to be restarted when applied
Symptoms:
The changes are applied properly and without errors, however after the new configuration has been applied, some or all the back-end web servers are not reachable any more by the LAG.
The LAG status is yellow and clicking on it the following error is reported in the console:
Server may not be operational (Warning)
The HTTP Reverse Proxy service "<proxy service name>" might not be functioning properly. Some of the web servers being accelerated are unreachable xxx.xxx.xxx.xxx:port
This status will not clear by itself, however, if the LAG server is rebooted everything will start working properly again till the next configuration change will need to be applied, then the issue will come back.
Resolution
The LAG and the back-end web servers that gets unreachable are
located in different subnets.
Routing information to allow the LAG to reach those web servers were manually entered editing the file"/etc/sysconfig/network/routes", and not using the Admin Console.
At every change applied from the Admin Console, the new configuration, without the needed routing information, was pushed to the LAG, causing it to not be able any more to reach the back end web servers.
In order to fix the issue the manual entries added to"/etc/sysconfig/network/routes" needs to be removed and all the routing information needs to be entered using the Admin Console as per Novell Access Manager documentation.
Routing information to allow the LAG to reach those web servers were manually entered editing the file"/etc/sysconfig/network/routes", and not using the Admin Console.
At every change applied from the Admin Console, the new configuration, without the needed routing information, was pushed to the LAG, causing it to not be able any more to reach the back end web servers.
In order to fix the issue the manual entries added to"/etc/sysconfig/network/routes" needs to be removed and all the routing information needs to be entered using the Admin Console as per Novell Access Manager documentation.
Additional Information
PLEASE
NOTE:
What is explained above, and in the docs, is true for every Novell Access Manager version, however, a BUG has been identified in versions prior to 3.1.2 SP3 that might cause the routing information entered from the Admin Console to be lost when the LAG is rebooted.
Please refer to the KB 7007644 - "Static route entries are not applied after the Linux Access Gateway is rebooted" to obtain more information.
What is explained above, and in the docs, is true for every Novell Access Manager version, however, a BUG has been identified in versions prior to 3.1.2 SP3 that might cause the routing information entered from the Admin Console to be lost when the LAG is rebooted.
Please refer to the KB 7007644 - "Static route entries are not applied after the Linux Access Gateway is rebooted" to obtain more information.