ACE VIP OK HTTP, NOK other TCP port
Hi,
we are having issues in configuring load balancing for a TCP port. For HTTP it's working without issues and we have the ACE also balancing for other TCP ports.
Here goes the relevant config:
probe http PROBE-HTTP
interval 5
passdetect interval 2
passdetect count 1
request method get url /idc/
expect status 200 200
probe tcp PROBE-TCP
port 4444
interval 5
passdetect interval 10
rserver host PRD1
ip address 10.10.10.1
inservice
rserver host PRD2
ip address 10.10.10.2
inservice
serverfarm host SF-HTTP
probe PROBE-HTTP
rserver PRD1 80
inservice
rserver PRD2 80
inservice
serverfarm host SF-TCP
probe PROBE-TCP
rserver PRD1 4444
inservice
rserver PRD2 4444
inservice
sticky ip-netmask 255.255.255.255 address source SC-IP-PRD-HTTP
timeout 10
serverfarm SF-HTTP
class-map match-all NAT-VIP-HTTP
2 match virtual-address 10.10.35.1 any
class-map match-all NAT-VIP-TCP
2 match virtual-address 10.10.35.1 tcp eq 4444
policy-map type loadbalance first-match LB-VIP-HTTP
class class-default
sticky-serverfarm SC-IP-PRD-HTTP
insert-http x-forward header-value "%is"
policy-map type loadbalance first-match LB-NAT-VIP-TCP
class class-default
serverfarm SF-TCP
policy-map multi-match POLICY-RSERVER-VIP
class NAT-VIP-TCP
loadbalance vip inservice
loadbalance policy LB-NAT-VIP-TCP
loadbalance vip icmp-reply active
nat dynamic 1 vlan 200
class NAT-VIP-HTTP
loadbalance vip inservice
loadbalance policy LB-VIP-HTTP
loadbalance vip icmp-reply active
nat dynamic 1 vlan 200
interface vlan 200
description SERVER-SIDE
ip address 10.10.14.2 255.255.255.0
alias 10.10.14.1 255.255.255.0
peer ip address 10.10.14.3 255.255.255.0
access-group input EVERYONE
nat-pool 1 10.10.4.6 10.10.4.6 netmask 255.255.255.255 pat
service-policy input AllowICMP
service-policy input POLICY-RSERVER-VIP
no shutdown
The probe are OK, but nothing seems to get to the VIP:
ACE/CTX# show probe PROBE-TCP
probe : PROBE-TCP
type : TCP
state : ACTIVE
port : 4444 address : 0.0.0.0 addr type : -
interval : 5 pass intvl : 10 pass count : 3
fail count: 3 recv timeout: 10
--------------------- probe results --------------------
probe association probed-address probes failed passed health
------------------- ---------------+----------+----------+----------+-------
serverfarm : SF-TCP
real : PRD1[4444]
10.10.10.1 8853 1 8852 SUCCESS
real : PRD2[4444]
10.10.10.2 8853 1 8852 SUCCESS
ACE/CTX# show serverfarm SF-TCP detail
serverfarm : SF-TCP, type: HOST
total rservers : 2
active rservers: 2
description : -
state : ACTIVE
predictor : ROUNDROBIN
failaction : -
back-inservice : 0
partial-threshold : 0
num times failover : 0
num times back inservice : 1
total conn-dropcount : 0
Probe(s) :
PROBE-TCP, type = TCP
----------connections-----------
real weight state current total failures
---+---------------------+------+------------+----------+----------+---------
rserver: PRD1
10.10.10.1:4444 8 OPERATIONAL 0 0 0
max-conns : - , out-of-rotation count : -
min-conns : -
conn-rate-limit : - , out-of-rotation count : -
bandwidth-rate-limit : - , out-of-rotation count : -
retcode out-of-rotation count : -
load value : 0
rserver: PRD2
10.10.10.2:4444 8 OPERATIONAL 0 0 0
max-conns : - , out-of-rotation count : -
min-conns : -
conn-rate-limit : - , out-of-rotation count : -
bandwidth-rate-limit : - , out-of-rotation count : -
retcode out-of-rotation count : -
load value : 0
ACE/CTX# show service-policy POLICY-RSERVER-VIP
Status : ACTIVE
Interface: vlan 1 200
service-policy: POLICY-RSERVER-VIP
class: NAT-VIP-TCP
nat:
nat dynamic 1 vlan 200
curr conns : 0 , hit count : 0
dropped conns : 0
client pkt count : 0 , client byte count: 0
server pkt count : 0 , server byte count: 0
conn-rate-limit : 0 , drop-count : 0
bandwidth-rate-limit : 0 , drop-count : 0
loadbalance:
L7 loadbalance policy: LB-NAT-VIP-TCP
VIP ICMP Reply : ENABLED-WHEN-ACTIVE
VIP State: INSERVICE
curr conns : 0 , hit count : 0
dropped conns : 0
client pkt count : 0 , client byte count: 0
server pkt count : 0 , server byte count: 0
conn-rate-limit : 0 , drop-count : 0
bandwidth-rate-limit : 0 , drop-count : 0
compression:
bytes_in : 0
bytes_out : 0
I see a lot of this messages in the logging of the ACE:
show logging | i 4444
22:02:52 : %ACE-6-302023: Teardown TCP connection 0x18b6 for vlan200:10.10.14.2/26768 to vlan200:10.10.10.2/4444 duration 0:00:00 bytes 1051 TCP FINs
22:02:55 : %ACE-6-302022: Built TCP connection 0x14dc for vlan200:10.10.14.2/30318 (10.10.10.1/30318) to vlan200:10.10.10.1/4444 (10.10.14.2/4444)
22:02:55 : %ACE-6-302023: Teardown TCP connection 0x14dc for vlan200:10.10.14.2/30318 to vlan200:10.10.10.1/4444 duration 0:00:00 bytes 1103 TCP FINs
22:02:57 : %ACE-6-302022: Built TCP connection 0xc6c for vlan200:10.10.14.2/26784 (10.10.10.2/26784) to vlan200:10.10.10.2/4444 (10.10.14.2/4444)
22:02:57 : %ACE-6-302023: Teardown TCP connection 0xc6c for vlan200:10.10.14.2/26784 to vlan200:10.10.10.2/4444 duration 0:00:00 bytes 1103 TCP FINs
22:03:02 : %ACE-6-302022: Built TCP connection 0x151a for vlan200:10.10.14.2/26800 (10.10.10.2/26800) to vlan200:10.10.10.2/4444 (10.10.14.2/4444)
show logging | i 4444
22:02:52 : %ACE-6-302023: Teardown TCP connection 0x18b6 for vlan200:10.10.14.2/26768 to vlan200:10.10.10.2/4444 duration 0:00:00 bytes 1051 TCP FINs
22:02:55 : %ACE-6-302022: Built TCP connection 0x14dc for vlan200:10.10.14.2/30318 (10.10.10.1/30318) to vlan200:10.10.10.1/4444 (10.10.14.2/4444)
22:02:55 : %ACE-6-302023: Teardown TCP connection 0x14dc for vlan200:10.10.14.2/30318 to vlan200:10.10.10.1/4444 duration 0:00:00 bytes 1103 TCP FINs
22:02:57 : %ACE-6-302022: Built TCP connection 0xc6c for vlan200:10.10.14.2/26784 (10.10.10.2/26784) to vlan200:10.10.10.2/4444 (10.10.14.2/4444)
22:02:57 : %ACE-6-302023: Teardown TCP connection 0xc6c for vlan200:10.10.14.2/26784 to vlan200:10.10.10.2/4444 duration 0:00:00 bytes 1103 TCP FINs
22:03:02 : %ACE-6-302022: Built TCP connection 0x151a for vlan200:10.10.14.2/26800 (10.10.10.2/26800) to vlan200:10.10.10.2/4444 (10.10.14.2/4444)
The client request it's going trough an ASA, in the ASA side I see that the TCP connection it' half-open with SAaB flags. It seems that the VIP never replies with SYN+ACK to the ASA...
Thank you.
Best regards
Hi Norberto,
The log messages you are getting are most probably the probe connections and not a failure, looking to them you will see your ACE is establishing TCP connection on 4444 then it will teardown the connection with FIN which is expected since you are using TCP keepalives.
I would recommend to go back and define the problem exactly, what are you exteriancing when you try to telnet on port 4444 toward the VIP from the client?
Run sniffing software on the client, the server and enable capture on ACE and ASA will give you exact idea what you are experiencing.
Note: The ASA and the ACE has great capture feature which will show you exactly the packet flows.
Note: Since you are applying NAT on the client requests, you should see the NATed IP address on the server capture.
Note: With L4 load balancing the ACE is not spoofing the clients' request, it just forward the SYN, SYN+ACK and ACK between the server and the client.
Let me know if you have any other questions.
Best regards,
Ahmad
Similar Messages
-
HTTP/HTTPS on the same ACE VIP - best practice
I currently have a VIP representing one server farm that contains two http servers:-
class-map match-all VIP-HTTP-xxxxx.co.uk
2 match virtual-address 10.79.18.10 tcp eq www
class-map match-all VIP-SSL-xxxxx.co.uk
2 match virtual-address 10.79.18.10 tcp eq https
I have port 80 and 443 open on the VIP and SSL termination performed on the ACE (both http servers are the same and configured for default load balancing behaviour - I've also specified port 80 for ACE to server traffic). Having 80 and 443 on the same VIP (meaning the site can be accessed via one NAT'd external IP) came from a request from the business so the site can have one domain.
The majority of the http server(s) web content is standard http but there is a specific sub-directory of interactive forms that requires https termination.
I have a couple of queries with regards to URL re-writes:-
1) Is the SSL URL re-write functionality limited to just the host part of the URL or can the ACE enforce https for specific sub-directories, i.e. can the ACE intercept and re-write a URL if a user tries to go to a particular https page/directory using http (by just deleting the s from the URL within their browser)? A possible example being:-
ssl url rewrite location "www\.cisco\.com\secure-forms"
2) Can the ACE re-direct users back to a standard http page if they try to 'secure' their session by changing http to https within their browser (basically the opposite of the above).
Basically as I have 80 and 443 on the same VIP I'm interested in the best practice methods of enforcing http and https content segregation using just the ACE (as opposed to having Apache doing the re-writes, etc).
Web services functionality (in terms of SSL and URL re-writes) has traditionally fallen within the domain of a dedicated web development team (who use Apache, Tomcat, etc.) but the introduction of the ACE as a load balancing appliance that is primarily managed by the networks team but with functionality that crosses traditional team boundaries has resulted in lots of questions from web development around what functionality can be moved from Apache, etc. and onto the ACE?
Any advice or personal experiences would be gratefully received.
Thanks
MatthewBack again!
Could someone possibly cast their eye over the following config?
The only bit I'm not sure on (syntactically and whether it can even be done on the ACE) is how to specify a DO NOT match regular expression, i.e. how to capture https URLs that do not match my secure pages so I can re-direct the request back to the normal http URL (class-map type http loadbalance Non-Secure_Pages). What I'd like to avoid is re-directing requests that don't need to be, i.e. re-directing all requests that don't match /secure back to http when the majority will be correctly going to a normal http URL :-
rserver host server1
description *** HTTP server 1 ***
ip address 10.100.194.2
inservice
rserver host server2
description *** HTTP server 2 ***
ip address 10.100.194.3
inservice
rserver redirect REDIRECT_TO_HTTPS
webhost-redirection https://www.website.co.uk/%p 302
inservice
rserver redirect REDIRECT_TO_HTTP
webhost-redirection http://www.website.co.uk/%p 302
inservice
class-map type http loadbalance Secure_Pages
match http url /secure.*
class-map type http loadbalance Non-Secure_Pages
*** DO NOT *** match http url /secure.*
class-map match-all VIP-HTTP-website.co.uk
2 match virtual-address 10.79.18.10 tcp eq www
class-map match-all VIP-SSL-website.co.uk
2 match virtual-address 10.79.18.10 tcp eq https
policy-map type loadbalance first-match VIP-LB-HTTP-website.co.uk
class Secure_Pages
serverfarm REDIRECT_TO_HTTPS
class class-default
serverfarm serverfarm-website.co.uk
policy-map type loadbalance first-match VIP-LB-SSL-website.co.uk
class Non-Secure_Pages
serverfarm REDIRECT_TO_HTTP
class class-default
serverfarm serverfarm-website.co.uk
serverfarm host serverfarm-website.co.uk
failaction purge
rserver server1 80
probe PING_SERVER
probe http-website.co.uk
inservice
rserver server2 80
probe PING_SERVER
probe http-website.co.uk
inservice
serverfarm redirect REDIRECT_TO_HTTPS
rserver REDIRECT_TO_HTTPS
inservice
serverfarm redirect REDIRECT_TO_HTTP
rserver REDIRECT_TO_HTTP
inservice
many thanks -
Http probe on non-standard tcp port 8021
I've configured http probe on standard port 80 with no issue. I'm now trying http probe on non-standard tcp port 8021, confirmed with packet capture to confirm that the CSM is indeed probing, status code 403 is returned but the reals are showing "probe failed". Am I missing something? Thank you in advance.
CSM v2.3(3)2
probe 8021 http
request method head
interval 2
retries 2
failed 4
port 8021
serverfarm TEST
nat server
no nat client
real 10.1.2.101
inservice
real 10.1.2.102
inservice
probe 8021
vserver TEST
virtual 10.1.2.100 tcp 8021
serverfarm TEST
replicate csrp connection
persistent rebalance
inservice
VIP and real status:
vserver type prot virtual vlan state conns
Q_MAS_8021 SLB TCP 10.1.2.100/32:8021 ALL OUTOFSERVICE 0
real server farm weight state conns/hits
10.1.2.101 TEST 8 PROBE_FAILED 0
10.1.2.102 TEST 8 PROBE_FAILED 0you need to specify what HTTP response code you expect.
The command is :
gdufour-cat6k-2(config-slb-probe-http)#expect status ?
<0-999> expected status - minimum value in a range
The default is to expect only 200.
This is why your 403 is not accepted.
Gilles. -
ACE Probe Config for Blue Coat Proxy TCP Port 74 NETRJS-4
We are running 4710's with A5(2.2). We use Blue Coat proxies for our internet connections, specifcally TCP port 74. So when we open up a browser connection to www.cisco.com, the HTTP GET is actually encapsulated in TCP port 74 netrjs-4. We want to load-balance these proxies with ACE and I'm trying to setup health probes, but the only ones that work are the tcp probes PROXY_BCC_PROBE and PROXY_PROBE. I'd like to have health probes that hit external websites, but I'm confused whether the "ip address" Probe sub command is all I need, and netrjs is simple encapsulation of the HTTP request (which is what it looks like on a sniffer). Does anyone have Blue Coat proxies/ACE working? If so, how are your probes configured?
Thanks,
probe tcp PROXY_BCC_PROBE
port 8084
interval 3
passdetect interval 3
probe http PROXY_HTTP1_PROBE
ip address 198.133.219.25
port 74
interval 3
passdetect interval 3
request method head url /index.html
expect status 200 299
probe http PROXY_HTTP2_PROBE
ip address 198.133.219.25
port 74
interval 3
request method get url /
expect status 200 299
probe tcp PROXY_PROBE
port 74
interval 3
passdetect interval 3Hi,
I have seen this working for one of the customer.
probe http HTTPGET
description Tests that www.gmail.com returns 302 redirect
interval 10
request method get url http://www.gmail.com
expect status 302 302
If I modify your probe :
probe http PROXY_HTTP1_PROBE
ip address 198.133.219.25
port 74
interval 3
passdetect interval 3
request method get url
http://www.gmail.com
expect status 302 302
Give it a try and see if that helps.
regards,
Ajay Kumar -
Good day everyone,
I have a question in regard to real server operation with different server farms, and VIPs
Can a Real Server be associated ( for simpliciy) with two different Server Farms that have a VIP associated with each, servicing the same TCP Port (443).
Example:
SF-A
RSRV-1: 192.168.1.10 /24
RSRV-2: 192.168.1.11 /24
VIP-A: 192.168.1.20 /24
VIP-A: https:web-A
Protocol: HTTPS
SF-B
RSRV-2: 192.168.1.11 /24
RSRV-3: 192.168.1.12 /24
VIP-B: 192.168.1.30 /24
VIP-b: https:web-B
Protocol: HTTPS
Client-A: 172.16.128.10
Client-B: 172.16.128.15
I have attached an sketch depicting the connectivity.
As always any feedback/Suggestions will be greatly apprecaited.
Cheers,
Raman AzizianRaman,
This type of config is no problem. What the server is doing is virtual web hosting. The server would have two different web services running for the same IP, but each listening for a unique host header.
From an IP point of view both connections would be destined to the rserver address on port 80, but in the http header they would have two different Host headers.
one for www.example1.com and the second for www.example2.com. If the web server is configured correct so each host name is tied to one web service it will not have any issues.
The config you attached looks ok. The way you have the sticky group is ok doing source IP. If you use cookies for the sticky group I would suggest you create two sticky groups each with a different cookie name and add the same serverfarm to both groups. The client will only send a cookie for the domain it received it from so using the same cookie in two vips could cause problems if the same client hits both vips.
Hope that helps
Regards
Jim -
CSS -Can TCP port number under the VIP be different to real server TCP Port
Client
TCPrt : 80 -----------------------------> CSS VIP to the actual server on TCP port 5555 --------------> Server
The requirement is that client will send a request to VIP on port 80 and VIP has to forward the request to server on a different port(TCP port 5555).Yes its possible.
Port command under service translates the destination port.
content whol_eiwebsit_80
add service srvr1
add service srvr2
vip address 128.1.1.1 <-- Vip
port 80 <-- Listening on port 80
protocol tcp
url "/*"
active
service srvr1
ip address 10.10.10.1
protocol tcp
port 5555 <-- will translate dest port
keepalive type tcp
keepalive port 5555
active
service srvr2
ip address 10.10.10.2
protocol tcp
port 5555
keepalive type tcp
keepalive port 5555
active
HTH
Syed Iftekhar Ahmed -
ACE session persitence "sticky" TCP port
Hey guys,
I trying to work up some configurations on the ACE for performing session persistence "sticky" on the ACE based on source TCP port. All flows are SSL based therefor, I thought the only option was SSL-ID but I've been running into querky behavior due to clients using IE7. Evidently there are several cases where IE7 causes the SSL-ID to be regenereated causing this weird behavior.
Anybody have example configs of the layer4-payload offset, length, etc. to perform sticky based on TCP source port?
Thanks in advance.
PaulSince source port is not part of the layer 4 payload you cannot use it for sticky. IE changing ssl id is a known problem (does it every 2 minutes).
So you are left with:
terminating SSL on the ace and using cookie sticky (you can always re-encrypt on back end if security demands it)
or
source IP sticky (practical only if clients are not behind a proxy device) -
Vip not responding on a specific port
Configured a vip to LB between 2 servers ,and also specified to balance urls ,and it is absolutely working on port 11090 ,and this all http traffic
http://10.12.12.34:11090 ( this vip is working)
serverfarm host vip-1
probe PROBE_TCP_11090
rserver s0adcmmapps1
inservice
rserver s0adcmmapps2
inservice
sticky ip-netmask 255.255.255.255 address source vip-1_STICKY
timeout 30
replicate sticky
serverfarm vip-1
class-map match-all vip-1_CLASS
2 match virtual-address 10.12.12.34 tcp any
class-map type http loadbalance match-any vip_CLASSURL
2 match http url /jmx-console/*
3 match http url /web-console/*
4 match http url /mediamanager/*
5 match http url /teams/*
6 match http url /teamswebservices/*
7 match http url /artesia-ws/*
8 match http url /artesia/*
9 match http url /brs/*
10 match http url /content/*
11 match http url /OTMedia/*
12 match http url .*
13 match http url /mediamanager
14 match http url /teams
policy-map type loadbalance first-match vip-1_POLICY
class vip_CLASSURL
sticky-serverfarm vip-1_STICKY
policy-map multimatch POLICY
class vip-1_CLASS
loadbalance vip inservice
loadbalance policy vip-1_POLICY
loadbalance vip icmp-reply active
nat dynamic 2 vlan 2
appl-parameter http advanced-options CASE_PARAM
interface vlan 2
ip address 10.12.13.217 255.255.252.0
peer ip address 10.12.13.216 255.255.252.0
mtu 1500
no normalization
no icmp-guard
access-group input ALL
nat-pool 2 10.12.12.34 10.12.12.34 netmask 255.255.255.255 pat
service-policy input remote_mgmt_allow_policy
service-policy input POLICY
no shutdown
The same servers ,but this need work on port 11443 and its all https traffic,this past is not working
serverfarm host vip-https,
probe PROBE_TCP_11443
rserver s0adcmmapps1
inservice
rserver s0adcmmapps2
inservice
sticky ip-netmask 255.255.255.255 address source vip-https_STICKY
timeout 30
replicate sticky
serverfarm vip-https
class-map match-all vip-https_CLASS
2 match virtual-address 10.12.12.34 tcp eq 11443
policy-map type loadbalance first-match vip-https_POLICY
class class-default
sticky-serverfarm vip-https_STICKY
policy-map multimatch POLICY
class vip-https_CLASS
loadbalance vip inservice
loadbalance policy vip-https_POLICY
loadbalance vip icmp-reply active
nat dynamic 2 vlan 2
interface vlan 2
ip address 10.12.13.217 255.255.252.0
peer ip address 10.12.13.216 255.255.252.0
mtu 1500
no normalization
no icmp-guard
access-group input ALL
nat-pool 2 10.12.12.34 10.12.12.34 netmask 255.255.255.255 pat
service-policy input remote_mgmt_allow_policy
service-policy input POLICY
no shutdown
Thi is not working as application team is trying to access https://10.12.12.34:11443 ,this not working
when they bypass the vip and access the servers directly https://10.12.12.160:11443 its working fine.Please advise on thisHi,
you can start with checking the status of serverfarm "vip-https" and also check the position of class map "vip-https_CLASS" in polic map "POLICY". Ideally it should be before the class map "vip_1-CLASS" as the later one is hitting port any, and earlier one is designated for TCP port 11443. So if position of class map matching VIP any is above the "VIP 11443", you will never get HIT on this VIP.
hope you got my point... -
ACS 5.5 SFTP repository non-standard TCP port
is it possible to change the TCP port in a SFTP repository from 22 to something different ?
like this is not working
repository sftp1
url sftp://10.10.0.8:22222/user1
user user1 password hash bc14bc179d2708cc31cbc22ee6a679cd22c095a1There is not much information inside the defect. We've been seeing different customer's experiencing this issue.
<B>Symptom:</B>
SFTP stops working after upgrading to ACS 5.5
<B>Conditions:</B>
once we upgrade to ACS 5.5
<B>Workaround:</B>
NA
Try this one, this should work
https://tools.cisco.com/bugsearch/bug/CSCum93359/?reffering_site=dumpcr
Regards,
Jatin
**Do rate helpful posts** -
Tomcat Servlet - TCP Port Already in Use?
My problem is that tomcat/servlet is not releasing its TCP port after my servlet closes the port. Next time a servlet tries to use the port it gets an error "Port already in use". Using netstat I can see the port is still in use. If I stop tomcat and restart it, the port is released. I have not had this sort of problem writing C programs that use sockets.
My setup is Fedora Core 6 with JDK1.5_14 and Tomcat 5.5.26. I know it's not the latest, but sockets and streams have been around for a long time.
Actual implementation uses a trivial javaserver page to instantiate a class to create/accept connection from a client (JApplet). After connection, it starts a thread to receive data. I am using ServerSocket(), InputStreamReader(), and OutputStreamWriter(). On ServerSocket I set ReuseAddress to true.
I have try/catch on all my I/O and use tomcat context log for error and OK messages. Data transfer is perfect. Detect close by client works. In the context log I see close of streams and ServerSocket occur with no exceptions. Then, I manually close the jsp window. No indication of any problems. If I use different port 2nd time (e.g. 50001) it all works perfect. If I use my default (50000) again, servlet gets an error during bind, "Port already in use".
2.5 years with Java. 5 years with Linux and C.
Please advise or referrwengr wrote:
My problem is that tomcat/servlet is not releasing its TCP port after my servlet closes the port. Next time a servlet tries to use the port it gets an error "Port already in use". Using netstat I can see the port is still in use. If I stop tomcat and restart it, the port is released. I have not had this sort of problem writing C programs that use sockets.Nice.... Not sure that matters though.
>
My setup is Fedora Core 6 with JDK1.5_14 and Tomcat 5.5.26. I know it's not the latest, but sockets and streams have been around for a long time.
Actual implementation uses a trivial javaserver page to instantiate a class to create/accept connection from a client (JApplet). Bleah! Don't use a JSP for that. Use a servlet at worst. At best use a Servlet to start some other socket manager class which you can/have tested outside the Servlet Container environment.
After connection, it starts a thread to receive data. I am using ServerSocket(), InputStreamReader(), and OutputStreamWriter(). On ServerSocket I set ReuseAddress to true.
I have try/catch on all my I/O and use tomcat context log for error and OK messages. Data transfer is perfect. Detect close by client works. In the context log I see close of streams and ServerSocket occur with no exceptions. Then, I manually close the jsp window. Closing the browser window has no affect on the server.
No indication of any problems. If I use different port 2nd time (e.g. 50001) it all works perfect. If I use my default (50000) again, servlet gets an error during bind, "Port already in use".
2.5 years with Java. 5 years with Linux and C.
Please advise or referShow some code. If you just want some generic advice it would be to close the port, as soon as you don't need it anymore. But you know that. Without any further code I think that is about all that can be said.
P.S. Make the code as small as possible, compilable, but still demonstrating the problem. Also see: [this tutorial as an example...|http://www.javaworld.com/javaworld/jw-12-1996/jw-12-sockets.html?page=1] -
Read data from serial port or TCP port of frontend PC
Hello Friends,
I have requirement to read data from device connected to frontend PC which will provide meter reading data.
Vendor has given me two option.
1. Device can be connected to seiral port and data transfer will be done through MODBUS RTU protocol.In that case data need to capture from serial port.
2. Device can be connected to TCP port and Socket program can be provided for data transfer. In that case SAP will act as client and communicate with TCP port.
There will be multiple workstation with individual meters connected to them.
I am aware of text file interfacing through front end tools using custom code using VB,JAVA or others.
Is there any solution availble to achieve above things using ABAP other than text file , like direct communication?
I am using ECC 6.0.Hello,
Socket programming in not available on ABAP, but you may use RFC for the same.
Use the below links for more details
[Link 1|http://help.sap.com/printdocu/core/print46c/en/data/pdf/BCFESDE2/BCFESDE2.pdf]
[Link 2|http://forums.sdn.sap.com/thread.jspa?threadID=1820233]
Regards,
Abhishek -
What TCP ports are used by Push notifications
I believe my Firewall is blocking Push Notifications on my iPod touch. So, I wanted to discover what the TCP Ports are that are used by Push so I could open those ports to pass packets (info) to my iPod.
See:
http://support.apple.com/kb/HT3576
"If you are still unable to receive notifications and you are using a Wi-Fi connection, verify that the network or firewall is not blocking access to port 5223." -
Single Web Dispatcher listening different TCP port
Dear experts,
I would like to post a question regarding Web dispatcher.
Our present environment has a Web dispatcher binding to single domain which is VeriSign Certified. We have received a requirement to support another CA for SSL authentication at Web Dispatcher since VeriSign is not their trusted partner. Hence, i am exploring the below possibilities.
1. Configure another port for SSL with same WD instance. Is this possible?
2. In case point 1 not possible, i will setup another WB instance to listen on differnt TCP port. In this case, is it possible to have two WD binding to single Message Server? The XI version is 7.0.
Appreciate your views and advices.
Thanks in advance.
Regards,
RaviThis guide will help you undrstand the senario, yes it is possible to have to ports in the kind of senario mentioned in the guide.
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60d6de2e-085b-2b10-7a8f-bc9ae1e0bba6
oher info is available at
https://websmp109.sap-ag.de/instguides netveaver->2004s->installation->webdispatcher install guide.
Warm regards,
Dey -
Unable to telnet on command prompt for udp port 514, but able to on cmd for tcp port 514
I am unable to telnet on command prompt for udp port 514. But when I use packet snifer or wireshark I am able to see traffic going to the targetted server from udp port 514. I thought it might be a firewall issue blocking the port from communicating. But
I figured out that windows firewall is disabled. I am able to make similar connections on the cmd for tcp port 514.
I did a netstat -an and see that udp:514 is enabled and listening on the server.
What am I missing here?Telnet actually supports TCP only. You might want to try another tool as suggested here: http://serverfault.com/questions/263032/how-to-connect-to-a-udp-port-command-line
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
Monitor a TCP port but alert only if timed out X times
Hello,
I need to build a moniotr that will probe a TCP port but alert only if timed out X times
I was looking at Microsoft.SystemCenter.SyntheticTransactions.TCPPortCheckProbe module but it doesn't have this options
Thanks,
MariusYou can check
http://www.ghacks.net/2010/05/25/tcp-port-monitor-port-alert/
for TCP Port Monitor Port Alert
Maybe you are looking for
-
MBP to an a/v receiver via dvi to hdmi cable, display not detected?
So as the title says, I'm trying to connect my MBP to a Sony str-dg510 a/v receiver in this order: MBP > Mini Displayport to dvi connector (http://store.apple.com/us/product/MB570Z/A?fnode=MTY1NDA5OQ&mco=MTA4ODk2OTE ) > dvi to hdmi cable (http://www.
-
I have a older MBP running 10.6.8 and after the recent iOS update I have not been able to sync my devices. I was able to sync an ipod, but not iphone or ipad. iTunes recognizes my devices, but sync button stays grayed. I've changed my USB hub, reinst
-
Delivery address of PO in third-party order processing
Dear sir, The delivery address in PR&PO of third-party order processing will auto take the 'Ship-to-party' from the SO, but in my company due to special process we want the delivery address default in 'Sold-to-party' of SO. Can someone tell me how t
-
How to get Retro for a period or how to know which month is having retro
Dear Freinds, I would like to know how can i know which month is having Retro . Iam reading from the FM cu_rgdir and further iam using PYXX_READ_PAYROLL_RESULT to get the payroll results. But when we see pc_payresult if we have for period
-
I am using MP4Converter to convert some music video from a DVD to put in iPod but video and audio doesn't sync. Anyone has the same problem?